Fraud Update: Point-of-Sale Terminal Tampering

Criminals seeking to steal payment card data are increasingly targeting point-of-sale (POS) terminals. Criminals may attempt to install skimmers that read and transmit data from swiped cards on ATMS, credit card terminals and point of sale equipment. Criminals also target your computers by installing spyware that accesses point of sale databases and installing hardware “bugs” that intercept card data transmitted from your POS terminals to servers. In some cases fraudsters install miniature cameras or video recording devices pointed at PIN-entry devices.

Here are some important steps merchants can take to reduce the risk of having their POS terminals compromised:

  • Protect POS equipment – merchants should track POS terminals and their serial numbers and regularly check them to ensure they have not been replaced.
  • Inspect terminals and PIN-entry devices to confirm serial numbers and ensure there are no signs of tampering.
  • Check card readers for shims, overlays or other skimmers.
  • Safeguard POS equipment and the surrounding area – to prevent equipment “swaps” terminals should be installed in secure stands, tethers or at a minimum tied down with security cables Check the retail environment for unauthorized hidden recording devices
  • Install security cameras
  • Train staff on POS equipment tampering prevention.
  • Validate all POS equipment service and repair technicians with your POS vendor.

A little bit of training goes a long way to protecting your business from a publicly embarrassing, potentially expensive disclosure of your customer’s credit card data. Train your employees recognize the noticeable signs of equipment tampering.

Further Reading For more information, please read Visa's in depth article Point-of-Sale Terminal Tampering.

Written by Mike Seidle on 2nd Mar, 2015