Looking at the definitions from the free dictionary, they seem like different aspects of a common concept cluster. Light, superficial, quick motion, taking a small part away.
Skimming a card when it's swiped fits in perfectly with this.
When I think of a credit card skimmer, a pay at the pump card reader attack is what first comes to mind. Such as where the customer inserts their card, completes their purchase and the entire transaction goes through without any apparent issue.
This attack seems to be more like a spoofer, the comparison would be a phoney ATM machine that victims insert their cards, the card is cloned and the victim is then prompted to enter their PIN. After which, the phoney ATM professes a network error or the like and the card is returned. No legitimate transaction occurs.
I am a little concerned with the morality of publishing this attack in such detail without first notifying and giving a period of time for the susceptible vendors to patch this vulnerability. Doing so it is very reminiscent of how sensitive information was published years ago enabling drones of script kiddies to engage in Ddos attacks back a few years (decades) ago.
It was my understanding that there is a general code of conduct, regarding publishing these attacts that was created to prevent the proliferation of vulnerabilities before developers had an opportunity to address the issue.
2: to read, study, or examine superficially and rapidly
Edit: If you mean the original meaning (??) of skim (as in skim a liquid surface), then maybe???