When thieves stole the PIN pads at a cash register in one of his company's stores, Daniel Marcotte was amazed. Not that they'd done it—such thefts can happen once a week during the holiday season. But watching it on videotape later, "I couldn't tell they had it with them when they left" the store, says Marcotte, director of systems and data security at La Senza, a Montreal retailer now owned by The Limited.
Point of sale (POS) security covers cash, cards, data and inventory
A couple of hours later, the thieves were back. They'd doctored the PIN pads to let them get customer card data. They got them back onto the point-of-sale system quickly, too. But here's where La Senza's security precautions kicked in: Its PIN pads in effect have their own Media Access Control address, and once they're disconnected, that address is no longer available. So the thieves were foiled—this time.
The point of sale has always been a target for thieves. While they once went after the cash drawer, retailers often find themselves facing sophisticated networks of thieves intent on the criminal equivalent of volume discounts—reams of credit card data, entire shelves of goods to launder or, in the case of pharmaceuticals like Sudafed, drugs used for making methamphetamines. Retailers, then, operate under the constant threat of having their point of sale either hacked by cyberthieves (the Dave & Buster's wireless hack being another recent high-profile example) or spoofed by real ones.
Between them, these various thieves target all the major aspects of a modern point-of-sale system:
The cash register
The bar-code scanner
Wireless access
The in-store voice or IP network
The store inventory management system
Where once the big scourge was "till tappers"—people who grab the money and run—that's no longer a major headache for most retailers, says Keith Aubele, the former loss prevention executive at Wal-Mart and Home Depot, and now a loss-prevention consultant. Instead, they have to contend with sophisticated rings of thieves who've figured out that it's far more lucrative to systematically steal goods by spoofing the point-of-sale systems, especially self-checkout systems, which are "incredibly easy to bypass," says Aubele.
Source: http://id.berita.yahoo.com/teknologi/
Tidak ada komentar:
Posting Komentar