From The Sip Trunking Experts

[May 06, 2006]

Hundreds of drivers caught out by GBP1m chip-and-PIN sting

(Daily Mail Via Thomson Dialog NewsEdge)CRIMINALS have stolen more than GBP1million after copying the credit and debit card details of hundreds of petrol station customers.

The fraud, which affects outlets across the country, highlights serious flaws in the chip-and-PIN payment system which is meant to offer more protection against crime and theft.

Gangs are understood to have targeted petrol stations operated by Shell, BP and other well-known chains to steal card details.

Last night, Shell suspended the chip-and-PIN system in all 600 of its company- owned petrol stations.

The company said drastic action was necessary to protect customers from the possibility of fraud.

Conservative estimates suggest the criminals have cloned more than 1,000 debit and credit cards, stealing more than GBP1million.

A Shell spokesman said: 'In the interests of our customers, we have temporarily suspended chip-and-PIN availability in our UK companyowned service stations.

'This is a precautionary measure to protect the security of our customers' transactions.' The company said customers would be able to pay for fuel, goods and services using their signatures as proof of identity.

'We will reintroduce chip and PIN as soon as it is possible, following consultation with the terminal manufacturer, card companies and the relevant authorities, to ensure that customers can be confident that their transactions are fully secure.' Four hundred Shell petrol stations which are run by outside franchises will continue to operate chip and PIN.

There is evidence that criminals have posed as technicians to implant devices into till terminals at the petrol stations.

These devices captured both the card details on the magnetic strip and the four digit PINs - personal identification numbers - used by customers to authorise purchases.

The information was then used to create cloned cards, which were used to withdraw huge sums of money from cash machines in Britain and abroad.

Shell stressed that all its till terminals had been approved by the banking industry before the chip and PIN regime became compulsory in February.

However, it is apparent that bank industry standards are not sufficiently stringent to ensure that the terminals cannot be tampered with.

Consequently, the problems experienced by Shell could equally apply to thousands of new terminals installed in stores, restaurants and other outlets.

The till terminals at the centre of the Shell fraud investigation were made by a company called Trintech, which supplies many businesses across Britain and the world.

Shell said it was aware of cases of fraud at fewer than ten of its petrol stations.

BP has also admitted a problem with customer card details being stolen from at least one of its stations. This did not involve a chip-and-PIN terminal.

Criminals have attempted to tamper with till pads at petrol stations operated by at least one other major chain.

These cases are unlikely to reflect the full scale of the problem as sophisticated gangs find ways to outsmart the new security regime.

The developments are a huge embarrassment for the banks who assured the nation the chip-and-PIN system would kill card crime.

The finance industry and retailers have spent GBP1billion issuing 141 million new 'secure' cards and installing new terminalsat which they can be used.

The Association of Payment Clearing Services, which speaks for the banks on plastic card issues, claimed the chipand-PIN system was reducing fraud.

Spokesman Sandra Quinn confirmed the problems at Shell.

She said there criminals had also attempted to tamper with till terminals at one other petrol company at least.

However, she tried to play down the significance of the problem.

While she was unable to say how many card details had been stolen, she insisted only a small number of petrol stations were implicated.

'We are confident this is not a systemic issue. This is about a specific till pad and the way it is configured in Shell petrol stations,' she said.


MARY Adkins lost GBP1,300 from her account when her debit card was cloned after a visit to a Shell petrol station.

The theft became apparent in early April when the card was rejected at a store and she and her husband James were told to contact their bank.

'The bank's fraud department told us there had been cash withdrawals in Paris,' said Mrs Adkins from the couple's home near Guildford, Surrey.

'I subsequently found out that more than GBP1,300 had been taken out in a series of withdrawals.

'My confidence in the chip-and- PIN regime has been severely shaken. This technology ought to be secure.

'Now, more than a month later, we are still waiting to get our money back.'

Chris Monk, 53, an electronics engineer from Surrey, believes his card was cloned at a Shell garage in March. He lost GBP600 in what he described as 'mugging by stealth'.

Mr Monk said he always suspected that chip and PIN was not a failsafe system.

'Once digital information has been captured on a device there is scope to copy it,' he said.

