Smart, New Medical Devices Coming to Market Faster

The FDA tries to keep up with medical device market shift to wearable devices that collect, analyze, transmit data

For June 2016

By Karen Haywood Queen

The medical device industry is evolving to create better tools to help aging patients and their doctors manage chronic conditions outside of a hospital. Many of these devices and apps look like and/or work with smartphones. The goals are to lower costs, deliver value-based results and meet consumer demand.


Other trends that impact manufacturers include an aging population, improved quality inspections and the regulatory process, according to a recent report by EWI (Columbus, OH), a nonprofit engineering and applied R&D company. The Affordable Care Act also plays a role.

While the market for traditional metal parts used in implantable devices for knees and hips will be fairly stable in the year ahead, changes are coming, said Bryan Hughes, director of medical technology at P&M Corporate Finance in Chicago. Some parts used in medical devices that have historically been made of metal are being replaced by plastic components

In some cases, the volume needed has finally increased to the point it made sense to transition from metal to plastic, he said.

“Volumes have gotten to a scale, creating a situation where it makes sense financially to invest in a mold to manufacture with molded plastic,” Hughes said.

Another driver in the trend has been concern over hospital-acquired infections. “Metal instruments have historically been a reusable item,” Hughes said. “They use the instrument, send it to central sterilization in the hospital, and then use it again. But the challenges and costs associated with instrument sterilizing have moved any number of products to single-use plastic.”

Meanwhile, a whole new wave of medical devices is also coming to market.

“There’s been a recognition that many medical devices were not designed with the consumer in mind,” said Brian Williams, director, strategy, Global Healthcare at PwC.

“We buy consumer devices driven partly by price but also by form, features and the software that powers those devices. We use smartphones to do our shopping, banking, read a book, bank, take photos. We are bringing those expectations of design, ease of use and convenience to healthcare. New medical devices won’t look as much like medical devices.”

Features and technology from consumer devices are making their way into medical devices in what Dale Robinson, business development director at EWI, calls technology fusion. Manufacturing technologies, such as printed flexible electronics will enable the next generation of health monitoring devices. Electronic circuitry is already being printed onto fabrics, he said.

An aging global population will help power growth of just under 6% per year in medical device revenue.

Other technologies that will enable these trends include noninvasive sensors, onboard data analysis algorithms and wireless data transmission, Robinson said. The biggest areas for growth include patient monitoring through clothing or jewelry that seamlessly collects and transmits data to providers, family caretakers of the elderly and parents of newborns, Robinson said. The next generation of battery technology will be smaller, flexible and have a higher energy density.

The winners in the device market will design products that have a measurable value, provide a clear health outcome and integrate with devices consumers already use, Williams said. Stand-alone devices won’t likely be as common.

“Innovation has become more important in healthcare today, given changes that have occurred in the market driven by the Affordable Care Act,” Williams said. “One component of that is reimbursement models that are value based as opposed to fee based. That puts additional pressure on manufacturers of devices to show the value of their product and tie that value to an outcome achieved by the patient.”

Pressure to lower costs plays a role. “The aging global population is huge in terms of overall medical device market growth,” Hughes of P&M said. “As you get above 70, the cost of treating chronic conditions such as COPD and congestive heart failure increases dramatically. To care for a patient per day in a hospital is $3000, in a skilled nursing facility is $450, at home is $50.”

From 2010-2014, medical device revenue growth increased nearly 7 %.

With home care in mind, companies that have in the past developed devices for use in hospitals are shifting their focus to the home health market, Hughes said.

Innovations that will make home care possible include improved and miniaturized implantable devices. Interventional cardiac defibrillators are now implanted and leadless—a great improvement over older technology, Robinson said. The devices are implanted into the heart and use much smaller batteries and electronic circuitry. The data processing chips will have higher density processing capabilities to enable better performance without increasing size. To assemble such devices, manufacturing technology has improved to create hermetic seals to prevent fluids from leaking into the device and micro-joining processes to connect the battery tabs and microprocessor to the electronic circuitry, he said.

Growth in Smart Medical Devices

More devices will be worn, both on the wrist and as part of clothing using technology that prints circuitry onto fabric, said Jeffrey C. Rasmussen, market research manager at the Industrial Fabric Association International (Roseville, MN).

“In the past, sensors and circuitry embedded into fabric were too big and too clunky,” Rasmussen said. “Manufacturers have been able to make them miniaturized, more stretchable and comfortable. It’s exploded in the last year. Some of the big apparel players in the market are Adidas, Nike and Ralph Lauren.” Such clothing is improving in terms of washability, he said, although research continues in that area.

