Tips for Preventing a Data Breach

Tips for Preventing a Data Breach

 

Tips for Preventing a Data Breach

 

When you think about data breaches, your mind probably jumps to the highly publicized incidents of companies like Target and Home Depot. Small business might think they don’t need to take security measures–but that’s not the case. Small business are as susceptible to data breaches as large corporations, and may actually be at greater risk.

Stephen Cobb, a senior security researcher at ESET, says that hackers like to target small businesses because they have more digital assets than a single customer, and not as many security measures put into place as a large enterprise. According to QSR magazine, small businesses like restaurants, are data-thief magnets because they process an abundance of credit cards and often use POS equipment.

Protect your small business with these data breach prevention tips from Chip and Terminal:

 

1. Be Proactive

  • Routinely check your POS systems to make sure they haven’t been tampered with.
  • Don’t wait for a problem to arise. Perform regular vulnerability assessments- once a week is advisable. These tests should be conducted on all systems associated with your network.

 

2. Make sure your credit card processing network is secure

  • Be sure adequate firewall and virus protection measures are put into place.
  • Avoid combining your network with your in-store free Wi-Fi. Make sure any open Wi- Fi networks your customers may use is on a separate network from the one where you process your credit cards.
    • If your devices are not properly installed, configured, and managed, you are taking on a large risk.

 

3. Hold your employees accountable

  • Train your employees on proper security measures. Creating a culture in your business that is more security-minded can help eliminate mistakes that may lead to a data breach. If your employees are knowledgeable and diligent in regards to your network’s security, they will be better able to notice atypical behavior.
  • Discuss with your employees the best way to optimize credit card security. Remind them that handling credit cards and physical cash is similar. There is a lot of responsibility that comes with handling money and information. Limiting how much employees handle credit cards out-of-sight can help prevent dishonest employees from stealing customer information.

 

4. Switch to EMV acceptance

  • EMV technology in the U.S. is catching up to the rest of the world after the 2015 EMV mandate. The chip that is embedded in EMV cards is encrypted and creates a new code every time the card is used to make a purchase, making the card unable to be replicated and more secure than a simple magnetic stripe card.
  • If a fraudulent charge has been made with an EMV enabled card, but a merchant doesn’t have the technology to process an EMV card, the merchant must accept the charge as a loss. Because of the liability shift it is critical that merchants invest in a processing system that accommodates EMV chips, whether they choose an EMV- enabled terminal or Point- of- Sale system.
  • The prevalence of EMV cards makes a data breach less likely because it is a lot harder for hackers to target individual cardholders as well as the businesses that accept them

 

If you would like more information on how to update your POS system and how to be more secure, including switching to EMV compliant technology, contact us at 800-317-1819!

Read MoreRead More

Julie’s Treasures and REVONU POS: Aye, the Perfect Match!

?

REVONU POS is making a huge impact on the POS community, and to talk about why, we asked Julie Nelson, owner of Julie’s Treasures in Minnesota, a retail consignment store,  what she thinks about her new REVONU POS system and COCARD.

COCARD: What made you choose COCARD for your payment processing?

Julie: COCARD was recommended to me by the previous owner.

COCARD: Was the previous owner already using REVONU?

Julie: No, he didn’t have a POS system to run the business. But I definitely wanted to utilize one. The previous owner mentioned that COCARD had POS systems available and I really liked REVONU.

COCARD: So it seems like REVONU has made your business easier to manage! Could you give me some examples as to how REVONU has improved the operation of your business?

Julie: REVONU has made a positive difference! After getting REVONU, it has been easier to keep track of sales as it can sometimes be difficult to keep track of consignors. We also have two different shipping services that are out of the office, so we rely on REVONU to keep those organized. It is very important that we keep track of who we are selling to and who to pay!

COCARD: Would you say REVONU does a good job at catering to a retail business, such as Julie’s Treasures?

Julie: Yes

COCARD: Is it relatively easy for you to keep your inventory organized using REVONU?

Julie: Yes

COCARD: If you could see one feature be added/changed to REVONU what would that be?

Julie: Honestly, I haven’t encountered any issues!

COCARD: What is your favorite aspect of REVONU?

Julie: My favorite aspects are the sales tracking and the back office management options as well has being able to get support for REVONU and my merchant services account in one place with one call!

COCARD:  Thank you Julie for taking the time to speak with us today!  

Is REVONU POS right for your business?  Give us a call to set up a demo, we love to show it off!  800-318-1819

 

 

 

Read MoreRead More
Small REVONU cartoon

Pssst! Did You Know That COCARD Has a Live Chat?

REVONU cartoon character right

 

Do you have any burning questions? Not feeling like picking up the phone? Would you like some more information about credit card processing, POS systems or have a question about your merchant account with COCARD? Then chat away!

I’m REVONU your POS system pal, and I’m here to tell you about our brand new live chat feature. It’s conveniently located on the bottom right corner of the screen on our website, www.cocard.info.

Look in the right hand corner of your screen right now, click on the blue box and one of our fanatical support members will answer any questions you may have, so don’t hesitate to chat us! Hope to talk to you soon!

Read MoreRead More
Mr. Pin, the EMV card reader.

What You Need to Know About Mobile Payments

Cartoon anthropomorphic EMV enabled terminal smiling

Terminal talks about mobile payments!

