As data breaches continue to become a more prominent issue, Visa and MasterCard have placed an added importance on security and PCI compliance. One common security breach that can occur is credit card skimming. Credit card skimming is the theft of credit card information as it is swiped through a point of sale device. Usually a small electronic device is inserted into a POS device that will record all of the transaction data that is being transmitted. This information is normally retrieved at a later time by a dishonest employee or by someone who has access to the POS device.
The Payment Card Industry Security Standards Council (PCI SSC) has created a list of best practices for merchants to protect themselves from this crime.These practices include:
- Regularly inspect terminals visually to identify anything abnormal, such as missing or altered seals or screws, extraneous wiring, holes in the device, or the addition of labels or other covering material that could be used to mask damage from device tampering.
- Physically secure terminals and PIN pads to counters in order to prevent removal, and physically secure cable connections.
- Physically secure stored terminals awaiting deployment, and periodically validate the on-hand inventory against asset records.
- Use terminal asset tracking procedures for devices deployed, devices awaiting deployment, devices under repair and devices in transit to location.
- Validate the identity of repair technicians. Unauthorized or unexpected service personnel should be denied access. Authorized and validated repair technicians should be escorted and monitored.
- Periodically weigh the equipment and compare it to vendors’ specification weight to identify the insertion of bugging devices.
If you have any questions about this, please contact us at 800-993-8942 or email info@ubcse.com.