Sensors are becoming better and more sophisticated. Devices now entering the market have sensors that measure more physiological parameters such as 2-lead EKG and pulse oximetry, Robinson said. Circuitry and biosensors imprinted into fabric and worn close to the heart and lungs for monitoring a person’s pulse and/or respiration rate tend to be more reliable than those worn on the wrist.

Other technology in this sector includes smart socks that send an alert if a baby stops breathing, a vest defibrillator, and smart blankets that can send alerts if a patient is developing bedsores.

Smart fabrics manufacturer Eeonyx has developed a patented formulation that allows it to apply conductive polymer coatings to textiles, fibers, and yarns—making them piezo-resistive, which means they are sensitive to and react to touch, Rasmussen said. This creates a custom pressure touch sensor in the fabric. In 2014, Eeonyx partnered with BeBop Sensors, which now uses co-designed proprietary Eeonyx smart fabric to create flexible electronics/circuits that can be incorporated into a single piece of fabric. Using DuPont designed conductive inks, BeBop Sensors’ stretchable circuits can be printed onto fabric, such as a shirt or jacket for a variety purposes including wearable controllers.

“Instead of wearing sensors in the shirt, the shirt is the sensor,” Rasmussen said.


With these devices in hand, consumers will monitor their own health, perhaps consulting with a medical provider by video or a smart device. “I can use my smartphone to gain access to a clinician in real time through video consulting,” Williams said. “In that distributed-care environment, innovation needs to advance to support convenient care.”

These new devices will be easier to use at home and easier on the eyes. For example, ResMed and other companies focused on oxygen treatment are developing better devices to effectively provide patients with oxygen at home—instead of in a hospital on a ventilator, Hughes said. “People don’t want a huge oxygen concentrator that takes up a lot of room and is loud,” he said. “We’re working with a company that has a pretty big, ugly device. They want us to make it look cooler.”

Some aren’t technically medical devices as defined by the Food and Drug Administration because they simply collect data. These wearable devices to monitor health information include products such as the Fitbit or Apple Watch, Robinson said.

Technology fusion will come into play again as tech companies such as Google, Fitbit and Verizon are moving into medical device territory, said Chris Schorre, vice president of global marketing at medical device consultancy Emergo in Austin, TX. “You are also going to see more companies that are making traditional medical devices looking for ways to add a wireless monitoring component to their products so they can connect to a smartphone or tablet. Consumers want their devices to do more than simply count steps or measure their heart rate, and doctors increasingly appreciate the benefits of remote patient monitoring.”

For example, Verily, formerly Google Life Sciences, has gone aggressively into life sciences, he said, citing the company’s research and development with Swiss manufacturer Novartis of a contact lens with a chip embedded in it to measure blood glucose (BG) levels.

“There are definitely going to be winners and losers,” Schorre said. “A lot of this technology will connect via a smartphone, tablet or other system. If Verily succeeds in getting its contact lens with an embedded glucose sensor cleared by the FDA, and users can constantly monitor their glucose levels with alerts on their smartphones, it’s going to have an impact on companies making traditional meters … at least among the 10—15% of people wearing contacts.”

As companies such as Google move into medical device territory, medical device companies will have to return the favor, Schorre said. “You are going to see more companies that are traditional medical device companies developing wireless technology to connect their products to a smartphone.”

When devices are designed to collect and transmit data to healthcare providers for diagnostic analysis and therapeutic advice from a physician, they turn a corner to become FDA-regulated medical devices, Robinson said.

One leader in that space is Glooko Inc. (Palo Alto, CA). Glooko was founded in 2011 by a mobile app developer, a technologist, and a then-Facebook senior executive. Its diabetes management platform, Glooko MeterSync, downloads readings from more than 40 of the most popular blood glucose meters, insulin pumps and continuous glucose monitoring systems to Android and iOS mobile devices.

Other companies are moving into that sector. Late last year, the FDA granted 510(k) clearance for LabStyle Innovations Corp.’s Dario Blood Glucose Monitoring System. The system includes a device housing that includes a blood glucose meter, lancing device, test strips, lancets, control solutions and a mobile application. The mobile app allows the user to look at glucose test results using Apple’s iOS 6.1 or above smart mobile device technology. It helps manage the disease by recording the BG results and other user-entered information such as carbohydrates, activity, and insulin use.

