Be aware of identity theft when using the POS System
Posted by Karim Dharamshi on Fri, Jul 30, 2010
We think our credit or debit cards are safe and secure when swiped on a Point of Sale (POS) terminal. Yes, the common POS terminals found at retailers and restaurants. With LCD monitors, touch screen functionality and the like, the POS termi
nal appears to be very secure and, for the most part, it is. However, the criminal mind is always one step ahead. Forget stealing data through some sort of complex phishing scheme - thieves are now just taking the hard drive in its entirety. Good old-fashioned break and enters.
A recent episode of CBC’s Marketplace - “Who’s Minding the Store?” exposed the measures thieves are taking to obtain a massive amount of credit and debit card numbers from POS terminals. They break into stores, restaurants, gas stations and any other location where a POS is commonly used. It doesn’t matter if it’s a large retail chain or a small independent store, they are after the POS. Regardless of the size of the retailer, POS terminals contain records of credit and cards that have been used in the past week, month, even year- depending on when the hard drive was last wiped clean.
As a customer, we tend to trust retailers with our credit or debit card information and so assume the hard drive is wiped clean at least on a daily basis; however, this is not always the case. According to Marketplace, many retailers do take action to clean out all of the credit and debit numbers on a daily basis, but the numbers are never really gone. They still exist on the system for thieves to access. Visa and Mastercard have a Customer Information Security Program (CISP) which sets out guidelines for POS software to ensure that it is effectively wiped clean and that your card information is protected. According to POS Helpdesk, most POS terminals do not comply with these standards. POS Helpdesk encourages retailers to update their software to comply with the CISP standards or run the risk of being fined by Visa and Mastercard. Worse still, having customers’ credit information stolen can result in retailers losing the trust of loyal customers and having such incidents going viral.
In fact, if you find that your credit information has been stolen, you should ask where the thieves obtained your information. According to Marketplace, Canadian banks are not obligated by law to tell you where thieves obtained your credit information. However, it doesn’t hurt to ask. If you find out, you may think twice about paying with plastic at that retailer again.
This brings us to the big question surrounding all of this plastic identity theft: How do you protect yourself? You may not like the answer. POS security experts suggest that you pay with cash as much as possible. Sure, it is a little old-fashioned and maybe not as convenient, but the less you use your plastic, the less risk you have of getting your information stolen.
In the end it may not seem like such a big deal as banks and credit card companies usually refund the amount stolen from your credit card or debit card. But the bottom line is that the more thieves steal from banks and credit card companies through POS theft, we – the consumer – ultimately pay through higher bank fees.
Some food for thought for the dog days of Summer.