As cybercrime continues to plague the retail sector, POS developers need to be aware of the gravest threats they face and how to best defend themselves. Unfortunately, despite a massive surge in POS system attacks in the past few months, many are failing to take the right action. The risks have become much clearer, so decision-makers are able to make informed decisions regarding payment processing security.
For example, Retail Info Systems News reported that POS software remains the most threatened by hackers, with 74 percent of malicious threats targeting these assets. POS hardware was not far behind in that report, with 45 percent of attacks being focused on these IT assets.
Worried? Don’t be! There are plenty of ways to better protect your POS systems and the financial data they manage.
Here are a few methods that can significantly improve your mobile POS security.
P2PE and tokenization
Point-to-point-encryption and tokenization are no longer optional defenses for POS systems, but rather critical, especially to defend against the increasing rate of malware. When traffic is encrypted, or financial data is tokenized, the chances of that sensitive information being exposed to the wrong parties will be inherently lower. With hackers increasing their malware attacks, these payment data security capabilities can have a profoundly positive impact on overall security.
Infosecurity Magazine recently reported that one study from PandaLabs revealed 18 million malware samples were introduced in the second quarter of this year alone, and if that malware is similar to the kinds used in recent POS cyberattacks, it’s likely scanning for unprotected data. Not surprisingly, that same research revealed that hackers are targeting mobile devices and POS systems more frequently – which makes sense given how popular mPOS has become in the past year or two. Especially when deploying a mobile POS system, P2PE and tokenization should be priorities for any developer.
Whereas the cloud was viewed as an immense threat about 10 years ago, now it is being seen as a saving grace for companies that handle sensitive data. Gartner recently argued that all organizations are likely to be using the cloud for strategic purposes in some manner over the next few years, and that there are significant gains to be achieved from a security standpoint.
Retailers and POS providers that use security-centric middleware from trusted and established vendors for their cloud-based POS systems will take a big step in the right direction toward a secure offering.
EMV has been somewhat of a headache, but many are confident that so long as POS developers keep progressing and implementing EMV-support capabilities, they will indeed strengthen overall security. That said, working with qualified and supportive EMV-ready providers will make all the difference.
With these modern solutions – P2PE, tokenization, the cloud and EMV – hacking and other threats to payment data can be more proactively mitigated within POS environments.