Medical Device Market Speeds Up

“There have been big changes in the speed of innovation,” Williams said. “We are seeing more new products, new apps, new solutions that meet consumers where they are than we saw even a few years ago. It’s driven by an innovation cycle associated with technology. It doesn’t take long to develop a new piece of software that does something novel.”

That innovation cycle is moving much faster than the regulatory environment for traditional healthcare infrastructure is accustomed to, Williams said. The FDA has continued to tweak the process in an effort to keep up with changes while maintaining safety.

Producing or launching an innovative product in the US has been challenging compared to releasing the same product in Europe because the FDA’s system of approval and clearance depends on predictive devices—comparing a new device to one that has already been cleared or approved by the agency, Schorre said.

The FDA classifies medical devices as Class I, II and III. Class I devices, such as dental floss, are deemed to be low risk. Class II devices, such as condoms, are higher risk than Class I and are subject to more controls to reasonably assure the device is safe and effective. Class III devices are the highest risk—“anything where failure of the device would injure or kill a patient or user,” Schorre said—and require the greatest regulatory controls. Active implantable devices, such as pacemakers, are Class III.

Some Class I devices, nearly all Class II devices and a few Class III devices must be cleared by the FDA via a 510(k) process, also known as Pre-Market Notification. Most Class III devices are subject to the far more stringent PreMarket Approval (PMA) requirements, which involve clinical trials.

Launching an innovative product in the US market is sometimes challenging compared to releasing the same product in the European market. That’s because the FDA has a predicate-based regulatory system, which relies on comparing a new device to one that has already been cleared for sale by the agency. “The problem with that system is, if your device is new, innovative and quite a bit different from one already cleared by the FDA, then the FDA is going to treat it as a new device,” Schorre said. “They will initially default to classifying it as ‘high risk.’ You may have to [clear] significant hurdles so it can be a Class II product—to convince the FDA that it’s not high risk and doesn’t require clinical trials. But obviously, just because a device is innovative and new doesn’t mean it’s high risk.”

US Regulators Try to Catch Up

Because of the different European approval system, “We sometimes advise clients to seek approval for their innovative products in Europe first,” he said. “The regulatory system in Europe is rules-based and is therefore more flexible …. [G]oing to Europe first can be faster and cheaper because the manufacturer might avoid having to jump through unexpected hoops that would be required for FDA clearance of an innovative but lower risk device,” Schorre said. “Getting approval in Europe first will not necessarily make getting approval in the United States easier. The primary benefit is that companies making new technology can generate sales more quickly and be generating post market clinical use data that might eventually support a FDA submission.”

In the future, clearance for mobile medical apps might be more well-defined in the United States. “The FDA is leading the charge in developing standards for mobile medical apps, but some want the FDA to take the next step in being more specific about what is allowed and what is not,” Schorre said. “That has not been happening in the rest of the world. Other countries will look at how the United States is regulating apps and issuing guidance and most likely will emulate what the FDA has been doing. To their credit, the FDA understands they will always be a step behind in regulating mobile medical technology and do not want to be the ones to hinder its development.”

To see original publication, go to


Summer spending: Plan, set budget for more fun, less debt

 For May 16, 2016

By Karen Haywood Queen


Summer means lounging by the pool, enjoying a vacation getaway and, for kids, the fun of being out of school. But then there are the bills to pay: pool memberships, vacation costs, wedding gifts and camps or day care for kids. If you’re not careful, you could find yourself racking up credit card debt to pay for all those expenses.

Ideally, you’ve saved all year to be ready for summer. If not, check out these tips on how to better position yourself for next summer and find last-minute savings now.

Pool memberships
Joining a pool, whether it’s a country club or a private pool, can sink your budget if you’re not prepared. “Pool memberships can be quite expensive,” says Dara Duguay, executive director of Credit Builders Alliance, who lives in Washington, D.C.

If you have all year to plan, see if your favorite pool will let you spread out the cost over 12 months. If not, make your own plan by setting aside money in a special pool account.

As for this summer, if a private pool membership isn’t in your budget, consider a free or a less expensive city or county pool. “For us, the other alternative is the public pools, which are free for district residents,” Duguay says. “They are super crowded. You usually have to sit on the cement because all the chairs are broken. There definitely are trade-offs – but it’s free.”

Day care and camps
For parents of school-age kids who can’t be left alone, summer means scrambling to find reliable, safe, affordable day care or camps. Plan ahead for next year by seeing if you can get discounts by signing up and paying well in advance.

