Protecting POS systems from cyber attacks

Technology is helping bricks-and-mortar fashion brands stay relevant in this increasingly digital world. For River Island, the integration of digital tools – such as RFID tags – within our physical stores has enabled us to provide more efficient, personalised customer service, ensuring every shopper enjoys the experience of browsing and buying our products.

But with every piece of new tech comes new challenges. A recent Retail Sector article, written by FireMon’s director of product marketing, Josh Mayfield, hones in on point of sale (POS) systems and their vulnerabilities.

These devices have become a target for attackers – the first half of 2017 experienced a 21% jump in ATM and POS compromises. If this tech is exploited, hackers can access sensitive information like customers’ banking details, resulting in data breaches and identity fraud.

The problem lies with detecting malware. As POS systems are relatively easy to infiltrate, Mayfield argues that more needs to be done to resolve device-related issues.

The importance of identity management

It’s crucial that adequate identity management (idM) is enabled and installed on all POS devices to prevent exposure. Currently, users are presumed to be the appropriate people each time verification is initiated. With the majority of devices, the first authentication comes through an Active Directory (AD); in this set-up, there’s nothing to prevent a user from gaining access to systems which reference AD for verification.

An alternative is two-factor authentication (2FA), which bolsters security by adding another layer to the process. This could take the form of biometrics, a question, or a code users must key in when authenticating into the application. Yet, most retailers utilise an Identity Provider (IDP) to negotiate the authentication between AD and the downstream application – the majority of IDPs feature a 2FA function, helping businesses safeguard their POS systems.

Internet cause of vulnerability

In order to work, POS systems require connection to a network via the internet. When a POS device is within a network – when transactions are being carried out, for instance – they are susceptible to cyberattacks. All it takes is for a hacker to infiltrate this framework.

Networks trade in information and no equipment is necessary. It’s this, Mayfield argues, that makes remote exploitation so simple, and effective.

How retailers should respond

A key way to prevent POS attacks is to ensure devices stay up to date by carrying out regular updates and patches. Strong authentication measures – like the aforementioned passcodes, challenge questions and biometrics – should be applied to add an extra layer of security on every device.

If the person exploiting the devices happened to be an insider who, say, alters prices and discounts, it should be easy to identify the culprit as changes are logged and monitored.

These issues highlight how necessary it is for IT teams to conduct more efficient log analysis, which will allow them to assess the validity of each step taken to prevent attacks and ensure that possible threats are identified before it’s too late.

Keeping customer data secure is our number one priority at River Island. We’re on the lookout for Solutions Architects who can work with our IT Security & Compliance team to guarantee security, resilience and scalability are adequately factored into our enterprise architecture. Take a look at our current vacancies.


Post Comment