PDQ machine security has been back in the news recently with a British IT security firm claiming there is still much to do to improve security of card machines.

Chip and PIN payments are the safest way to accept card payments however there are still security risks. Here are some associated with the terminals and POS (the till).

Security Threats

Machine Theft: Records of card data remain on payment terminals. If terminals have not been properly password protected the information can be accessed if the machine is stolen.

Manual Card Skimming: One way for a thief to access card data is by swiping the card in their own reader. This can be done quickly so card users should be careful if handing over their card.

Overlaid Skimming: Thieves can access card details by attaching their own reader to a payment terminal. When the customer makes a payment their details are recorded. This type of device is usually used at unmanned payment terminals and they are also used at ATMs, sometimes in combination with a camera to record the PIN.

Internal Skimming: If thieves have access to the terminal or POS they can place skimming devices in the machines and access data remotely. This is a high tech crime which has been used to rob consumers of £10s of millions.

Hijacking Systems: This type of attack relies on software flaws in payment terminals and ATMs. It is the type of security risk which has been in the public eye recently. Information is accessed with a malicious smartcard.

Data Breaching: Relies on the software being hacked. It can be done remotely without the merchant being aware.

Just being aware of these risks means you are less likely to fall foul of criminals. Some of these types of attacks such as data breaching are more relevant to large retailers.

Security Measures

There are some specific things you can do to improve pdq machine security:

Change Passwords: Where there is an opportunity to password protect any part of the system take it. Use the most secure password you can, staying away from common numeric combinations eg. 1234.

Location: Position your pdq machines in secure locations.

E-commerce: If setting up an online payment gateway take all security measures you can. Get advice from the merchant services provider as to the best practices if you need to.

Customer confidence is critical for businesses of any size. Take all the security measures you can to put customers at ease and avoid crime.

If you have any question about chip and PIN machines and merchant services or would like a best price quote from our partner please use the contact form >> Contact

UK Plastic Fraud Figures 2007-11

Source: http://www.theukcardsassociation.org.uk/plastic_fraud_figures/index.asp