Mobile point of sale has transformed the way you offer customer service—but just like any innovation in payment technology, it’s ripe with fraud potential. That possibility, however remote, is what makes customers wary. And when it happens (it can always happen), it can drive customers away for good.
To ensure that you’re protecting your business against fraud, both internal and external, here are some key areas to investigate and steps to take in order to lock down your system.
Payment Brand Data Security
The first step will always, always be compliance. The Payment Card Industry Security Standards Council, or PCI SSC maintains and manages the PCI Security Standards, which include the Data Security Standard (DSS), Payment Application Data Security Standard (PA-DSS), and PIN Transaction Security (PTS) Requirements.
They offer essential information and guidance for best practices when it comes to implementing your mPos, from entering card data into a system, to how the data is processed, through secure payment applications. Implementing these guidelines not only ensures you’re implementing best practices when it comes to security, but also enhance your business reputation by indicating to both partners and customers that security is a priority for your company and their data.
Your transactional data is key to staying on top of potential fraud. Your mPOS management software should offer quick online access to your transaction data. An always-available web-based dashboard should gives you not only a bird’s eye view of how your system is performing and the kinds of transactions you’re processing, but allows you to drill down and sort by type, transaction ID, and more. This helps you keep tabs on and identify trends that could indicate not just fraudulent activity from the same group of users but also suspicious operating procedures when it comes to how your employees interact with the system and perform data transactions.
Locking It Down
Fraudsters know that the best way to compromise a system is to go right to the source. Increasingly, payment card data is being stolen directly from POS terminals, in a variety of ways. Thieves break into POS terminals and insert software that captures your customer’s card numbers and PINs, install cameras or video to record PIN entries, and even shoulder-surf to glean card information.
You need to protect your POS equipment in order to prevent them—and your reputation—from being compromised. This includes not only physically inspecting your terminals and devices regularly for signs of tampering, but ensuring that your mPOS management software offers ways to track each and every one of your terminals on a granular level, both its physical location and its current status.
Make sure you also physically safeguard your equipment with secure stands or cables, sweep for hidden devices, and install security cameras to monitor your machines.
Your staff is always going to be the first line of defense. You’ll need to train them on recognizing suspicious behavior as well as in being able to discern signs of equipment tampering. Make sure they always follow security procedures when service and repair techs arrive by validating their badge and inspecting their work.
If your mPOS management software is provided by a third party, ensure that they’re aware of potential vulnerabilities and that they’ve taken security steps that align with Payment Card Industry Data Security Standard (PCI DSS) regulations.
And on every terminal, ensure that internet access is disabled, your software is always up to date, and your data encryption and logging features are enabled. Hardware-based firewalls are also a great preventative step that is often overlooked.
Mobile technology is advancing, and it’s essential that you stay on top of security innovations and best practices. From your operating system to your mPOS management software, key innovative technology advancements are helping you create a more secure system for your customers’ peace of mind, every day.