As business owners take steps to secure non-mPOS hardware and software, they can do the same with mobile systems.
Keep in mind that the devices used for mPOS—like smartphones and tablets—are just sophisticated computers in miniature. They face many of the same threats as desktop and laptop computers or POS hardware might, but often lack needed safeguards. But it doesn't have to be that way.
Planning for and deploying a secure mPOS system means ensuring each device carries security measures like complex passwords and multi-level verification. Business owners should also restrict access to mobile payment devices and should complete regular security scans. Then it's time to look at the system as a whole.
When you're working with a client to add or upgrade POS solutions, focus on three security concerns specific to mobile systems and strategies to overcome them:
- Security challenge: Unsecured wireless networks
Most fixed POS solutions sit behind a secure firewall and have limited Internet access points. It's just the opposite for mPOS.
A truly portable POS system requires Internet access via cellular or wireless networks. But payment transactions shouldn't run on unsecured networks also used for public access.
Key takeaway: When talking with clients about mPOS solutions, start with a wireless assessment. This audit ensures that the business has the needed network coverage. That means that the system will have adequate bandwidth for payment processing and won't face intermittent signals or loading issues.
Then recommend deploying the wireless network via an enterprise access point. This strategy will separate networks used by employees and customers and improve mPOS security and signal coverage.
- Security challenge: mPOS hardware without encryption
The safest and most secure mobile card readers incorporate encryption from the moment the card is dipped or swiped until the transaction is complete. That means that anyone gaining access to the mobile device would never see sensitive card data that could be used for other fraudulent activity.
Point-to-point encryption safeguards sensitive cardholder data even if a POS device is compromised.
Key takeaway: When recommending an mPOS solution, always choose an encrypt-at-swipe card reader and avoid those that allow manual entry of credit card numbers.
- Security challenge: Non-EMV-ready mobile card readers
mPOS solutions should be equipped to handle the new chip cards. Adding a non-EMV-ready card reader is like punching a hole in your POS security and inviting fraudulent transactions.
The good news is that most mobile card readers currently available include chip card capabilities.
Key takeaway: Remind your clients that both fixed POS and mPOS systems need EMV-compliant card readers. By following this simple advice, business owners will avoid unneeded fraud liability, give customers an increased comfort level, and deploy the most advanced mPOS technology on the market.
Building a strong mPOS system means layering security and encryption strategies to keep customer card data safe.
What security challenges are your customers most concerned about with their POS solutions?