{"id":7264,"date":"2013-01-02T09:29:02","date_gmt":"2013-01-02T15:29:02","guid":{"rendered":"http:\/\/www.barcodesinc.com\/news\/?p=7264"},"modified":"2019-09-13T10:43:57","modified_gmt":"2019-09-13T16:43:57","slug":"5-ways-to-improve-security-in-your-point-of-sale-system","status":"publish","type":"post","link":"https:\/\/www.barcodesinc.com\/news\/5-ways-to-improve-security-in-your-point-of-sale-system\/","title":{"rendered":"5 Ways To Improve Security In Your Point-of-Sale System"},"content":{"rendered":"<p><a href=\"https:\/\/www.barcodesinc.com\/news\/wp-content\/uploads\/2013\/01\/security.jpg\"><img decoding=\"async\" loading=\"lazy\" class=\"alignnone  wp-image-7272\" style=\"margin-left: 20px; margin-bottom: 20px;\" title=\"security\" src=\"http:\/\/www.barcodesinc.com\/news\/wp-content\/uploads\/2013\/01\/security.jpg\" alt=\"security\" width=\"189\" height=\"189\" align=\"right\" srcset=\"https:\/\/www.barcodesinc.com\/news\/wp-content\/uploads\/2013\/01\/security.jpg 300w, https:\/\/www.barcodesinc.com\/news\/wp-content\/uploads\/2013\/01\/security-150x150.jpg 150w\" sizes=\"(max-width: 189px) 100vw, 189px\" \/><\/a>Many\u00c2\u00a0business\u00c2\u00a0owners think that meeting the basic requirements of the Payment Card Industry Data Security Standard (PCI DSS) protocols will keep their <a href=\"https:\/\/www.barcodesinc.com\/cats\/point-of-sale-system\/\">point-of-sale systems<\/a> from being hacked. But here\u00e2\u20ac\u2122s the truth: hacking into retailer POS systems is a recurring problem worldwide, even for retailers who meet PCI DSS standards.<\/p>\n<p>In just the last couple of years, several high-profile cases have received media coverage:<\/p>\n<ul>\n<li>In late 2011, a scheme was discovered that involved hackers from Romania stealing credit card data from hundreds of POS systems, including those from 150 Subway franchises. More than 146,000 cards were compromised, and losses have been estimated at up to $10 million.<\/li>\n<li>In September 2012, hackers got into POS systems in 63 Barnes &amp; Noble stores in nine states. The company removed POS card readers from all its stores while the incident was investigated.<\/li>\n<li>In December 2012, an Israeli security firm found a strain of malware infecting hundreds of POS systems in 40 countries. By injecting malware into a system\u00e2\u20ac\u2122s iexplore.exe file on Windows servers, the malware hijacked data that could be used for cloning credit cards.<\/li>\n<\/ul>\n<p>Countless other cases of POS \u00e2\u20ac\u0153hacking\u00e2\u20ac\u009d come from insiders:\u00c2\u00a0your employees. Keeping on top of POS security is essential for every business. Here are 5 ways to improve your POS security.<\/p>\n<p><strong><!--more-->1. Know Your Enemy<\/strong><\/p>\n<p>Awareness is the first step toward POS security. Key methods for hacking a POS system include:<\/p>\n<ul>\n<li>Targeting systems that lack firewall protection between hackers and terminal or Windows RDP services<\/li>\n<li>Gaining remote system access using tools like PCAnywhere on \u00e2\u20ac\u0153back of house\u00e2\u20ac\u009d servers<\/li>\n<li>Finding systems using default vendor-supplied credentials for OS and remote applications<\/li>\n<\/ul>\n<p>Systems are frequently hacked by criminals who are employed seasonally or temporarily, particularly in\u00c2\u00a0<a href=\"https:\/\/www.barcodesinc.com\/cats\/point-of-sale-system\/restaurant.htm\">restaurants and bars<\/a>. Dave Marcus, security research director at McAfee Labs, said in an\u00c2\u00a0interview with Ars Technica, \u00e2\u20ac\u0153This is the crime of the future. Robbing a retailer won\u00e2\u20ac\u2122t involve holding up a cash register at gunpoint, but rather root[ing] them from across the planet, and steal[ing] digitally.\u00e2\u20ac\u009d<\/p>\n<p><strong>2. Assess Your Risks<\/strong><\/p>\n<p>PCI DSS Requirements version 12.1.2 requires organizations to develop formal processes for identifying vulnerabilities that reduce security of cardholder data. A customized risk assessment can help businesses determine which specific controls are best suited for protecting cardholder data for their business. Not only should organizations have a formal risk assessment methodology suited for its particular vulnerabilities, it\u00c2\u00a0 should treat risk assessment as an ongoing process so that information about emerging threats can be addressed through preventive measures. Risk assessments are important, but they are not a substitute for implementing all applicable PCI DSS requirements.<\/p>\n<p><strong>3. PA-DSS Validate Applications<\/strong><\/p>\n<p>PA-DSS stands for Payment Application Data Security Standard. Validation under PA-DSS can help merchants protect customer data by improving security controls and supporting PCI DSS compliance, as well as securing maintenance and updating capabilities. When properly installed and maintained, PA-DSS validation gives retailers a long-term solution to POS security issues. But if PA-DSS validation isn\u00e2\u20ac\u2122t installed, configured, and maintained correctly, it won\u00e2\u20ac\u2122t provide much (if any) benefit.