CONTINUE TO SITE »
or wait 15 seconds

News

ATMIA releases best practices for POS security

July 4, 2007

LONDON - The ATM Industry Association's Debit Council says it is renewing its push for better security best practices at POS terminals, as criminals continue to compromise cardholder information by targeting out-of-date or improperly configured POS hardware and software.
 
According to Fair Isaac, more than 90 percent of card and PIN compromises in 2006 took place either inside outdated POS terminals or through improperly configured POS software coupled with poor key management practices. 
 
"All parties in the electronic payments value chain must be vigilant in the protection of our customers' data," said Mike Urban, a member of the Debit Council and Fair Isaac's senior director of fraud solutions. "The compromise of cardholder data is one of the biggest security risks retailers face. States (in the United States) are moving forward with legislation placing liability on merchants who are not appropriately safeguarding cardholder information."
 
An estimated 20 million POS devices are installed worldwide. The automation of credit and debit card transactions at the point of sale has been growing since the early 1980s.
 
In response to growing fraud trends, ATMIA has published Best Practices for Protecting the Point of Sale Lifecycle. According to ATMIA, the best-practices manual includes collaboration from both the ATM and POS industries - and represents the first time the two industries have worked together to produce security best practices for the entire POS lifecycle. The lifecycle model defines and addresses eight phases: cardholder security, compliance to existing industry standards, secure deployment of devices, physical security, PIN and encryption security, software security and security during the final de-commissioning process.
 
"The beauty of the lifecycle model is that it helps security practitioners to identify possible security vulnerabilities throughout the life of each POS device," said Mike Lee, ATMIA's chief executive and founder of ATMIA's Global ATM Security Alliance.
 
This manual is intended for retailers, POS processors, encryption service organizations, auditors, and security personnel and managers who have responsibility for securing POS installations and for meeting network and PCI requirements.
 
ATMIA expects to host a Debit Council meeting during its ATM Security in the Americas 2007 conference, which runs from Sept. 11 through Sept. 13, in Las Vegas.
 
For more information, contact Mike Lee.

Included In This Story

ATM Industry Association (ATMIA)

The ATM Industry Association, founded in 1997, is a global non-profit trade association with over 10,500 members in 65 countries. The membership base covers the full range of this worldwide industry comprising over 2.2 million installed ATMs.

Request Info
Learn More

Related Media

Security
Examining biggest ATM security issues and 4 strategies to prevent them
Security
Banking privacy: 5 benefits for banks, customers
Security
Protecting an ATM's hardware, software by slowing down criminals
On-Demand Webinar
A Masterclass in ATM Security: Global Best Practices and Trends
Presented by Diebold Nixdorf
Recent Posts
SEC accuses former ATM businessman Daryl Heller of funneling $185M from investors
Fifth Third named as top veteran friendly employer
DC AG sues Bitcoin ATM operator Athena Bitcoin for allegedly exploiting scam victims
NCR Atleos earns #5 rank in fintech rankings
SEC to revamp cryptocurrency policies amid Trump's pro crypto push


©2025 Networld Media Group, LLC. All rights reserved.
b'S1-NEW'