A “Point-of-Sale” (POS) terminal is the hardware and software used by retailers during the checkout process of its respective customers. Just like any technology-interfacing device, POS terminals are, and have been, subjected to fraudulent activities. Recent trends point to hackers accessing the information stored on these devices to commit widespread fraud throughout the United States and abroad. What’s even more disturbing about this trend is how POS hacking has shifted from a localized crime to a much broader, more organized, crime that spans a larger geographic region.
The geographic breadth, according to an article published by Computerworld, suggests that the attacks are the “network of criminals who [go] into [retail] stores and somehow distracted store personnel long enough to take out PIN pads and swap them out with retrofitted devices” designed to steal payment data.” Computerworld goes on to report, “[t]he theft of the PIN data suggests that the crooks most likely used a transparent overlay of some type so that customer PIN numbers could be captured before it was encrypted.” It is also more than likely that the rogue PIN pads allowed the attackers to capture payment card data wirelessly from within the store itself or from a nearby location such as a parking lot.
The level of sophistication employed by organized criminal enterprises around POS hacking should cause many retailers during this holiday season to question their existing data governance strategies. This crime can go undetected for some time, often causing more monetary damage than would be expected if appropriate safeguards are in place.
To read the Computerworld article, please click here: http://www.computerworld.com/s/article/9189982/Aldi_data_breach_shows_payment_terminal_holes