POS security breach has sort of happened a routine affair now; every now and then we get to hear news of POS systems being hacked and data being stolen. There have been many instances of hackers getting away with personal data of thousands of people by means of targeting and attacking POS terminals, even in leading organizations.
The Target hack, which happened in 2013, was one of the biggest data breaches in US history and hackers who attacked POS terminals at almost all nationwide locations of the retail giant Target got away with more than 40 million customer details. This included sensitive personal data like customer name, credit/debit card number, expiration date and the three-digit security code.
Well, hacks continue to happen and would continue to happen, but there is no denying the fact that if sufficient precautions are taken, many of these could either be prevented or at least the extent of loss could be minimized. It’s held that the Target hack too could have been prevented if sufficient security measures had been taken.
Well, securing a Point of Sale system is of critical importance, since it concerns not only the security and the reputation of a business but also the sensitive personal data of thousands or millions of customers. There are certain things that can be done to secure POS systems and POS terminals. Here’s a look at some of them-
Go for end-to-end encryption
End-to-end encryption is one of the best options for ensuring POS security. You could go for software that ensures that customer data, as soon as it’s received on the POS device, is encrypted and also that it’s encrypted when it’s sent to the software server. This could prevent customers’ data from being stolen with the help of any kind of malware.
Ensure PCI compliance
Complying with the PCI DSS (Payment Card Industry Data Security Standard) is vital to POS security. This has to be done from top to bottom, across networks, routers, card readers, servers, online shopping carts etc. Make sure all the requirements specified by the PCI DSS are met. These include building and maintaining a secure network, protecting cardholder data, maintaining a vulnerability management program, implementing strong access control measures, regular monitoring and testing of networks and maintaining an information security policy. It’s always good to periodically revive, with the help of qualified security assessors, if your business is following PCI scanning standards.
Use antivirus software
This is one of the most basic of security measures, for any system or network. Always go for a trusted antivirus program that could provide total security for your POS network. Always make it a point to have a good endpoint protection software installed on your POS device/system.
Lock down your systems
Always lock down your POS systems and devices at the end of each workday. This would help prevent physical theft of customer data (if proper encryption is not done) either by insiders or by anyone who could lay hands on the system or device.
Hire services of security experts
It’s always good to hire the services of security experts if your company can afford it. This because security experts have sufficient knowledge of things pertaining to security and would also be staying up-to-date as regards security. You could also think of hiring someone with a deep security background if you cannot afford to hire full-fledged security experts.
If possible use Apple devices
Using Apple-made devices for POS would be good in a way. This is advisable because hackers have the tendency to secretly upload malware apps into POS systems to steal data without anyone realizing what is happening. But since iOS is able to fully run only one app at a time, the malware app won’t be running when the POS app is running if you have Apple-made devices attached to the POS terminal.