‘Man in the middle’ method could leave users vulnerable

New hacking techniques can attack old POS terminals and force merchants to stay on their guard. According to

As the name implies, a Man-in-the-Middle attack places a device between the POS computer and the initial keypad, the source said. The attackers can gain personal payment data by hiding within the legitimate systems, and the same can reportedly go for malware as well as the physical device used in the example.

To prevent this threat, merchants may need to safeguard systems to address data exposure. One of the merchant's best bets may be PCI Council-compliant software. The

Not surprisingly, the latest version of the PCI Data Security Standard includes encryption requirements. According to Dark Reading, this version said that the standard is changing to define encryption methods more specifically, eliminating elements that could represent vulnerabilities.

Back in April, PCI CTO Troy Leach described the users the business hoped to reach.

"We are really making a strong effort to reach the SMB community," Leach said. "The program for merchant banks is also important because they have a very challenging time interfacing with all their merchants and the role of PCI compliance plays to better secure payment environments."

Credit card POS software experts can give users the guidance they need to use these tools correctly to better protect customer credit card data from security threats. Contact 911 Software today to learn more about our customer-ready solutions and the way they can improve payment activities. PCI compliance is a good way to address possible system flaws, but it isn't the only method and should be coupled with professional knowledge.

Scroll to Top