<\/p>\n<p><strong>4. Consider Training Under the Qualified Integrators and Resellers Program<\/strong><\/p>\n<p>The PCI Council now has a Qualified Integrators and Resellers (QIR) program for improving POS security. Eligible professionals in qualifying organizations can receive training about secure installation of PA-DSS validation applications to boost PCI DSS security compliance. QIR training educates retail professionals on guiding principles and procedures for securely installing and maintaining payment applications to maximize PCI DSS compliance.<\/p>\n<p><strong>5. No Default Passwords<\/strong><\/p>\n<p>Nobel Prize-winning physicist Richard Feynman learned how to crack safes while working on the Manhattan Project in the 1940s. Like any good scientist, he tried out the simplest methods first: checking safes with the written original factory combinations on the gamble that nobody bothered to change them. And, in several instances, he was right. A surprising number of POS systems use the factory passwords because <a href=\"https:\/\/www.barcodesinc.com\/solutions\/industry-solutions\/retail.htm\">retailers<\/a> don\u00e2\u20ac\u2122t bother to change them, and this is a huge security risk. Not only should factory passwords be changed, subsequent passwords should be changed regularly. Often, cracking a POS system relies on the retailer being lazy about password implementation and changes.<\/p>\n<p>Whether you\u00e2\u20ac\u2122re implementing your\u00c2\u00a0<a href=\"https:\/\/www.barcodesinc.com\/info\/buying-guides\/pos.htm\">first POS system<\/a>, or are\u00c2\u00a0upgrading\u00c2\u00a0with a new one, cardholder security should be a top priority and should be an ongoing \u00e2\u20ac\u201d rather than a one-time \u00e2\u20ac\u201d concern.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Many\u00c2\u00a0business\u00c2\u00a0owners think that meeting the basic requirements of the Payment Card Industry Data Security Standard (PCI DSS) protocols will keep their point-of-sale systems from being hacked. But here\u00e2\u20ac\u2122s the truth: hacking into retailer POS systems is a recurring problem worldwide, even for retailers who meet PCI DSS standards. In just the last couple of years, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[224,96],"tags":[340,335,237,171,241,248],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.0 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>5 Ways To Improve Security In Your Point-of-Sale System - Barcoding News<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.barcodesinc.com\/news\/5-ways-to-improve-security-in-your-point-of-sale-system\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"5 Ways To Improve Security In Your Point-of-Sale System - Barcoding News\" \/>\n<meta property=\"og:description\" content=\"Many\u00c2\u00a0business\u00c2\u00a0owners think that meeting the basic requirements of the Payment Card Industry Data Security Standard (PCI DSS) protocols will keep their point-of-sale systems from being hacked. But here\u00e2\u20ac\u2122s the truth: hacking into retailer POS systems is a recurring problem worldwide, even for retailers who meet PCI DSS standards. In just the last couple of years, [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.barcodesinc.com\/news\/5-ways-to-improve-security-in-your-point-of-sale-system\/\" \/>\n<meta property=\"og:site_name\" content=\"Barcoding News\" \/>\n<meta property=\"article:published_time\" content=\"2013-01-02T15:29:02+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-09-13T16:43:57+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/www.barcodesinc.com\/news\/wp-content\/uploads\/2013\/01\/security.jpg\" \/>\n<meta name=\"author\" content=\"BarcodesInc\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"BarcodesInc\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.barcodesinc.com\/news\/5-ways-to-improve-security-in-your-point-of-sale-system\/\",\"url\":\"https:\/\/www.barcodesinc.com\/news\/5-ways-to-improve-security-in-your-point-of-sale-system\/\",\"name\":\"5 Ways To Improve Security In Your Point-of-Sale System - Barcoding News\",\"isPartOf\":{\"@id\":\"https:\/\/www.barcodesinc.com\/news\/#website\"},\"datePublished\":\"2013-01-02T15:29:02+00:00\",\"dateModified\":\"2019-09-13T16:43:57+00:00\",\"author\":{\"@id\":\"https:\/\/www.barcodesinc.com\/news\/#\/schema\/person\/4887305f61b70f8fa89a8ca7343ec6d4\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.barcodesinc.com\/news\/5-ways-to-improve-security-in-your-point-of-sale-system\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.barcodesinc.com\/news\/5-ways-to-improve-security-in-your-point-of-sale-system\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.barcodesinc.com\/news\/5-ways-to-improve-security-in-your-point-of-sale-system\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.barcodesinc.com\/news\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Solutions\",\"item\":\"https:\/\/www.barcodesinc.com\/news\/category\/solutions\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"5 