No one wants to be the victim of a security breach. Your customers don’t want their personal information and account access to fall into the wrong hands — and you don’t want the negative press, reputation damage, and the hassle or cost of dealing with the outfall from an IT or a compliance perspective. Having a secure point of sale (POS) system must be one of your top priorities so you can protect your customers, your business, and your future.
PCI DSS Compliance
The Payment Card Industry Data Security Standard (PCI DSS) is a great place to start to secure your point of sale system. Although some merchants view the standard as something they need to check the boxes to comply with so they can continue to accept credit cards, it’s actually more valuable to look at the standard as a collection of industry best practices that will help to protect payment card data.
Unfortunately, research for the annual Verizon Payment Security Report found that PCI compliance decreased in 2018 to 52.5 percent of merchants in compliance compared from 55.4 percent the previous year. This is troubling since Verizon has never found a confirmed case of a data breach at a merchant’s business that was 100-percent PCI DSS compliant in its 14 years of producing Data Breach Investigation Reports. PCI compliance can help keep your business and your customers safe.
In general, PCI DSS requires:
- Building and maintaining a secure network, including a firewall and strong passwords
- Protecting cardholder data with encryption or other technologies
- Using regularly updated antivirus, antimalware or other security solutions
- Keeping applications updated and secure
- Enforcing strong access control measures
- Monitor and test networks
- Develop and enforce a security policy
Every part of your business that handles payment data is in the scope of the PCI DSS, so it’s smart to limit where cardholder data is stored or used. Limiting PCI scope by separating your POS system from the rest of your business’ network is a smart strategy. You can also use tokenization and encryption, so plain text versions of cardholder data are never stored in your system — if a hacker can’t read it, they can’t use it to commit fraud or other crimes.
Take a Practical Approach
At most businesses, customers make other types of payments besides using credit cards — cash, check, electronic benefits transfer (EBT), gift cards, etc. You need a secure point of sale for all types of payments — including a secure cash drawer that can contain checks with customer account numbers and other sensitive information.
A secure point of sale doesn’t only depend on technology and processes. A vital part of establishing secure point of sale is properly training employees. People can often be the weak link when it comes to cybercrime or fraud, so make sure your cashiers or sales associates are well-trained in best practices and how to follow your security policy.
Work with the Experts
You have a lot of responsibility for maintaining a secure point of sale and payment security, but if you run a retail business, a grocery store, or a café, security probably isn’t your primary area of expertise. You need to partner with an expert in secure point of sale — security is too serious of an issue for guesswork.
Fortunately, you can work with a POS solution provider that can serve as your trusted partner for point of sale security, giving you the guidance and tech solutions you need to comply with security standards and keep your customers and your business safe. Contact PlazSales to learn more.