What could a Point of Sale (POS) security breach cost your business? Factoring in the cost of an investigation, legal fees, potential fines and lawsuits, damage to a reputation, and a likely decrease in customer loyalty, your business could be out millions of dollars.

My advice is to make security a priority, not an afterthought. I have found that many merchants are victims of systems that lack basic security measures.

Integrating surveillance cameras is also a good idea. Business owners can avoid theft and loss by monitoring POS transactions in concurrence with live video surveillance.

Image: Bloomberg News
Surveillance cameras can help merchants monitor their point of sale in conjunction with transaction monitoring and other fraud prevention measures.
Image: Bloomberg News

Merchants should check their operating system. PC-based windows operating systems, which run most legacy point of sale software, have an inherent security flaw-- they are targets for malware.

To help merchants and other payment industry companies avoid data breaches, Payment Card Industry Data Security Standards (PCI DSS) were established to set security standards for accepting credit card payments; all merchants should follow these guidelines.

Failure to adhere to PCI DSS can result in non-compliance fines and put customer data at risk. Merchants have an obligation to be responsible with their customers’ sensitive data by complying with PCI DSS and choosing secure systems.

There is no reason that unencrypted credit card data should ever be stored in the POS or POS cloud, as that is a favorite target for hackers. When vulnerable credit card data is not stored in or transferred through the POS, it cannot be stolen from the POS.

In October 2015 PCI standards will require merchants to accept chip-and-pin cards as well as traditional magnetic strip cards. These cards offer enhanced security as even if the physical card or card number is stolen, transactions cannot be completed without the pin.

Merchants preparing for the security upgrade should make sure their hardware meets EMV standards for integrated chip credit and debit cards, being P2PE certified by PCI-DSS.

Christopher Ciabarra

Christopher Ciabarra

Christopher Ciabarra is the CTO and co-founder of Revel Systems,