tech blog header

Free Whitepaper

Follow Us

Your email:

Blog Topics

Cloud Computing, Exchange 2013

Current Articles | RSS Feed RSS Feed

New Trend: The Point-of-Sale System Hack

 

point of sale hackWith electronic payments now outnumbering cash transactions, the Point-of-sale (PoS) system hack is becoming a more common in the world of cyber crime. In recent years, there have been several high profile cases including the notorious $10 million Subway PoS breach, where at least 150 franchises were targeted, as well as the breach of Barnes & Noble, where credit card readers in 63 stores were compromised. Almost all modern businesses now make use of an electronic PoS systems, and with the hacking of these devices on the increase, it is more important than ever to take appropriate steps to secure your customers’ data.

  1. Physical PoS Hacks

In a recent high-profile Canadian case, a criminal carding ring stole PoS machines from several businesses and gained access to the credit card data via Bluetooth. Given that the hacking process only took roughly an hour to complete, it was easy for the hackers to remove a device and return it before businesses reopened the next day. This particular case is believed to have been facilitated by bribing employees to allow access to the devices after business hours. The scheme resulted in the theft of over $7 million from unsuspecting consumers.

If the thieves are sophisticated enough, there is no need to physically remove the PoS terminals; malware can be installed during what appears to be a normal consumer transaction. At the July 2012 Black Hat security conference, a researcher demonstrated how some terminals using a Linux-based operating system had a loophole that did not require firmware updates to be properly authenticated. This allowed the researchers to use an adjusted credit card to install malware onto one terminal during a normal transaction. The malware prompted the terminal to contact a rogue server and download the card skimming software. The demonstration highlighted exactly how vulnerable retailers can be - even the most stringent of physical security measures preventing devices from being tampered with may not be enough to prevent a PoS hack.

  1. Remote PoS Hacks

There are many vulnerabilities within a PoS system - if a system is not properly protected, anyone with an inside knowledge of how the systems work can carry out a hack without much difficulty. Hackers are becoming more skilled, therefore PoS systems that used to be seen as a challenge are not as daunting as before. Because many PoS devices come pre-loaded with an operating system, the inner workings and weaknesses of that system are known to hackers. All they need to do is find an unsecured IP address or hack into a secure Wi-Fi connection if proper protections have not been put in place. A well-known weakness of PoS devices is their Internet printing protocol, which many businesses use for remote printing. 

Protecting your business against PoS Hacks

There are some simple and straightforward steps you can take to make your system less accessible to hackers, for example:

  • Ensure all Wi-Fi connections on your network are secure

  • Avoid using a Wi-Fi network name that is associated with your business

  • Implement a lockout system for failed login attempts

  • Always change the default password for software

  • Follow best practices on secure password creation

  • Update your systems as often as possible – manufacturers are usually quick to respond to known vulnerabilities by releasing patches and software updates

However, no matter how many precautions you take, there is still likely to be one or more vulnerabilities that you are unaware of. Invest in the future of your business by hiring a reputable IT company to assess your system and identify your existing security risks

  Get a 360°Technology Assessment

Comments

Wow!!definitely that is a astonishing blog. i was taken some of tips from in your dispatched notes. It's assists me out. I like it too much. thanks carry on.
Posted @ Wednesday, November 27, 2013 4:23 AM by Point Of Sale Systems
Thanks for the tips! It'll help me out. And be more secured then!
Posted @ Friday, November 29, 2013 11:28 PM by Marie Kris
Post Comment
Name
 *
Email
 *
Website (optional)
Comment
 *

Allowed tags: <a> link, <b> bold, <i> italics