Credit and debit card data theft is one of the earliest forms of cybercrime and persists today. Cybercrime gangs organize sophisticated operations to steal vast amounts of data before selling it in underground marketplaces. Criminals can use the data stolen from a card's magnetic strip to create clones. It's a potentially lucrative business with individual cards selling for up to $100.
There are several routes attackers can take to steal this data. One option is to gain access to a database where card data is stored. But another option is to target the point at which a retailer first acquires that card data - the Point of Sale (POS) system.
This white paper provides an overview of:
- POS security issues;
- Typical anatomy of attacks against POS systems;
- Steps to take to protect POS systems from attack.