• News
  • Security
  • Products
  • About Seqrite
Seqrite Blog Blog
  • News
  • Security
  • Products
  • About Seqrite
Home  /  Cybersecurity  /  POS security vulnerabilities for retail industry
POS-sale-payment-credit-card
30 July 2018

POS security vulnerabilities for retail industry

Written by Ankita Ashesh
Ankita Ashesh
Cybersecurity
  • 174
    Shares
Estimated reading time: 3 minutes

To have a look at how far technology has progressed, take a look at the simple art of shopping. What was, even a few years back, a simple matter of going to a brick-and-mortar shop, choosing an item and handing a shop-owner some notes of cash has transformed. Today, customers search for products they want online and pay digitally through POS devices.

Of course, retailers are also keen to cash in on the competitive retail landscape and ensure customers can easily swipe their cards for purchases. But many retailers are also slowly becoming aware of the cybersecurity risks that POS devices possess. One of the most publicized POS breaches happened with American retailer, Target in 2013 where 41 million customer payment card accounts and contact information for more than 60 million Target customers were affected. The company had to pay a $18.5 million multistate settlement in 2017. More recently, it was discovered that a security flaw in Oracle Micros’ POS systems could affect over 300,000 systems.

High Stakes

One of the reasons why POS systems have a high security risk is the high stakes involved. These systems collect data for hundreds or thousands of transactions every single day, making it a veritable gold mine for hackers. This data can be extremely valuable for a hacker on the deep web and hence, hackers will target POS systems more than others for the sheer amount of value they can get, compared to other systems.

These systems are also more vulnerable to malware because of the very nature of they are used. As a tool which is used extremely regularly, network administrators do not get the time to ensure that the correct updates and patches are run on the system, making it vulnerable to new vulnerabilities. Once a POS system is infiltrated by malware, it can silently run in the background collecting information for every transaction running through it.

Another major security risk with POS systems is a lack of encryption. Unencrypted data is that much easier to get breached and many rudimental POS systems do not have encryption tools. It is important to use an encryption solution that offers end-to-end encryption which protects credit card data. Hence even if malware is installed on the system or hackers take advantage of a back door or vulnerability, the data is still safe because it remains encrypted.

What can companies do?

Companies must guard against POS breaches because it also affects their brand and reputation. This can lead to lower sales and a negative association with the company by customers, something which no retailer can afford. Some of the steps they can take are:

  • Physical surveillance which involves which keeping a close eye on the POS devices used and ensuring there is no physical tampering being done. This also includes using devices that are compliant with the latest security standards.
  • Investing in security by following some basic hygiene checks: keeping all software updated with the latest patches installed, using an anti-virus and implementing application control to block unauthorized programs from running.
  • Creating strong passwords. This is a part of the basic hygiene check mentioned above but is very important in its own right. Ensuring that strong passwords are chosen which cannot be easily cracked and having multi-factor authentication is important.
  • Comply with norms regarding customer data. Following the norms regarding compliance with customer data can go a long way in safeguarding customer data. Every retailer should have policies outlined about how they are dealing with customer data, when it is being deleted and how long it is being kept for.

As an IT security partner for your business, Seqrite provides comprehensive security from advanced cyber threats. To know more

 Previous PostTailgating: Security Risks Involved
Next Post  What India’s data protection law might mean for your business
Ankita Ashesh
About Ankita Ashesh

...

Articles by Ankita Ashesh »

Related Posts

  • Turn the Page Cybersecurity Predictions for 2021 & beyond

    Turn the Page: Cybersecurity Predictions for 2021 & beyond

    February 18, 2021
  • Building a holistic cybersecurity strategy to safeguard the pharma sector

    Pharma Sector needs to streamline its insides to avoid cyberattacks

    February 12, 2021
  • Data breach volumes worry governments and businesses

    The Data breach inferno burning big-ticket businesses

    February 5, 2021

No Comments

Leave a Reply.Your email address will not be published.

Cancel reply

CAPTCHA Image
Refresh Image

Popular Posts

  • The Data breach inferno burning big-ticket businesses The Data breach inferno burning big-ticket businesses February 5, 2021
  • Turn the Page: Cybersecurity Predictions for 2021 & beyond Turn the Page: Cybersecurity Predictions for 2021 & beyond February 18, 2021
  • Pharma Sector needs to streamline its insides to avoid cyberattacks Pharma Sector needs to streamline its insides to avoid cyberattacks February 12, 2021

Featured Authors

  • Seqrite
    Seqrite

    Follow us for the latest updates and insights related to security for...

    Read more..
  • Viraj Talikotkar
    Viraj Talikotkar

    Viraj is a Lead Technical Writer at Quick Heal Technologies. He is always on...

    Read more..
  • Sanjay Katkar
    Sanjay Katkar

    Sanjay Katkar is the Joint Managing Director and Chief Technology Officer of...

    Read more..

Latest Posts

  • Businesses now worried about the surge in COVID-19 infodemic

    Businesses now worried about the surge in COVID-19 infodemic

    February 26, 2021
  • Turn the Page: Cybersecurity Predictions for 2021 & beyond

    Turn the Page: Cybersecurity Predictions for 2021 & beyond

    February 18, 2021
  • Pharma Sector needs to streamline its insides to avoid cyberattacks

    Pharma Sector needs to streamline its insides to avoid cyberattacks

    February 12, 2021

Stay Updated!

Topics

Antivirus For Linux (10) apt (9) BYOD (9) COVID-19 (10) Cyber-attack (31) cyber-attacks (56) cyberattacks (12) Cybersecurity (279) cyber security (25) Cyber threat (29) cyber threats (44) Data (11) data breach (50) data breaches (27) data loss (28) data loss prevention (33) data protection (21) data security (13) DLP (49) Encryption (16) endpoint security (102) Enterprise security (14) EPS (9) Exploit (12) firewall (11) hackers (9) IoT (10) malware (58) malware attack (22) malware attacks (12) MDM (25) mobile device management (9) Network security (18) Patch Management (12) phishing (16) Ransomware (56) ransomware attack (29) ransomware attacks (30) ransomware protection (12) Seqrite (24) Seqrite Encryption (27) Seqrite EPS (33) Seqrite Services (16) UTM (34) Vulnerability (10)

Products

  • Endpoint Security (EPS)
  • Seqrite Encryption Manager
  • Seqrite Endpoint Security Cloud
  • Cloud Security
  • Seqrite mSuite
  • Seqrite MobiSMART
  • Unified Threat Management
  • Seqrite Secure Web Gateway
  • Antivirus for Server
  • Antivirus for Linux

Resources

  • White Papers
  • Datasheets
  • Threat Reports
  • Manuals
  • Case Studies

About Us

  • Company Overview
  • Leadership
  • Why choose SEQRITE?
  • Awards & Certifications
  • Newsroom

Archives

  • By Date
  • By Category

© 2020 Quick Heal Technologies Ltd. (Formerly Known as Quick Heal Technologies Pvt. Ltd.) Cookie Policies Privacy Policies

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website.
By browsing this website, you agree to our cookie policy.