Ways To Improve Security In Your Point-of-Sale System\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.barcodesinc.com\/news\/#website\",\"url\":\"https:\/\/www.barcodesinc.com\/news\/\",\"name\":\"Barcoding News\",\"description\":\"Barcode, Auto-ID, Point of Sale and RFID News\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.barcodesinc.com\/news\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.barcodesinc.com\/news\/#\/schema\/person\/4887305f61b70f8fa89a8ca7343ec6d4\",\"name\":\"BarcodesInc\",\"sameAs\":[\"http:\/\/www.barcodesinc.com\"],\"url\":\"https:\/\/www.barcodesinc.com\/news\/author\/admin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"5 Ways To Improve Security In Your Point-of-Sale System - Barcoding News","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.barcodesinc.com\/news\/5-ways-to-improve-security-in-your-point-of-sale-system\/","og_locale":"en_US","og_type":"article","og_title":"5 Ways To Improve Security In Your Point-of-Sale System - Barcoding News","og_description":"Many\u00c2\u00a0business\u00c2\u00a0owners think that meeting the basic requirements of the Payment Card Industry Data Security Standard (PCI DSS) protocols will keep their point-of-sale systems from being hacked. But here\u00e2\u20ac\u2122s the truth: hacking into retailer POS systems is a recurring problem worldwide, even for retailers who meet PCI DSS standards. In just the last couple of years, [&hellip;]","og_url":"https:\/\/www.barcodesinc.com\/news\/5-ways-to-improve-security-in-your-point-of-sale-system\/","og_site_name":"Barcoding News","article_published_time":"2013-01-02T15:29:02+00:00","article_modified_time":"2019-09-13T16:43:57+00:00","og_image":[{"url":"http:\/\/www.barcodesinc.com\/news\/wp-content\/uploads\/2013\/01\/security.jpg"}],"author":"BarcodesInc","twitter_card":"summary_large_image","twitter_misc":{"Written by":"BarcodesInc","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.barcodesinc.com\/news\/5-ways-to-improve-security-in-your-point-of-sale-system\/","url":"https:\/\/www.barcodesinc.com\/news\/5-ways-to-improve-security-in-your-point-of-sale-system\/","name":"5 Ways To Improve Security In Your Point-of-Sale System - Barcoding News","isPartOf":{"@id":"https:\/\/www.barcodesinc.com\/news\/#website"},"datePublished":"2013-01-02T15:29:02+00:00","dateModified":"2019-09-13T16:43:57+00:00","author":{"@id":"https:\/\/www.barcodesinc.com\/news\/#\/schema\/person\/4887305f61b70f8fa89a8ca7343ec6d4"},"breadcrumb":{"@id":"https:\/\/www.barcodesinc.com\/news\/5-ways-to-improve-security-in-your-point-of-sale-system\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.barcodesinc.com\/news\/5-ways-to-improve-security-in-your-point-of-sale-system\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.barcodesinc.com\/news\/5-ways-to-improve-security-in-your-point-of-sale-system\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.barcodesinc.com\/news\/"},{"@type":"ListItem","position":2,"name":"Solutions","item":"https:\/\/www.barcodesinc.com\/news\/category\/solutions\/"},{"@type":"ListItem","position":3,"name":"5 Ways To Improve Security In Your Point-of-Sale System"}]},{"@type":"WebSite","@id":"https:\/\/www.barcodesinc.com\/news\/#website","url":"https:\/\/www.barcodesinc.com\/news\/","name":"Barcoding News","description":"Barcode, Auto-ID, Point of Sale and RFID News","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.barcodesinc.com\/news\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/www.barcodesinc.com\/news\/#\/schema\/person\/4887305f61b70f8fa89a8ca7343ec6d4","name":"BarcodesInc","sameAs":["http:\/\/www.barcodesinc.com"],"url":"https:\/\/www.barcodesinc.com\/news\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/www.barcodesinc.com\/news\/wp-json\/wp\/v2\/posts\/7264"}],"collection":[{"href":"https:\/\/www.barcodesinc.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.barcodesinc.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.barcodesinc.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.barcodesinc.com\/news\/wp-json\/wp\/v2\/comments?post=7264"}],"version-history":[{"count":3,"href":"https:\/\/www.barcodesinc.com\/news\/wp-json\/wp\/v2\/posts\/7264\/revisions"}],"predecessor-version":[{"id":21897,"href":"https:\/\/www.barcodesinc.com\/news\/wp-json\/wp\/v2\/posts\/7264\/revisions\/21897"}],"wp:attachment":[{"href":"https:\/\/www.barcodesinc.com\/news\/wp-json\/wp\/v2\/media?parent=7264"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.barcodesinc.com\/news\/wp-json\/wp\/v2\/categories?post=7264"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.barcodesinc.com\/news\/wp-json\/wp\/v2\/tags?post=7264"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}