1.1 磁卡读卡器用于非法目的时，通常被称为撇读器。本实践提供了有关抓取、获取和分析能够以未经授权的方式获取和存储个人识别信息（PII）的略读设备的信息。 1.2 本标准不能取代通过教育、培训和经验获得的知识、技能或能力，并由具有此类纪律的个人结合专业判断使用- 特定的知识、技能和能力。 1.3 本标准并非旨在解决与其使用相关的所有安全问题（如有）。本标准的用户有责任在使用前制定适当的安全、健康和环境实践，并确定监管限制的适用性。 1.4 本国际标准是根据世界贸易组织技术性贸易壁垒（TBT）委员会发布的《关于制定国际标准、指南和建议的原则的决定》中确立的国际公认标准化原则制定的。 ====意义和用途====== 4.1 由于浏览设备本身通常不被视为违禁品，因此审查员有责任确定该设备是否包含未经授权的账户信息。本实践旨在描述抓取、获取和分析磁卡读卡器中包含的数据的最佳实践。 4.2 限制- 由于以下原因，撇油机带来了独特的考试挑战: 4.2.1 技术的快速变化； 4.2.2 设备拆卸困难； 4.2.3 使用替代/重新调整用途的组件； 4.2.4 使用加密或检查对策，或两者兼有； 4.2.5 多种数据编码/调制格式； 4.2.6 通过设备混淆防止芯片识别； 4.2.7 培训和文件的可用性； 4.2.8 缺乏芯片信息/文件； 4.2.9 缺乏可用于芯片读取的适配器； 4.2.10 用于排屑和读取的可用设备的费用； 4.2.11 缺乏软件支持读取芯片数据的能力； 和 4.2.12 缺乏可用于分析从撇沫器中提取的加密数据的商业软件。

1.1 Magnetic card readers, when used for illegal purposes, are commonly referred to as skimmers. This practice provides information on seizing, acquiring, and analyzing skimming devices capable of acquiring and storing personally identifiable information (PII) in an unauthorized manner. 1.2 This standard cannot replace knowledge, skills, or abilities acquired through education, training, and experience and is to be used in conjunction with professional judgment by individuals with such discipline-specific knowledge, skills, and abilities. 1.3 This standard does not purport to address all of the safety concerns, if any, associated with its use. It is the responsibility of the user of this standard to establish appropriate safety, health, and environmental practices and determine the applicability of regulatory limitations prior to use. 1.4 This international standard was developed in accordance with internationally recognized principles on standardization established in the Decision on Principles for the Development of International Standards, Guides and Recommendations issued by the World Trade Organization Technical Barriers to Trade (TBT) Committee. ====== Significance And Use ====== 4.1 As a skimming device is not typically deemed contraband in of itself, it is the responsibility of the examiner to determine if the device contains unauthorized account information. The purpose of this practice is to describe best practices for seizing, acquiring, and analyzing the data contained within magnetic card readers. 4.2 Limitations— Skimmers present unique examination challenges due to: 4.2.1 Rapid changes in technology; 4.2.2 Difficulty of device disassembly; 4.2.3 Use of alternate/repurposed components; 4.2.4 Use of encryption or examination countermeasures, or both; 4.2.5 Multiple data encoding/modulation formats; 4.2.6 Prevention of chip identification by obfuscation of the device; 4.2.7 Availability of training and documentation; 4.2.8 Lack of chip information/documentation; 4.2.9 Lack of adapters available for chip reading; 4.2.10 Expense of available equipment used in chip removal and reading; 4.2.11 Lack of software’s ability to support reading chip data; and 4.2.12 Lack of commercial software available to analyze encrypted data extracted from skimmers.