Let’s talk about C-store data protection for a second. We’ve all heard of hackers and thieves preying on customers, but what is it they’re after? Credit card number? PINs? Passwords? The answer is “all of the above.” It seems that hackers and thieves will stop at nothing to get after your customer’s precious data.
From PINs to Passwords, your customers may be vulnerable at your store. Here are a few weak areas to look out for, as well as how you can make your system secure and cut down risk to you, and your customers.
Weak Spots in C-stores
Loyalty Programs- A large risk area within convenience stores comes from loyalty programs. When collecting customer data at the point of sale and then transmitting it over the internet, there is lots of room for security breaches. With a modern POS system and encrypted back office management, these risks can be greatly diminished.
Outdated Credit Card Processing Systems – Another weak spot some retailers are facing has been the reluctance to make the switch to EMV (“chip card”) compatible systems. While the switch is certainly a costly endeavor for business owners, it can be an even costlier risk for consumers if these systems aren’t updated.
Although outdated magnetic strip systems are still technically legal, they’re the most insecure form of payment. Moving to “chip card” compliant terminals will not only save consumers, but it may also save c-store businesses from being held liable if there is ever a breach of security.
Skimming – Still reigning supreme as the largest issue retailers face is credit card skimming. While most convenience store owners and operators have updated their security systems and protocols, they just can’t seem to keep up with skimmers. We’ve spoken about this in the past, and how CStore Essentials can help manage the risk of falling victim to skimmers.
Internet of Things – It doesn’t usually cross the minds of the everyday business owner, but innocuous things connected to the internet can be a seriously huge liability for data breaches. Anything from HVAC systems to lottery machines, to programmable Slushie machines; all pose risks that make them vulnerable to hackers.
With access to your wireless network, a skilled hacker could walk right through the electronic open door and wreak havoc on your other systems. Password protect your network and change passwords frequently. Limit access to ownership and management. Fewer people with a “key” means that the “door” stays locked.
Let’s Talk Liability
Where the liability falls on C-store data protection has been a hotly debated topic for a while. Who is truly at fault if a customer’s personal information has been put in jeopardy? The customer who signed the “terms and agreement”; or the retailer who supplies the services?
“There is so much confusion through the entire c-store and petroleum market about data-security requirements,” says Shekar Swamy, president and senior security strategist for Omega, Ellisville, Mo. “[But] acquiring banks and processors have stated many times: It is the retailer who is responsible for maintaining data security at the retail chain.”
Advances in technology continue to present challenges for courts and legislative bodies to keep up with liability laws and protections. In the short term, it does seem as though you, the retailer, are liable in a variety of situations.
Improve Protections, Increase Your Security
PDI CStore Essentials protects your data according to industry standards and best practices used by banks and financial institutions. All information is stored and backed up on Amazon Web Services' data centers.
Thieves and hackers will continue to try and find ways to breach your security and jeopardize your customer’s data. Thankfully, the industry is constantly taking steps to fight theft, and CStorePro will continue to work hard to keep your data safe.
Read more about how to secure your C-store data here.