Like any new technology, mobile payments might seem a bit complicated. Don’t worry, we’re covering what you need to know about the latest mobile payment technologies— without all the technical jargon.

 How do mobile payments work?

Apple Pay and Android Pay

 Apple and Android Pay rely on NFC technology. NFC stands for “Near Field Communication,” as in the phone and terminal must be near each other to work. Both the phone and the terminal must have NFC chips.

Samsung Pay

Samsung Pay is different than Apple and Android pay because it involves MST technology. MST stands for “Magnetic Secure Transmission” and interacts with a terminal just like the magnetic strip on your card.

Both of these technologies allow your phone to internally store your payment info and to communicate with a terminal in order to authorize the transaction.

Are mobile payment technologies safe?

Yes. In general, today’s mobile payments are secure. Your card information is encrypted in your phone to combat fraudsters. Essentially, your phone holds a virtual card—a decoy that you use to make payments. Unlike a physical card, your financial information (i.e. your name and card number) is not directly used.

Here’s a few tips to make your mobile wallet even more secure:

  1. Make sure you have a passcode on your phone. If your phone gets lost or stolen, it will be more difficult for someone to use your phone to make payments with your card.
  2. Set your phone up to be able to be turned off from anywhere in the event your phone has been lost or stolen.
  3. Monitor your card statements for any fraudulent charges. If you see anything suspicious, call your bank.

Apple and Samsung Pay also utilize fingerprint verification (biometrics) in order to access your chosen payment.

Comparing Mobile Payment Apps

  • Apple Pay
  • Introduced 2014
  • One of the first mobile payment options to utilize NFC technology in phones
  • Works with iPhone models 6 and newer
  • Works with wearables (Apple Watch)
  • Accepts most Visa, MasterCard and most large organizations
  • Larger banks (like Bank of America) support Apple Pay, but support varies across smaller regional banks
  • Android Pay
    • Phone must be supported by NFC, which is available in newer Android models
    • Utilizes a downloadable app
    • Works on any compatible smartphone
    • Currently supported by fewer banks than Apple Pay

Apple and Android Pay are not yet widely accepted in stores due to the fact that this technology is relatively unknown to consumers.

  • Samsung Pay:
  • Works with newest Samsung phones like the Galaxy S7
  • Uses MST technology to mimic the magnetic strip on a card
  • Works by hovering your phone over any terminal
  • Use is not restricted to NFC enabled terminals
  • Does not work (due to weak signal strength) if your card has to be inserted into the terminal, like at a gas station

 

Have more questions about mobile payments, or wireless terminals, our customer services representatives will be happy to help- just call us at 1(800)317- 1819!

 

Read MoreRead More
EMV-compliant card reader.

EMV Pocket Glossary

silver American express chip card shown dipped, or being processed, in an emv terminalWith the liability shift here, we know that you’ve already got a lot on your plate. So we’re going to just take it easy and go over a few terms you may have already seen or will see as you continue to learn about EMV. This list can serve as a simple pocket reference during the transition. Print it out even, and refer to it as needed when reading your next article or blog post about EMV. We want the transition to be worry-free.

EMV: Short for Europay, Mastercard, and Visa, the developers of the card

Chip-enabled card: A credit card enabled with a microchip; also referred to as “chip and pin” or “chip and signature”, depending on the cardholder verification method

Fraud: the criminal use of a person’s credit card information to make unauthorized transactions

With the transition to EMV terminals, the US aims to decrease fraud. The US currently accounts for nearly half of all worldwide fraud. On a positive note, the EU has decreased card fraud by 80% since completing its transition to EMV cards, which means the US transition should be successful.

Liability shift: Starting October 1st the responsibility for fraudulent transactions switched to the party with the least EMV-capable technology

If fraud occurs with a non-EMV bank card, the bank is responsible. If fraud occurs as a result of a merchant’s POS system that can’t accept EMV-cards, the merchant is responsible. Only 20-30% of merchants are expected to use EMV-capable terminals by October 1st, with the remainder throughout the three to five-year transition period. So if you’re not there yet, don’t freak out. COCARD can work with you to determine a POS system that is right for your company’s needs.

Transaction authorization: When a chip card goes through rules set by the card-issuer to determine whether the transaction can be authorized; transactions can be authorized either online or offline

Card authentication: the process of making the card authentic or unique by providing a one-time code for the transaction

If someone does manage to actually steal this code and use it, the transaction would be declined since the code was already used.

Cardholder verification (CVM): how the issuer and merchant verify that the cardholder and the person with the card are one and the same. An EMV-terminal might require a pin, signature, or for low risk transactions, no verification method.

Mag-stripe card: Cards with a magnetic stripe on the back. Much of the world has already switched completely to EMV-cards, and the full-scale transition in the US is currently underway. Cardholder data on mag stripe cards is easy to steal using a simple card reading machine.

Cryptogram: A one-time code created during online authorization; a cryptogram validates that the chip and issuer are not counterfeit

That’s it. We hope that this glossary of terms is short and sweet, and that it provides simple definitions for terms that are often times used when discussing EMV.

And now that October 1st has come and gone we’re sure that your still standing strong. So don’t worry. Instead, continue to read up on EMV and take the information that is most valuable to you as a business owner. If you’ve got any questions, we at COCARD will be happy to assist. Feel free to give us a call at 800-317-1819.

Read MoreRead More