Is Your Money Safe When You Swipe?

How safe are mobile point-of-sale systems? Every day pay for coffee at a local café using the latest credit card processor; could that action lead to theft or fraudulent charges?

There are several potential flaws that put digital payment systems at risk of cyber-attacks. These vulnerabilities allow unscrupulous merchants to raid customer accounts and steal credit card data. Or, hackers can easily get into the systems of unknowing retailers, gaining access to all their customer’s data.

Before payment systems went mobile, retailers were at risk of traditional attacks to their point-of-sale (POS) systems. For example, Target faced a major cyber breach during the holiday season in 2013 that affected 40 million payment cards. Now, mobile POS systems are being targeted by cybercriminals, especially as the market for these systems is expected to reach $55 billion by 2024. These systems allow customers to make purchases and now cryptocurrency payments on-the-go. Square, SumUp, PayPal and other systems are at risk of being hacked without detection from conventional anti-fraud tools.

An attack can occur in three ways. A customer purchases an item from a story using a mobile POS machine. The criminal will then send an arbitrary command to the machine’s system in hopes of getting the cardholder to be forced to rerun the transaction again, this time through a less secure channel. Or a hacker could tamper with the sale amount to pocket some of the money. Thirdly, a remote code execution allows hackers to remotely access the mobile POS machine’s memory, allowing the hacker to steal cardholders’ account information.

While mobile POS systems provide many benefits to merchants, there are major risks for consumers. Most of these systems don’t utilize EMV chip technology that enhances a user’s security, instead of using a traditional magnetic strip. Currently, 13 percent of US-based mobile-POS machines utilize chip technology. EMV technology has become the gold standard in storing and protecting cardholder data.

The vulnerabilities in mobile-POS machines, often used by small to medium-sized businesses, put customers at great risk of identity theft, fraudulent charges and stolen personal data.

Follow us on social media for the latest updates in B2B!

Latest

Forging Connections: Flipping CAPA on It’s Head with Prevention
October 4, 2022
Waste and lost money run rampant in various sectors, and healthcare and pharmaceuticals are no exception. Bethany Kearney, Director of Enablement for Sparta Systems, and Zillery Fortner, Product Read more
E2B: Energy to Business: Why Threat of Rail Strike Heightened Supply Chain Issues
October 4, 2022
  Freight rail is a critical mode of logistics and transportation for moving products throughout the supply chain. So, when the recent threat of a rail strike nearly derailed the supply chain and cost the Read more
Better Broadband: IoT and Connectivity as a Service
October 4, 2022
 In early July 2022, nearly a quarter of the Canadian population was disconnected after a significant network went down. The outage impacted emergency services, banks, hospitals, and nearly every Read more