Browse Definitions :
Definition

point-of-sale security (POS security)

Point-of-sale security (POS security) is the study of vulnerabilities in retail checkout points and prevention of access by unauthorized parties looking to steal customer and payment card details from them. The purpose of POS security is creating a safe environment for customer transactions.

Memory scraping POS malware is a major concern, as even large retailers have fallen prey to this credit card-stealing method. Memory scrapers access data at the time of the transaction, when payment data is not yet unencrypted. In late 2013, for example, criminals used a variant of the Backoff memory scraper to access information from over 70,000 accounts in the Target database. 

Out of date, unsupported operating systems are a great risk as they provide malware writers with more unpatched vulnerabilities. Windows XP-based systems still in use in many retail environments are vulnerable because they lack some of the more advanced security features of newer versions. For the sake of security, POS systems should use only up-to-date and well-supported operating systems.

Point-of-sale systems physical access and user privileges should also be strictly managed. If, for example, an employee uses a POS terminal for web surfing, they can expose the system to security risks. Ideally, the administrative account should be rigorously protected and the activities of other users strictly limited.

Isolation of POS systems on a network reduces the potential attack surface and makes suspicious activities easier to detect. Whitelisting can also help secure POS systems by limiting communication to only authorized external sites.

This was last updated in January 2015

Continue Reading About point-of-sale security (POS security)

SearchCompliance

  • information governance

    Information governance is a holistic approach to managing corporate information by implementing processes, roles, controls and ...

  • enterprise document management (EDM)

    Enterprise document management (EDM) is a strategy for overseeing an organization's paper and electronic documents so they can be...

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

SearchSecurity

  • cyber espionage

    Cyber espionage, also called cyber spying, is a form of cyber attack that is carried out against a competitive company or ...

  • virus (computer virus)

    A computer virus is malicious code that replicates by copying itself to another program, computer boot sector or document and ...

  • honeypot (computing)

    A honeypot is a network-attached system set up as a decoy to lure cyber attackers and detect, deflect and study hacking attempts ...

SearchHealthIT

SearchDisasterRecovery

  • risk mitigation

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • call tree

    A call tree is a layered hierarchical communication model that is used to notify specific individuals of an event and coordinate ...

  • Disaster Recovery as a Service (DRaaS)

    Disaster recovery as a service (DRaaS) is the replication and hosting of physical or virtual servers by a third party to provide ...

SearchStorage

  • dropout

    Dropout refers to data, or noise, that's intentionally dropped from a neural network to improve processing and time to results.

  • cloud storage

    Cloud storage is a service model in which data is transmitted and stored on remote storage systems, where it is maintained, ...

  • cloud testing

    Cloud testing is the process of using the cloud computing resources of a third-party service provider to test software ...

Close