Anyone that has worked in the realm of retail surely knows that Point of Sale (POS) systems and credit card reader use have been a hot target for attacks, hacks and other malevolent behavior. After all, the information gathered during the typical retail transaction consists of much more than just dollar amounts and SKU codes.
Today’s POS systems gather information about customers, derived from loyalty cards, as well as feed into other systems that analyze shopping patterns, store traffic and countless other pieces of data, much of which offers some value to data thieves looking to steal identities and further compromise systems. Yet, the biggest chink in the armor of data protection lies with the hunk of plastic that most shoppers carry with them: the all too ubiquitous credit card.
The Reality of Credit Card Reader Risk
Books have been written about scams that have their roots with stolen credit card information, where account numbers, expiration dates, and other pieces of information have been gleaned by card skimmers. These are hidden in plain sight, right in front of a legitimate card reader, leaving victims none the wiser.
According to the Nilson Report from Statista, credit card fraud in the US reached some $7.5 Billion in losses, a number that has more than doubled since 2010. Those numbers have prompted action in the form of new legislative requirements, such as the continually PCI (Payment Card Industry) compliance regulations that many US firms must meet, or risk audits and significant fines.
Anti-Fraud Technologies to the Rescue
The growing scourge of credit card fraud has led to technological innovations seeking to prevent fraud, keep costs down, and place concerned consumers at ease. However, those technologies can be misunderstood and are often observed as an unnecessary nuisance, a belief that must be changed if anti-fraud technologies are ever to take hold.
Case in point is the rise of credit cards equipped with security chips that require either a signature or use of a PIN with every transaction. Referred to as EMV cards (an acronym derived from Europay, MasterCard and Visa-the three companies that originally developed the standard), those chip enabled pieces of plastic eschew the unsecure magnetic stripe common on credit cards in favor of a two factor authentication process that uses an integrated chip to transmit the card information into a card reader. It then requires either the entry of a PIN or a signature to be inputted on the card reader signature pad.
At first glance, that may seem like an additional burden for both consumers and those responsible for POS system security. After all, new card readers will have to be installed and consumers will have to go through some additional steps when checking out. Although the federal government isn’t forcing EMV upon retailers just yet, the technology should go a long way towards reducing fraud and further protect customers from unscrupulous transactions on their credit cards.
EMV Changing the Payment Card Game
Prior to EMV, all card data was stored on the magnetic stripe on the back side of the card without any encryption or other protective measures. Cards with stripes were swiped during checkout and the checkout terminal would read the data from the magnetic stripe. That data remained static (meaning it never changed, no matter how often you used your card) and made it relatively easy for fraudsters to break into the terminal or the network, steal the card number, and use it elsewhere.
EMV cards are equipped with an embedded microprocessor chip, which makes it difficult to steal information when the card is used to make an in person transaction. The microprocessor chip in the EMV card generates a unique code for every transaction, effectively making the information obtained useless for any future transactions. Even if someone intercepts the data, that data would prove useless because it won’t work a second time. What’s more, the captured data can never be used to be traced back to the actual credit card number.
Simply put, EMV chips obfuscate the basic information normally stored on the magnetic stripe, making interception and reuse practically impossible.
Keep customers safe with top-of-the-line tech employees.
Our qualified Modis recruiters have experienced tech candidates ready to help you improve your security. Reach out to your local Modis branch and meet candidates who will help you keep consumer information locked down.