A quick reminder that if you are using First Data for merchant services along with the Microsoft Dynamics RMS software that the deadline for being SHA-256 compliant is December 28th, 2016 (next week!).
If you have not yet taken steps to replace outdated credit and debit card processing equipment, it needs to be taken care of now as First Data has indicated that they will not allow processing via Datawire starting December 29th, 2016.
If you are unsure, it would be smart to contact your First Data merchant salesperson and/or your Microsoft Dynamics RMS Partner to confirm that your system is SHA-256 compliant.
The most common situation involves still using "old school style" credit card swipes that connect to a USB port or use a keyboard wedge style interface.
The good news is that there are multiple solutions to upgrade to SHA-256 compliant equipment AND still use the Microsoft RMS software. These options may include using a separate payment terminal or installing Card Defender for Microsoft RMS.
As always, contact me at 208-340-5632 or kevinantosh@gmail.com - I do work for a Microsoft RMS Partner so I can offer advice and solutions.
Showing posts with label security. Show all posts
Showing posts with label security. Show all posts
Friday, December 16, 2016
Monday, June 13, 2016
SHA-1 to SHA-2 Requirements and Point of Sale Systems
Update October 28th, 2016: the deadline for TSYS SHA2 compliance is now January 1st, 2017 and December 27th, 2016 for First Data. Microsoft RMS users will need to look at integrated solutions like Card Defender for Microsoft RMS or separate terminals that do not integrate with RMS to comply with this requirement. I've had multiple stores using RMS and First Data also contact me over the last couple of days as well so I suspect that I'm going to be quite busy setting up Card Defender over the coming months!
September 15th 2016 Update on new SHA-1 issue specific to Windows 10 and Heartland: http://retailpospondering.blogspot.com/2016/09/windows-10-sha-1-and-sha-2-issues.html
Given how quickly people figure out how to compromise credit card information and similar data, I suspect that we will be seeing new credit card processing security requirements coming out several times each year.
If you have been informed that your merchant services company requires you to comply with SHA-2 then you need to contact your point of sale vendor/dealer/partner to ensure that your system is SHA-2 compliant.
You can learn more about SHA-2 by visiting https://en.wikipedia.org/wiki/SHA-2
As always, contact me for no cost retail point of sale advice.
September 15th 2016 Update on new SHA-1 issue specific to Windows 10 and Heartland: http://retailpospondering.blogspot.com/2016/09/windows-10-sha-1-and-sha-2-issues.html
Given how quickly people figure out how to compromise credit card information and similar data, I suspect that we will be seeing new credit card processing security requirements coming out several times each year.
If you have been informed that your merchant services company requires you to comply with SHA-2 then you need to contact your point of sale vendor/dealer/partner to ensure that your system is SHA-2 compliant.
You can learn more about SHA-2 by visiting https://en.wikipedia.org/wiki/SHA-2
As always, contact me for no cost retail point of sale advice.
Thursday, April 23, 2015
Malware Attack - A New Reason Not to Choose HarborTouch
As if long term equipment contracts, buyout clauses, and specific merchant service commitments were not reasons enough to avoid HarborTouch, a recent Malware attack recently targeted businesses using HarborTouch and HarborTouch confirmed that some data was breached.
Full article can be found here: http://www.pymnts.com/whats-hot-2/2015/pos-malware-nabs-another-victim/#.VTj_byFVikp
Are you in the US and in need of no cost retail point of sale advice? I'm happy to help and can be reached on my cell at 208-340-5632 (I am on Mountain Time) or via email at kevinantosh@gmail.com. There is also a contact form to the right that can be used to reach me.
Full article can be found here: http://www.pymnts.com/whats-hot-2/2015/pos-malware-nabs-another-victim/#.VTj_byFVikp
Are you in the US and in need of no cost retail point of sale advice? I'm happy to help and can be reached on my cell at 208-340-5632 (I am on Mountain Time) or via email at kevinantosh@gmail.com. There is also a contact form to the right that can be used to reach me.
Tuesday, April 21, 2015
Malware Alert!
Another malware attack has been reported. Named "punkey", this is another program designed to steal credit card information from Windows based point of sale systems. This is another reason why mobile based point of sale systems like Bindo POS have been popular as most of the malware coming out over the last couple of years has been targeting Windows based point of sale systems.
Tips:
Full article can be found here: http://www.paymentssource.com/news/retail-acquiring/fraudsters-punk-windows-point-of-sale-terminals-with-new-malware-3021141-1.html
Tips:
- No one should be using Windows XP at this point
- You should be running virus and malware scans on a regular basis
- Your anti-virus and malware detection software needs to be updated every day to be effective
- Make sure that you have the correct firewalls and other security measures in place
- If you do not have the time or knowledge, make sure that you contract with an IT company or your point of sale provider to make sure that protection is in place to help prevent malware from being installed on your system and compromising credit card security
Full article can be found here: http://www.paymentssource.com/news/retail-acquiring/fraudsters-punk-windows-point-of-sale-terminals-with-new-malware-3021141-1.html
Are you in the US and in need of no cost retail point of sale advice? I'm happy to help and can be reached on my cell at 208-340-5632 (I am on Mountain Time) or via email at kevinantosh@gmail.com. There is also a contact form to the right that can be used to reach me.
Thursday, September 4, 2014
What to Look for in a Point of Sale System: Security Settings
One area that many business owners overlook when searching for a point of sale system are the security settings. With nearly half of all retail theft being internal (employee) theft (per NRF surveys and studies), the ability to use security settings is an important aspect of a point of sale system. Some tips and things to look for when searching, selecting, comparing, or choosing a point of sale system for your business.
For those of you who don't want to watch the video, here is what I mention in the video:
The point of sale system that you are considering should have the following:
- At least 3 levels of security if role based (ie: “manager”, “lead”, and "cashier").
- Time clock only access if the system has a time clock function that all employees will be using
- Most common areas for employee theft are:
- Discounts
- No Sales/Voids
- Manual Price Changes
Other good security related setting to have are:
- Most employees should not be able to see cost
- Most employees should not be able to change item cost or quantity on hand
It may sound mean but employee theft accounts for nearly half of all retail theft!
Please visit my contact page for information on how to reach me.
Subscribe to:
Posts (Atom)