Ask three people which method of payment is more secure–cash, credit or debit–and you’ll likely get three different answers, each offering valid points on why one payment method is more secure than the other. And this topic has been discussed for years now with no real winner. What IS clear, is that neither cash, nor credit and debit are going away any time soon. Despite whatever security issues exist, the benefits from being able to use a particular currency outweigh the risks.
In the payments business, security awareness is simply part of the business. VeriFone has a member of the PCI Board of Advisors for many years and based in part on that work, we have helped develop more stringent security requirements for point of sale (POS) and PIN pad payments systems. And then we go beyond those requirements and build in additional safety features.
But the reality is that there is no security feature quite as good as a little common sense with a healthy dose of Best Practices built in. In a perfect world, every merchant would be on a first-name basis with his services provider—be it bank or merchant services company. And before anything was ever done with said merchant’s POS, there would be phone calls and signatures and checks and triple checks to make sure everything was done neat and orderly and by-the-book.
In today’s hectic retail environment, often that level of process is difficult to achieve. With high-staff turnovers, peak in-store traffic times and often just plain old apathy, in-store security slips and one day nobody is quite sure what happened to “Spare POS #3” that was sitting on the shelf in the back of the store. But maybe we can help with the day-to-day security merchants are responsible for.
We have developed a checklist of things that merchants can do to protect their payment systems (and themselves!), which are easy to implement, easy to keep track of, and they work. Below is a peek at the top two and then we invite you to click the link below to access the full document:
Best Practices for PIN PAD and POS Security
1. Perform daily visual inspections of every device, looking for potential signs of tampering. These signs could include:
- Damaged or altered tamper seals
- Missing manufacturer labels
- Missing or damaged screws
- External wires
- Holes in the device casing
2. Store spare devices under lock and key to prevent unauthorized removal. Incorporate a shift change procedure to validate the inventory of devices after every shift to ensure none have been removed.
Simple right? Usually the best things are. These and many more tips for securing your POS can be found on Slideshare in our newly updated “Payment Security Best Practices” document.