If you’re looking for good day care or camps for this summer, there are alternatives to pricy summer camps and nannies. “There’s a brand new YMCA right down the street from me,” Duguay says. “I enrolled my 7-year-old daughter for a couple of weeks at a fraction of what I would pay for a baby sitter.”

Vacation travelMany churches also offer summer kids’ programs for free or low cost during the mornings or evenings or even all day.

Still need to choose a vacation destination? If you have a travel rewards credit card and have accumulated a fair amount of points or frequent flier miles, you may want to narrow down your choices by seeing choosing a destination that maximizes your frequent flier miles.

Whether you’re paying with cash or points, consider off-season locations such as the Caribbean islands that are popular in the winter, but hurricane-prone in the summer, says Rod Griffin, director of public education for credit reporting agency Experian. To hedge your risk, check to see if you have travel insurance through a credit card that covers weather-related trip delays or cancellations.

Also check for what other kinds travel-related perks and safeguards your credit cards may offer.

If your destination is high-end, compare the price of checking a bag on the plane with the cost of buying liquid toiletries and other items at your luxury destination, Ingram says. “If it costs you $25 to check a bag versus purchasing what is going to go in that bag that would cost you four times that much at your destination, then check that bag and fill it with stuff you buy at home.”

Holiday rental homes
When booking a vacation rental home, you may be able to get a discount by booking next year’s stay as you leave this year. Even if you don’t get a discount, paying part of the rental fee early spreads out the cost.

But if you haven’t booked this year’s beach house yet, you can save money by paying attention to school schedules, says Leah Ingram, author of “Suddenly Frugal.” For example, if your kids get out of school at the end of May, book a rental in an area where school remains in session until mid-June, Ingram says. If your children don’t start back to school until after Labor Day, consider traveling in late August to a state where the school year begins in August.

You may even be able to redeem credit card rewards for vacation home rentals through services such as Airbnb, though the industry has been slow to offer easy rewards programs.

Vacation meals and souvenirs
Many families want to take a vacation from cooking too, Ingram acknowledges. But if you book accommodations with a kitchen, you can save money by eating breakfast at home before heading out for the day and packing a picnic lunch, she says.

When looking for souvenirs, skip the stores on the boardwalk or any place that spells shop “shoppe.” Instead, check out the local Walgreens or other national chain, Ingram says. “They’re likely to have the same touristy tchotchkes at a lower price,” she says.

If your vacation destination is money-saving home sweet home, check Groupon and similar sites for discounts on amusement parks and other local attractions, Griffin says. Don’t overlook free concerts and other events in your area.

Thinking about getting a new outfit to that summer wedding you were invited to? Think twice – everyone will be looking at the bride anyway. If you must have a new outfit and can’t bear to wear the same thing to more than one major event, check out Rent The Runway to rent a dress and/or Poshmark to buy or resell high-end clothing, Ingram says.

Cashing in credit card rewards for wedding gifts may also save you money.

Summer happens. Being prepared for expenses means you can pay those extra bills easily as opposed to wasting your pool time worrying or worse, getting a second job to cover extra bills.

To see original publication, go to 

Know your fraudster: 8 types of card criminals

The crooks specialize now, from malware coders to mules

Published Jan. 26, 2015 for

By Karen Haywood Queen

You open your credit card bill and see a bogus charge. Yep, you were hacked. You’re not alone – but most likely, neither was the criminal who used your card.

Card fraud is a staggeringly big business: A Federal Reserve payments study released in July 2014 found more than 28 million unauthorized transactions on credit, debit and prepaid cards, totaling $4 billion in fraudulent charges. Behind those numbers are multiple layers of criminals.

“A lot of people assume that the hacker is the person who steals the credit card number and uses it — a single person,” says Jeff Foresman, information security compliance lead with Rook Security in Indianapolis. “But the concept of some guy sitting in his basement doing all this is not valid anymore.”

Until 2003, most online crimes were isolated vandalism — “anti-social self-expression using high-tech means,” according to a 2013 report from Kaspersky Lab. By contrast, today’s cybercrime is a sophisticated, widespread business meant to make money illegally, the report says.

While a few rogues still steal information and use it themselves, most credit card fraudsters are part of a large underworld industry.

Organized crime, much of it based in Eastern Europe and Russia, helps bankroll the criminals involved, says Loc Nguyen, chief marketing officer at data security company Feedzai Inc., in San Mateo, California. An IT specialist working for organized crime gangs in Eastern Europe can make 10 times what he’d make in a legitimate job — or more.