'I now face a question over who I can trust when making a purchase.

'In fact I have been using cash over the last two weeks.'

[ Back To SIP Trunking Home's Homepage ]

Subscribe here for your FREE
SIP TRUNKING enewslettter.

Featured Partner

Featured Whitepapers

SIP Security for the Enterprise
Voice over IP (VoIP) is incorporated into a variety of computer networks, both public and private, and used for everyday transactions and communications among carriers, businesses, government agencies...

Making A Broadband Purchase Decision
Businesses today have many options for broadband connectivity. Clarifying your particular business needs prior to selecting a broadband provider will ensure an optimal match of broadband service to your requirements.

Voice-Optimized Network Delivers Premier Call Experience
Customers equate call quality with business quality. Real-time communication, interpersonal interaction, and the cordial tone of a call center representative can create a positive impression of your business that no email can match.

Featured Case Studies

Business Telecom Expenses Reduced 50%
A small to medium sized company in the midwest was interested in migrating to IP Communications, but in today's economy, they were hesitant to upgrade their communication system due to their perception that the cost would outweigh the benefits.

Multi-State Company Cuts Telecom Costs 50%
A multi-site, multi-state company with extensive monthly long distance fees and toll-free charges did not have adequate broadband for Broadvox SIP Trunking requirements, nor did they have a SIP enabled telephone system.

Discover Leisure Connects Remote Users to its IP-PBX
Discover Leisure is one of the largest resellers of caravans and motor homes in the UK. With 15 branch of?ces all over the country, the company spent a great deal of money every month just on internal phone calls.

Featured eBOOKS

Internet+: The Way Toward Global Unified Communication
Connecting the telephony of the enterprise PBX or Unified Communications (UC) system using SIP trunks instead of conventional telephone lines has been very successful in recent years.

What is SIP Trunking? Edition 2
SIP trunking is becoming more of a focus for service providers. One key issue many service providers face when deploying SIP trunks is NAT, or Network Address Translation, traversal.

What is SIP Trunking? Edition 1
A vast resource for information about all things SIP - including SIP, security, VoIP, SIP trunking and Unified Communications.

Featured Videos

Broadvox VAR Testimonial VAR 1:
Part 1 of the VAR (Value Added Reseller) Partner Program Testimonials for Broadvox...

E-SBCs AS The Demarcation Point:
Ingate's Steve Johnson talks to Erik Linask about the role session border controller plays as the demarcation point at...

Demystifying DPI
How can deep packet inspection protect your SIP traffic as well as your entire network?

Featured Resources

Partner Program Overview:
Over 4,000 VARs, Master Agents, Solution Providers, and Independent IT Professionals trust Broadvox. We offer customized services and solutions to fit seamlessly into any company's business model. And when you partner with Broadvox, every member of our team stands behind you and your customers 100%...

SIP Trunk UC Summit

What's New

Presenting the New Ingate/Intertex Website:
Internet+ is an extended Internet access allowing high quality SIP (Session Initiation Protocol) based real-time person-to-person communication, everywhere and for any application. It applies to both fixed and mobile networks ...

Featured Blogs

Featured Webinars

Secure SIP Trunking:
What You Need to Know

Successfully Deploying Enterprise SIP Trunking:
Tools and Techniques for Overcoming Common Roadblocks

Featured Podcasts

Getting the Most Out of Your SIP Trunks:
Ingate's Steve Johnson and TMC's Erik Linask discuss how best practices forgetting the most out of SIP Trunking services and common pitfalls to avoid.

Featured Datasheets

Ingate SIParator E-SBCs
Adopting SIP is a simple process with the Ingate SIParator, the secure enterprise session border controller (E-SBC). The SIParator makes secure SIP communications - including VoIP,SIP trunking and more - possible while working seamlessly with your existing network firewall.

Ingate Firewalls
Everyone is talking about enterprise usage of VoIP, instant messaging and other types of realtime communications including presence and conferencing.

SIP Trunk Solutions for Service Providers
The award-winning Ingate Firewall and Ingate SIParator deliver a high quality, reliable SIP trunk connection between the customer's IP-PBX and the service provider network, and solve interoperability issues to simplify deployments and support for remote diagnosis of reported issues.