POS System Owner Best Practices
Owners and operators of POS systems should follow best practices to increase the security of POS systems and
prevent unauthorized access.
* Use Strong Passwords: During the installation of POS systems, a POS company often use the default passwords for simplicity on initial setup. Unfortunately, the default passwords can be easily obtained online by cybercriminals. It is highly recommended that business owners change passwords to their POS systems on a regular basis, using unique account names and complex passwords.
* Update POS Software Applications: Ensure that POS software applications are using the latest updated software applications and software application patches. POS systems, in the same way as computers, are vulnerable to malware attacks when required updates are not downloaded and installed on a timely basis.
* Install a Firewall: Firewalls should be utilized to protect POS systems from outside attacks. A firewall can prevent unauthorized access to or from, a private network by screening out traffic from hackers, viruses, worms, or other types of malware specifically designed to compromise a POS system.
* Use Antivirus: Antivirus programs work to recognize software that fits its current definition of being malicious and attempts to restrict that malware’s access to the systems. It is important to continually update the antivirus
programs for them to be effective on a POS network.
* Restrict Access to Internet: Restrict access to POS system computers or terminals to prevent users from
accidentally exposing the POS system to security threats existing on the internet. POS systems should only be
utilized online to conduct POS related activities and not for general internet use.
* Disallow Remote Access: Remote access allows a user to log into a system as an authorized user without being
physically present. Cyber Criminals can exploit remote access configurations on POS systems to gain access to
these networks. To prevent unauthorized access, it is important to disallow remote access to the POS network at
Fraudulent charges to a credit card can often be remediated quickly by the issuing financial institution with little to
no impact on the consumer. However, unauthorized withdrawals from a debit card (which is tied to a checking
account) could have a cascading impact to include bounced checks and late-payment fees.
Consumers should routinely change debit card PINs. Contact or visit your financial institutions website to learn
more about available fraud liability protection programs for your debit and credit card accounts. Some institutions
offer debit card protections similar to or the same as credit card protections.
If consumers have a reason to believe their credit or debit card information has been compromised, several
cautionary steps to protect funds and prevent identity theft include changing online passwords and PINs used at
ATMs and POS systems; requesting a replacement card; monitoring account activity closely; and placing a
security freeze on all three national credit reports.
A freeze will block access to your credit file by lenders you do not already do business with. Under federal law, consumers are also entitled to one free copy of their credit report every twelve months.