“These are not high school kids — these are highly organized, well-funded organizations,” says Nguyen. “The business of hacking has gone from a mischievous activity conducted by hobbyist developers to an occupation of paid professionals working closely with organized criminals. Just like any company, they have specialists, people who write the code, people who run the equivalent of e-commerce sites and people who buy the card numbers. They have upper management and an endless supply of workers.”

There are multiple ways to get your credit card information and there are different types of criminals who specialize in each. Once they have your info, numerous players stand ready to use it for their profit. The whole industry includes malware writers, several types of thieves who use card skimmers, operators of websites selling card data, credit card counterfeiters and end users: people who buy and shop with stolen credit cards. (To get a taste of life on the lower rungs of this criminal enterprise, check out “‘A day in the life of a common credit card crook.”)

Sound complicated? This guide breaks down the eight professions and their job descriptions.

  1. Malware writers
    Malware authors write the software code that remotely hacks into major databanks to get stored credit card numbers, Nguyen says. Many are young men who are either from Eastern Europe and Russia, or who have connections to people in those areas, he says. Some malware writers are part of organized crime rings, others are freelancers selling code with no idea of who uses it, says Jay Jacobs, managing principal and co-author of the 2014 Verizon Data Breach Investigations Report.

“Someone will create the malware, then they sell it for hackers to use to steal credit card data,” Rook Security’s Foresman says.

The code writers evolve quickly to stay ahead of the good guys. After the 2008 arrest of master hacker Albert Gonzalez for, among other things, stealing credit card information from clothing retailer TJ Maxx, malware writers changed their focus from major companies to smaller businesses, says Jay Jacobs, managing principal and co-author of the 2014 Verizon Data Breach Investigations Report. They began using devices or small programs known as keystroke loggers to capture information typed into the systems of small businesses whose point-of-sale terminals are often open directly to the Internet via third party servers, Jacobs says.

Now the focus is back on major retailers and businesses using programs called RAM scrapers that take payment card information from the merchant’s point-of-sale system while it’s still being processed inside the terminal, Jacobs says.

Because the terminals at large businesses are not directly connected to the Internet, the criminals must work their way through the company’s system to find a part that is connected to the Internet so they can get the stolen data out. That can take time, but the payoff is potentially huge. “Rather than focusing on 10 victims and getting a little data from each, there’s a shift back to multiple weeks targeting a lot of data from one large victim,” Jacobs says.

  1. Phishers and spoofers
    Some malware coders specialize in creating phishing emails designed to get you to give up your personal information. Others perform these duties in addition to writing other kinds of code, Nguyen says.

These phishing fraudsters may work with or separately from spoofers — criminals who create websites that are designed to look like the real thing but are instead run by criminals seeking your personal information, Nguyen says.

“They may have hacked into a database to get your email address ,” he says. That’s why you should be concerned about email hacks such as the one discovered at Home Depot.

Besides targeting consumers, phishers also often target nontechnical employees of banks or retailers that handle a lot of consumer data. The “From” address is spoofed to make it look like it has come from a trusted insider.

  1. Shady clerks and wait staff
    The same guy that’s serving your food may be dishing out your credit card number to an organized crime ring. Gangsters sometimes score credit card information by putting employees of legitimate businesses on their payroll, Jacobs says. “They’ll approach an employee — at a restaurant, hotel, retail chain or anywhere that handles credit cards — and bribe them” to skim customers’ credit card numbers when they swipe the credit cards, he says. “The employee is paid by the number of cards they’re able to skim.”

These employees use small portable skimmers that fit in the palm of the hand and steal your credit card number as they process your payment for the legitimate business, he says.

Working the skimmer scam in person is easier at restaurants where the server takes your card away than at retailers or hotel chains where the employee has to use the skimmer under the counter right in front of you, Jacobs says.

Although many of these workers answer to organized criminals, some work alone, skimming your credit card information for themselves, Jacobs says.

  1. Skimmer installers
    Another brand of criminals mounts hidden skimming equipment anywhere credit cards are swiped. Good targets are unmonitored payment locations, such as gas pumps, vending machines and train ticket kiosks, Jacobs says.

These skimmer installers vary widely in skill and sophistication. Like the shady employee with a skimmer, some operate as part of organized crime gangs and others operate alone.

They may leave a skimmer in one location for a few days, gather a few hundred credit card numbers and then stop collecting data before they get caught. “The longer the skimmers are on there, the more likely they are to get noticed,” Foresman says.

