Whether it's wrapping up a work project, or the presents, the 2015 holiday season will have many people scrambling to finish last-minute tasks. This means that retailers can expect lines to reach the door coming up. This is especially true on Christmas Eve, when the season's most notorious procrastinators crowd vestibules, and really put shops to the test.
No doubt, brick-and-mortar merchants are physically prepared to handle the hurricane of holiday shoppers, but are their virtual services secure? Here are five quick ways retailers can improve cybersecurity:
Retailers that have not installed EMV-enabled payment processing units are taking a huge risk at this point, and it's an unnecessary one at that too. As of October of this year, EMV liability has shifted from cardholders to merchants. This means that if customer payment data is stolen from a non-EMV compliant retailer, the merchant, and not the card issuer, will ultimately be held responsible.
Retailers should not just install EMV readers as a security measure, but also to protect their assets. Legally speaking. this is precisely why the installation of EMV card readers is number one on this list.
"EMV card chips generate a unique code for every transaction."
Unlike magnetic stripes, EMV card chips generate a unique code for every transaction. This way, even if the point of sale is breached, the hackers will not actually access any exploitable credit card data. By and large, card issuers and banks have made the shift to chip technology, and those that have not should get a move on. Retailers can put this technology to good use and give their cybersecurity a big boost by installing EMV card readers right away. Some start as low as $30, according to Entrepreneur.
Anyone who has a Facebook or email account that automatically sends a text message with a verification code upon login from a new device is familiar with the concept of two-factor authentication. Apply this to POS terminals and customer service kiosks in a retail environment, and the efficacy of cybersecurity immediately doubles. This is especially true in a crowded store, where a sneaky shopper might be able to hop onto an employee machine in the midst of the chaos. With two-factor authentication, a user's digital identity can be more thoroughly vetted and verified, helping to prevent fallout from this type of scenario.
Modern two-factor authentication solutions are relatively inexpensive, and can be deployed swiftly as a service, making them excellent last-minute security measures for retailers.
Mobile security is extremely important during the holiday rush in retail. Sales associates will often attempt to expedite the checkout process through the use of mobile POS systems, which are sometimes as simple as a hooked-up smartphone. Some big-name retailers only use a mobile POS. Once again, the most immediate measure to enhance mobile security is to use mobile EMV card readers. Likewise, two-factor authentication can be extremely useful - especially if a careless employee forgets where he or she put the POS system.
Slightly more involved measures - that can still be deployed relatively fast - essentially transform mobile devices into the equivalent of a smart ID card. This achieves two functions: It can authenticate users across other devices, such as a desktop hooked up to a POS system with the use of pre-identified smartphones; and it helps to manage and verify mobile devices that are being used either as customer service tools or as a mobile POS.
Recent reports have emphasized the growing threat of POS malware, with several new strains having recently been discovered. That said, hackers are just as savvy in their attempts to bring down online retailers. Thus, website security is an extremely important element of cybersecurity for retail environments. SSL certificate providers help retailers encrypt website data and make transfers of information over the Internet more secure. Many will also provide supplemental website security services. The ability to scan for malware and detect other malicious threats before they can obstruct an online retail operation can help prevent lost opportunity. E-commerce is just as lucrative as brick-and-mortar commerce in this day and age, which means hackers have just as much to gain from hacking a website as they do an in-store POS terminal.
This is quite possibly the quickest, easiest step any retailer can take to improve cybersecurity. Out-of-date applications can serve as conduits for cybercriminals, and should be regularly maintained. Sometimes, a bad application can spell the downfall of data security. Imagine a retailer having to explain to customers that their personal information or payment data has been compromised because the company forgot to patch a known vulnerability.
Don't be that retailer. Update your software, and let the holiday shopping mayhem commence.