Blog Posts Tagged with "POS"

306708aaf995cf6a77d3083885b60907

Kmart Says Hackers Breached Payment System

October 10, 2014 Added by:Mike Lennon

Kmart is the latest large U.S. retailer to experience a breach of its payment systems, joining a fast growing club dealing successful hack attacks that have resulted in the exposure of customer data and payment card information.

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

The Barnes and Noble Breach Take Aways

December 05, 2012 Added by:PCI Guru

Put video monitoring on all your POS locations. This does not stop such a swap from occurring, but it does at least record such an event if it does occur. This is particularly important in situations where the customer also acts as cashier as with any self checkout situation...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Skimming, Identity Theft and How Online Business Defends Against Cybercrime

October 25, 2012 Added by:Robert Siciliano

Over the past 5 years a scam known as electronic funds transfers at the point of sale (EFTPOS) or skimming has been prevalent. Consumers commonly swipe both credit and debit cards through the in-store machines to pay for goods and services and hackers have been adept at coming up with ways to skim those cards...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Requirements that Cannot be Marked ‘Not Applicable’

October 01, 2011 Added by:PCI Guru

QSAs are questioning the relevance of this clarification in outsourced and environments totally operated through bank-owned terminals and networks. TPCI SSC is clarifying these requirements is to ensure that QSAs are confirming that outsourced environments truly are out of scope...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

PCI Compliance and Tokenization

August 12, 2011 Added by:PCI Guru

Tokenization does not imply encryption. However, encryption may be used for tokenization as can one-way hashing. When encryption is used as a way to tokenize sensitive information, the system receiving the token never has the capability to decrypt the token...

Comments  (2)

Fc152e73692bc3c934d248f639d9e963

End-to-End Encryption – The Rest Of The Story

August 10, 2011 Added by:PCI Guru

If you discuss E2EE with any merchant, most see it as this panacea, something that will get them out of the PCI compliance game altogether. However, nothing could be further from the truth. If anything, E2EE may make PCI compliance even more daunting than it is today...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Mobile Payments Set to Dramatically Increase

May 26, 2011 Added by:Robert Siciliano

The Payment Card Industry Standards Council is not yet granting approval to any mobile payment applications. With the explosive growth of the mobile payment industry, they are holding off and waiting to see which technologies rise to the top...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Point-of-Sale Systems are Easy Target for Hackers

March 06, 2011 Added by:Dan Dieterle

Online systems are slowly becoming better at protecting data, mostly because they have been under constant attack for a long time. Hackers are very opportunistic, and cyber crime has become big business. Speed counts, and if it is faster just to target the POS system, you better believe they will...

Comments  (0)

Fc152e73692bc3c934d248f639d9e963

Understanding the Intent of PCI Requirement 6.1

February 02, 2011 Added by:PCI Guru

Unlike the insurance industry which has done a very good job of educating management on its value, the security industry has done a very poor job educating management on the value of security and what really needs to be done to secure the organization...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Retailers’ Point of Sale Terminals Skimmed

January 03, 2011 Added by:Robert Siciliano

POS machines are particularly vulnerable because the magnetic stripe technology, which has been around for 40 years, is essentially defenseless against modern fraud techniques. Anyone can easily, and legally, purchase a skimming device for a couple hundred dollars...

Comments  (0)