Guests want POS experiences that are fast, seamless and highly secure. Payment industry requirements ask us to maintain ever more layers of data security protocols. While we can all agree that POS security measures are an important part of operating a business, there are a few steps operators can take to help keep guests happy with frictionless service while protecting their businesses from a data breach. In today's blog, we highlight a few best practices.
Protection with EMV
Fraud risk will vary from business to business, and the decision whether to implement EMV can be made gradually depending on the overall business risk. For most, retail and gift card sales are critical areas to protect as they are generally more vulnerable to fraudulent activities. These are typically the first areas to make the EMV migration.
The operational impact of EMV can also depend on how it's implemented. Chip & Signature workflows, most common in the US, providing the least friction to the business - and the guest purchasing experience - since the mag-stripe 'swipe' is simply replaced by the EMV 'dip'. Some businesses using Chip & Signature EMV can migrate overnight with little impact to their operations.
Choose Your POS Carefully
Before embarking on your next POS system purchase, payment security needs to be at the top of the feature list. Not all POS systems can adequately support card data security. In fact, many all-in-one systems are vulnerable to a variety of attack scenarios as the card data may be in plain text within the POS system. Look for POS technology that's P2PE (point-to-point encrypted) as it encrypts data at the payment device and the sensitive card details remain outside the POS.
Update your Hardware
Another important first step is to ensure payment hardware is up-to-date. Many PCI auditors advise using validated P2PE payment device technology for all mag-stripe and NFC transitions.
Card data is always a target for fraudsters. The risk of a breach for unsecured businesses is steadily increasing as many companies are beginning to lock down their systems and data. To mitigate the risk of a data breach, a PCI-validated P2PE payment gateway technology works by 'eliminating' card data from the POS altogether. With the data encrypted from the payment device to the gateway, the hospitality industry benefits from reduced overall risk of data breaches.
Agilysys Inc. published this content on 19 October 2017 and is solely responsible for the information contained herein. Distributed by Public, unedited and unaltered, on 19 October 2017 17:06:00 UTC.
Original documenthttp://news.agilysys.com/payments/pos-security-best-practices/
Public permalinkhttp://www.publicnow.com/view/9BA10CC7F991E063F58AB19C2F6EEB212E7C68E0
Agilysys, Inc. is a provider of hospitality software that delivers cloud-native software-as-a-service (SaaS) and on-premises solutions for hotels, resorts, cruise lines, casinos, corporate foodservice management, restaurants, universities, stadiums, and healthcare. The Company offers software solutions to the hospitality industry, including point-of-sale (POS), property management (PMS), inventory and procurement, payments, and related applications, to manage the entire guest journey. It is a developer and marketer of software-enabled solutions and services to the hospitality industry, including software solutions with third-party hardware and operating systems; subscriptions and maintenance; and professional services. Its POS solutions include InfoGenesis, IG Flex, IG Kiosk, IG KDS, IG OnDemand, IG Quick Pay, IG Smart Menu, IG PanOptic Kiosk, and IG Digital Menu Board. Its PMS solutions include Agilysys LMS, Agilysys Versa, Agilysys Stay, and others.
AGILYSYS, INC. 
