Point-Of-Sale (POS) security

Your POS systems can be another way to access your computer networks, and it is extremely important to protect them.

Online criminals can hack into POS systems to steal payment card numbers and the associated personal identification number (PIN), which they can then use to access your customers' accounts.

  • Make sure that your POS system is behind a firewall. A firewall is a security control, which is used to restrict incoming and outgoing network traffic. Your Internet Service Provider (ISP) may include a firewall with the router or other hardware or software that they provide you, but it is important to check. If they don't provide one, you will need to purchase one.
  • Set up strong encryption for the transmission of all data (e.g., cardholder data) between your POS system and the POS service provider. The service provider should implement this by default. Ask your POS service provider or an online security consultant (with POS experience) for help if you are not sure what to do.
  • Do not use the default user name and password for your POS system (which was shipped with it), create a new user name and password that are unique to your business.
  • Always limit access to client data only to those employees who have a need to access it and are authorised to do so.
  • Keep anti-virus software up to date.