Many business owners think that meeting the basic requirements of the Payment Card Industry Data Security Standard (PCI DSS) protocols will keep their point-of-sale systems from being hacked. But here’s the truth: hacking into retailer POS systems is a recurring problem worldwide, even for retailers who meet PCI DSS standards.

In just the last couple of years, several high-profile cases have received media coverage:

• In late 2011, a scheme was discovered that involved hackers from Romania stealing credit card data from hundreds of POS systems, including those from 150 Subway franchises. More than 146,000 cards were compromised, and losses have been estimated at up to $10 million.
• In September 2012, hackers got into POS systems in 63 Barnes & Noble stores in nine states. The company removed POS card readers from all its stores while the incident was investigated.
• In December 2012, an Israeli security firm found a strain of malware infecting hundreds of POS systems in 40 countries. By injecting malware into a system’s iexplore.exe file on Windows servers, the malware hijacked data that could be used for cloning credit cards.

Countless other cases of POS “hacking” come from insiders: your employees. Keeping on top of POS security is essential for every business. Here are 5 ways to improve your POS security.

Continue reading »

Point-of-Sale businesses are paranoid, with good reason, about protecting sensitive customer and company information. Financial institutions require that any company that stores, processes or transmits credit card information complies with the PCI-DSS (Payment Card Industry, Data Security Standards).

Companies that fail to comply are subject to fines, lawsuits, and can even be banned from processing credit cards. Even worse, companies that are breached can find themselves in the news headlines, significantly impacting goodwill with customers, partners and shareholders. Ensuring your POS system and wireless infrastructure are in compliance is crucial.

The objective of the Payment Card Industry (PCI) Security Standards is to protect cardholder data. The standards are developed and published by the PCI Security Standards Council (SSC), which consists of hundreds of industry participants who have a vested interested in reducing vulnerabilities in the card-processing ecosystem.

Continue reading »

In the storefront, at the office, throughout the warehouse, and on the road, wireless technology is a critical tool for conducting and improving business. Yet, despite its ubiquitous presence in business, we still read, almost daily, about hackers breaking into large network databases—heightening concerns about identity theft and credit card fraud. Security risks associated with wireless networks have forced businesses to comply with new, more stringent regulations for network security and data encryption. This document outlines the risks your wireless network faces and summarizes current state-of-the-art wireless hardware security systems. It also highlights critical factors to consider when selecting hardware partners to protect your future investment in wireless technology.

The Business Case for Wireless

The use of 802.11 wireless devices has been a driving force in the advance of worker efficiency. It has also brought higher levels of service to retail and commercial customers alike. The unassailable benefits of wireless devices are driving the growth of 802.11 technology. According to the Wi-Fi Alliance, chipsets sold on an annual basis to support wireless technology will grow to one billion units by 2012 (Ref. ABI Research). Clearly, companies that ignore the value of wireless technology will be left behind as their competitors benefit from its many advantages. However, the use of wireless technology is not without risks, and astute companies will take measures to mitigate these risks before wholly embracing wireless devices.

Continue reading »