Yesterday’s old-style skimmer installers were often caught when they came back to retrieve the equipment and stolen data. New technology creates wider buffers. Today’s more sophisticated installers use skimmers connected via Bluetooth so they can download stolen data from the safety of the parking lot, the Verizon report says.

Tech savvy fraudsters can also buy skimmers with built-in SIM cards enabling remote configuration, remote data uploading and even tamper alerts that, if triggered, will cache the data and send it out immediately.

Sometimes these skimmers also are paired with cameras or keystroke loggers to capture additional information including your PIN, ZIP code and the card validation code (also called CVV2 or CVC2) that is written but not embossed on your credit card, Foreman says.

  1. Fake technicians
    This con artist looks and acts like a company technician. But beneath the designed-to-fool persona you’ll find a fraudster out to tamper with a legitimate company’s credit card processing machines.

The scenario plays out with someone walking into a store with an authentic-looking work order to replace the old credit card terminal, Foresman says. But this tech guy has no connection to the real processing provider. The new terminal installation comes with an extra feature: a computer chip that copies credit card numbers and sends it out to another online server.

These setups allow fraudsters to get all the magnetic stripe information and PIN numbers from swiped cards, Foresman says. “If I can capture the entire track that’s on the magnetic strip on the back, I can make a new card or overwrite an existing card,” he says.

  1. Counterfeit credit card manufacturers
    These modern day counterfeiters don’t make $20 bills. Instead, they buy stolen credit card numbers and make fake credit cards. All that’s needed are imprint machines, a magnetic card writer and, sometimes, credit card stock — all of which are for sale legally, Nguyen says.

“With less than $1,000 invested, you can have your credit card maker,” he says. “The equipment itself isn’t illegal.”

Sometimes, criminals don’t even need new card stock. Instead, they can take the magnetic stripe data from the stolen cards and overwrite it onto existing credit cards or even onto hotel key cards, Nguyen says.

That’s one reason merchants may ask to see your credit card for a transaction. They want to compare the last four numbers embossed or printed on the front of the card with the last four digits of the account number that the magnetic stripe sends to their system to make sure it matches, he says.

  1. Data sales websites
    The credit card numbers that don’t end up on fake cards often end up on websites offering credit card numbers for sale. Operators of these sites offer thousands of credit card numbers and associated information for sale.

“You can go online and buy 1,000 Visa platinum cards,” Foresman says.

Also for sale are card expiration dates, card validation codes, ZIP codes and PINs, Foresman says. The prices vary from $2 for a single unchecked credit card number to more than $100 for a complete data sets called fullz.

“It’s just like eBay,” Nguyen says. “You go on, put in your search criteria, where you want the card. Do you want MasterCard or Visa? Do you want the PIN and the address? The more valuable the information, the more the fraudsters are willing to pay for it.”

Unattended gas stations and vending machines are more than great places to obtain credit card numbers — they’re also good places to test hot cards and card numbers, he says. If a small purchase goes through, the card is verified.

  1. Shoppers, mules
    At the end of the chain are crooks who buy the fake credit cards or fraudulently obtained card numbers and shop with them, typically for items that then can be resold. They buy big-ticket items at electronics stores such as Apple or major retailers such as Home Depot, Nguyen says.

Grocery stores — because they sell gifts cards that can easily be resold — are another big target. “They want to use cards and get cash out of the system,” he says. “They buy $500 or $1,000 worth of gift cards and go and resell them.”

Spending habits differ by the mode of purchase. Thieves who use the cards in face-to-face transactions tend to spend about $450 in the course of a week, often at supermarkets and home-supply warehouses, according to data compiled by Feedzai.

Those shopping online tend to spend about $900 over five days. They target electronics sellers and discounters, according to Feedzai data. To avoid detection, they have the items shipped somewhere other than their home address, Nguyen says.

Though the latter would seem to be more efficient, it’s all a matter of taste if you’re a criminal. In-person crooks prefer not to have to deal with e-commerce hassles such as fake shipping addresses or proxy servers. “To each their own,” says Nguyen. “The opportunity, or ‘market,’ for fraud is so big that there’s room for all kinds of talents, just like honest professions.”

Sometimes, “mules” are hired to do the shopping — often unaware that they’re part of a scam. These end-of-the-line criminals are the ones who tend to get caught, Nguyen says. “They get arrested, make the news, and then are replaced with other people,” he says.