In the retail world, many organizations have been looking to go mobile when it comes to the cash registers. This involves using smartphones and tablets with special credit card readers and applications to take the place of traditional POS equipment. Associates are now able to run a transaction from anywhere in the store, speeding up customers’ experiences.
While that all seems like a smart way to conduct business and meet consumer expectations, the entire system is not as positive as many think. A recent article from security blog Dark Reading featured an interview with Mike Park, the managing consultant at Trustwave.
Park and his team run a series of tests on mobile point of sale systems and have found that there are major security flaws that could result in the theft of customer credit card information. Because retailers rely on the card encryption capabilities of the mobile application, a simple jailbreak of the device unlocks that data.
“A lot of retailers are moving to ‘i’ devices because they want to look trendy, hip, and be a cool retail location. They don’t want those bulky mobile PoS devices – they want the cool Apple devices,” Park said. “The problem really is that it increases the attack surface and they don’t realize it.”
While mobile may be playing a role in the future of retail, it is not something merchants should be jumping on now. Instead, updating and securing existing point of sale systems is a far smarter objective that can put a business in a better position for future upgrades.