After a number of high profile security breaches in the past couple of years, consumer trust in the payments system is more fragile than ever.
Point of sale (POS) providers bear much of the responsibility for restoring that trust. POS security is vital to the success of your business.
The series of breaches has revealed a number of lessons about what caused the events, and what should be done to prevent them.
Retailers rely on POS vendors to keep customer information secure. In reporting their security breaches to customers, restaurants and retailers alike speak of compromised POS systems. Barnes & Noble, Home Depot, Target, PF Changs, Michaels, and Jimmy Johns each had POS systems that were infected by malware of some sort. In none of those cases did employee neglect or corruption lead to the theft of customer information.
These retailers relied on their POS vendors to keep the customer information secure. When the POS system failed to do so, the retailer paid the price. Target
Attacks have multiple access points. In the Home Depot breach, the malware targeted the self-checkout terminals. Gas stations around the United States also report crooks tampering with the self-pay terminals at gas pumps. The Jimmy Johns breach, on the other hand, was the result of someone stealing log-in credentials from the POS vendor and accessing information remotely.
According to
Operating systems, servers, and updates matter. Despite Microsofts best attempts, Windows operating systems continue to be more vulnerable to malware than iOS. Security updates that must be downloaded give hackers another opportunity to expose POS systems to a virus or malware, simply by masquerading as a system update.
US security requirements lag behind European security measures. Cards that have a microprocessor (chip) embedded rather than using the magnetic stripe prove to be more secure overall. This EMV standard has been the norm in Europe and credit card fraud has noticeably reduced. This Chip and PIN approach will become mandatory in the US in 2015, protecting consumers, retailers, and banks from fraudulent activities.
David Bozin is vice president of growth development at Bindo.