10 19 2015

Increase Security for Point of Sale Equipment at Businesses

10 19 2015

Increase Your POS Security

With the advent and spread of debit and credit card services for small business, you need to ensure your business keeps its security measures intact and updated. By keeping yourself and your company up to date on the current trends impacting digital payment methods, you can stay ahead of the criminal curve that remains a constant and growing threat to every business. According to Verizon Enterprise’s 2014 Breach Investigations Report, point-of-sale systems are one of the prime targets for hackers.

Securing your point-of-service equipment, financial data and sensitive customer information is a challenging endeavor, and it should be something you spend the appropriate resources on to ensure you get it done correctly. Failure to adequately create a safety framework for your POS terminal can result in lost profits, decreased confidence in your business and an exodus of customers.

Focus on these security methods to stay one step ahead of hackers:

Point-to-Point Encryption

Point-to-Point Encryption, otherwise known as P2PE, uses cryptographic keys to encrypt and decrypt data to secure devices, apps and processes. The key the system uses will only be known to the payment company. While this safety feature increases transaction security, it also requires a hefty investment of both time and money to create an in-house P2PE system. Consider partnering with other companies for additional infrastructure assistance.

EMV​

EMV systems also provide a powerful guard against hacking credit card databases. The EMV card has an integrated microchip built into the card which also employs cryptographic security measures to protect the sensitive financial data in your system. According to eSecurityPlanet, the lack of EMV adoption in the U.S. is one of the main reasons for the increase in cyberattacks on U.S. retailers.

Tokenization​

You can also employ tokenization of account numbers to protect your customers’ information. This process involves replacing a primary account number with a substitute value. Tokenization is an ideal choice if you handle recurring billing and future payments. It should be noted, though, that if a hacker remotely installs malware on your POS devices, your system might still be vulnerable to a data breach.

By merging these three systems together, you can ensure you have an incredibly secure POS system. However, aside from implementing a more advanced form of data security systems, here are some simple techniques you can take to increase your system’s security:

  • Change the password: Many owners never change the default password on their POS systems. Cybercriminals have no trouble finding these default passwords and using them to their advantage. Always ensure you change the default password, and change it regularly. Try to not use common terms and try to make the password a complex phrase to ensure additional security.
  • Update the software: If you’ve never updated the POS software you use, there’s a good chance it’s vulnerable to a cyberattack. Many of the updates for the system have typically been designed in response to a particular vulnerability or perceived threat. While these upgrades might be costly, they most likely still pale in comparison to the fallout from a company-wide data breach.
  • Use a firewall: By segmenting your data and installing firewalls to block access to outside sources, you can greatly increase your POS system’s security features. You should install both host- and network-based firewalls as well as a way to monitor the traffic going into and out of your network
  • Use Antivirus: A quality antivirus program will protect your POS system from malicious software. For additional defenses, consider installing a full endpoint protection suite that includes intrusion detection software as well as firewalls and traffic monitoring.

Find Out How Much Funding You Qualify For

Fields marked with an * are required
By clicking this button I agree to all terms and conditions.

Terms & Conditions

General Acceptance

Any applications submitted electronically shall have the same force and effect as if the application bore an inked original signature(s). The above information, together with any accompanying financial statements, schedules, or other materials, is submitted for the purpose of obtaining credit and is warranted to be true, correct, and complete.

 

US Patriot Act:

To help the United States Government fight terrorism and money laundering, Federal law requires us to obtain, verify, and record information that identifies each person that opens an account. What this means for you: when you open an account, we will ask for your name, a street address, date of birth, and an identification number, such as a Social Security number, that Federal law requires us to obtain. We may also ask to see your driver's license or other identifying documents that will allow us to identify you.

 

For Loan/Merchant Services:

The Merchant and Owner(s)/Officer(s) identified in the application (individually, an “Applicant”) each represents, acknowledges and agrees that (1) all information and documents provided to National Funding, Inc. (“NF”) including credit card processor statements are true, accurate and complete, (2) Applicant will immediately notify NF of any change in such information or financial condition, (3) Applicant authorizes NF to disclose all information and documents that NF may obtain including credit reports to other persons or entities (collectively, “Assignees”) that may be involved with or acquire commercial loans having daily repayment features and/or Merchant Cash Advance transactions, including without limitation the application therefor (collectively, “Transactions”) and each Assignee is authorized to use such information and documents, and share such information and documents with other Assignees, in connection with potential Transactions, (4) each Assignee will rely upon the accuracy and completeness of such information and documents, (5) NF, Assignees, and each of their representatives, successors, assigns and designees (collectively, “Recipients”) are authorized to request and receive any investigative reports, credit reports, statements from creditors or financial institutions, verification of information, or any other information that a Recipient deems necessary, (6) Applicant waives and releases any claims against Recipients and any information-providers arising from any act or omission relating to the requesting, receiving or release of information, and (7) each Owner/Officer represents that he or she is authorized to sign this form on behalf of Merchant.(8) I consent to receive direct mail, faxes, and e-mails sent by National Funding and its affiliates for the purposes of transmitting account updates, requests for information and notices, and (9) this request is for business and not for consumer purposes.

 

For Equipment Services:

I hereby certify: (1) the information provided is true and correct, (2) you are hereby authorized to investigate all bank, credit, and trade references, and said references are hereby authorized to release any requested information to you or your nominee, (3) such authorization shall extend to obtaining personal credit profile in considering this application and subsequently for the purposes of update, renewal or extension of such credit or additional credit and for reviewing or collecting the resulting account, (4) this information may be transmitted by us to you and by you to underwriter(s) for the purpose of granting me credit, either electronically or manually, and that by submitting this application, I take full responsibility for transmission thereof, (5) I am over 18 years of age, (6) I acknowledge my rights under the Fair Credit Reporting Act, (7) I consent to receive direct mail, faxes, and e-mails sent by National Funding and its affiliates for the purposes of transmitting account updates, requests for information and notices, and (8) this request is for business and not for consumer purposes.

The Federal Equal Credit Opportunity Act prohibits creditors from discriminating against credit applicants on the basis of race, color, religion, national origin, sex, marital status or age (provided the applicant has the capacity to enter into the binding contract); because all or part of the applicant’s income derives from any public assistance program; or because the applicant has in good faith exercised any right under the Consumer Credit Protection Act. If for any reason your application for business credit is denied, you have the right to a written statement of the specific reasons for the denial. To obtain the statement, please write to National Funding Inc., 9820 Towne Centre Drive, San Diego, California 92121.  Funding amount and credit approval is subject to a full credit profile review.