The importance of accepting credit cards for merchant’s has been well documented. To remain competitive in today’s marketplace, a retailer has no choice but to accept credit card payments. Unfortunately, this form of payment exposes a merchant to the risk of fraud.
Credit card fraud comes in different forms, but Point of Sale attacks have increasingly become more common. In August 2019, cybercriminals breached Checkers and Rally’s point-of-sale terminals, getting off with sensitive customer information dating back to 2015. Here is more on cyber fraud protection. This ugly event which affected 20 states could have been easily prevented if proper security measures were in place.
Why POS Systems are the Most Vulnerable
But why are point-of-sale terminals such easy targets for hackers? Truth is, valuable data and sensitive credit card information are constantly inputted in these devices, making them vulnerable to the antics of cybercriminals. Worse still, human error can even make POS systems more vulnerable in a number of ways. For instance, if someone downloads an unapproved application or fails to log out a register, a hacker can break into the system within minutes.
Merchants should keep in mind that hackers are not only skilled with computer systems, they are also great at understanding how people work. This is why social engineering is an important part of POS-based security threats.
How can retailers solve the problem that is credit card fraud at the point of sale? By now you probably know that simply equipping your POS terminal with the latest chip technology and software isn’t enough.
Here are practical security guidelines that can help merchants tighten up their point-of-sale devices:
Set Up Access Controls
Every employee in the organization has a role to play, so it is important that you limit their level of data access to their individual roles. Information that is crucial to the organization’s business and survival should be restricted to employees who truly need it. It is also important that everyone understands the security and access protocols, and downloads to POS systems should be limited to only those in the IT.
Knowledge is Power
As information technology continues to develop and evolve, continuous education is the best weapon you can have. You and your employees should always be updated on latest security trends in order to prevent fraud in your organization, here are some more tips. However, as humans, we can only plan so much. So, it is ideal that you still prepare for human errors.
Thankfully, there’s a software designed to perform certain automated tasks, such as automatically logging an employee out after a period of inactivity. It could also stamp data using the name of the employee who created it. This is a great way to improve employee accountability and boost the organization’s security.
Ensure Compliance to Industry-standard Practices
Adhering to established practices and protocols is a great way to increase security throughout the organization. This will mean having industry-standard security across your networks, servers, card readers, POS-system contact points, and even physical files. This way, in the event of a data breach, you’d be able to access almost all, if not all, affected information.
Only Accept Credit Cards from Authorized Users
Some fraudulent persons may want to exercise “borrowing privileges” using a “Letter of Authorization”. In many cases, they come up with sob stories about why the owner of the credit card cannot be present for the transaction.
Only the cardholder of a credit card should be allowed to use it for a transaction. You shouldn’t allow anyone else, even if such one is a friend, spouse, or even son/daughter. If someone else walks in with a card that doesn’t have his or her name on the front of the card, this should raise a red flag.
Be On The Look Out For Fraudsters
Customers can be more than a handful for your hardworking employees. Fraudulent persons may want to take advantage of a cashier at the point of sale, in order to produce an improper checkout.
While the age-old business mantra that “customer is king” still holds sway today, there must be limits. The continuous training of your employees should also include knowledge about the right procedures when they authorizing credit and debit card transactions. Customer bullying isn’t always a cover for fraud, but it is a red flag.
Security should be an integral part of your business – not an afterthought. Merchant’s applying the simple steps outlined above, you can successfully combat potentially catastrophic setbacks and focus on the growth of your organization.
About The Author
Angela De Steffano
Staff writer at High Risk Merchant Account LLC
Angela is a merchant account specialist and heads the marketing team at HRMA-LLC.