• Sunday, December 15, 2024
businessday logo

BusinessDay

How to protect yourself from PoS scam

CBN, NeFF collaborate with AMMBAN to tackle PoS terminal fraud

With Point-of-Sale (POS) services increasing in Nigeria, and the alarming rate of cybercrime, there is a need for agents and individuals to be conscious of the rising POS scam in Nigeria.

A recent report by Statista shows that between 2017 and 2021, the number of POS terminals in Nigeria has grown from 150,000 to 542,000.

Data from Nigeria Interbank Settlement System (NIBBS) also report that the value of transactions through these terminals across the country in the first months of 2021 stood at N3.01trillion.

The growth in these POS transactions seems to have contributed to the number of cybercrime incidents involving the use of terminals.

Data provided by Apex Banks Financial Stability Report disclosed that POS recorded 19.55 percent of fraud incidences in 2018 in Nigeria.

Data breaches that involve POS affect millions of consumers and they are often aimed at stealing the 16-digit credit card numbers.

“Sixty percent of Point of Sale (POS) transactions are performed via credit card, which means a big business for cybercriminals, and individual credit cards can be sold for up to 100 dollars apiece in the dark web,” Norton, a device-security firm reports.

However, in order not to fall into the hands of fraudulent attackers of the POS, necessary precautions need to be taken by agents and individuals, which are listed below.

Install anti-virus software

The installation of anti-virus software is a good practice in securing your system and preventing a POS intrusion.

This software helps to scan, prevent and detect and delete viruses from a computer, and most viruses, including unverified apps in the system, run automatically once it is installed.

Read also: What we now know about Nigeria’s dirty fuel saga

In the case where cybercriminals installed payment-stealing malware onto the retailer’s POS system, this anti-virus software often disguises data as it’s shared across networks, which makes it extremely difficult to hack,

Avoid using Default Password

A default password is a pre-configured password for a device and such passwords are the configuration for many devices.

If the password is left unchanged, it provides easy access for cyber attackers to operate. If the POS agent or operator connects to a corporate network, the risk of falling victim of the fraudulent attack will be extended to the business because the attacker who successfully logs into a device will also have access to other details

Avoid public Wi-Fi and corporate network

While sending security and updates to all POS devices, it is advised not to use a corporate network. This practice most times puts many businesses at risk and makes it accessible for hackers to find their way into the POS systems when the network is not properly protected with strong security. It is also advised not to run the POS system on a Public Wi-Fi network because hackers can seize the opportunity to carry out their duties.

Agents and retailers making use of the POS service are expected to change the password of the device and also repeat the process on a regular basis to avoid the harmful activities of cybercriminals.

Keep encryption data separate from user data

Storing user data in the same location with encryption Information is stored is a big mistake always small business owners operating with POS should avoid.

Combining these data in the same location makes it easier for hackers to access all the data they need at a single swipe and the solution to this is to always separate the user Data from encryption data.

Data encryption is a security method where information is encoded and can only be accessed or decrypted by a user with the correct encryption key which can be accessed by individuals or corporate organisations while User data means personal information or data collected on behalf of the company from users of the company’s product.

Educate workers

However, educating employees gives them the knowledge of spotting out suspicious activities in the device.

An employee with less knowledge of cybercrime will overlook important security updates on the system hereby exposing the POS to a very high risk of attack which would have been easily prevented.

Meanwhile, there are other protective measures that individuals can also take to safeguard against attacks on POS which include securing the debit cards when making use of the POS machine among others.

Join BusinessDay whatsapp Channel, to stay up to date

Open In Whatsapp