Browse Definitions :
Definition

point-of-sale security (POS security)

Contributor(s): Matthew Haughn

Point-of-sale security (POS security) is the study of vulnerabilities in retail checkout points and prevention of access by unauthorized parties looking to steal customer and payment card details from them. The purpose of POS security is creating a safe environment for customer transactions.

Memory scraping POS malware is a major concern, as even large retailers have fallen prey to this credit card-stealing method. Memory scrapers access data at the time of the transaction, when payment data is not yet unencrypted. In late 2013, for example, criminals used a variant of the Backoff memory scraper to access information from over 70,000 accounts in the Target database. 

Out of date, unsupported operating systems are a great risk as they provide malware writers with more unpatched vulnerabilities. Windows XP-based systems still in use in many retail environments are vulnerable because they lack some of the more advanced security features of newer versions. For the sake of security, POS systems should use only up-to-date and well-supported operating systems.

Point-of-sale systems physical access and user privileges should also be strictly managed. If, for example, an employee uses a POS terminal for web surfing, they can expose the system to security risks. Ideally, the administrative account should be rigorously protected and the activities of other users strictly limited.

Isolation of POS systems on a network reduces the potential attack surface and makes suspicious activities easier to detect. Whitelisting can also help secure POS systems by limiting communication to only authorized external sites.

This was last updated in January 2015

Continue Reading About point-of-sale security (POS security)

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

SearchCompliance

SearchSecurity

  • time-based one-time password (TOTP)

    A time-based one-time password (TOTP) is a temporary code, generated by an algorithm, for use in authenticating access to ...

  • Security Operations Center (SOC)

    A security operations center (SOC) is a command center facility for a team of IT professionals with expertise in information ...

  • incident response team

    An incident response team is a group of IT professionals in charge of preparing for and reacting to any type of organizational ...

SearchHealthIT

SearchDisasterRecovery

  • disaster recovery team

    A disaster recovery team is a group of individuals focused on planning, implementing, maintaining, auditing and testing an ...

  • cloud insurance

    Cloud insurance is any type of financial or data protection obtained by a cloud service provider. 

  • business continuity software

    Business continuity software is an application or suite designed to make business continuity planning/business continuity ...

SearchStorage

  • storage class memory (SCM)

    Storage class memory (SCM) is a type of NAND flash that includes a power source to ensure that data won't be lost due to a system...

  • Hadoop as a service (HaaS)

    Hadoop as a service (HaaS), also known as Hadoop in the cloud, is a big data analytics framework that stores and analyzes data in...

  • blockchain storage

    Blockchain storage is a way of saving data in a decentralized network which utilizes the unused hard disk space of users across ...

Close