A few years ago, I received a call that my personal data had been accessed as a result of a large data breach at my credit card provider. One month later, a charge for a rental unit in Boston, Massachusetts appeared on my statement. Although I’d love to live in Boston someday, paying rent for a unit in another country was a clear indicator as to what had happened: my card and personal data had been compromised.
Breaches can happen at several levels – from this one, where a whole database was accessed, to an individual credit card station being equipped with the tools to steal your card number and PIN.
Credit card and personal data hackers are making more progress than ever before – at our expense. In 2018, the average cost of a credit card breach in the U.S. was $7.91 million. In the Capital One breach in 2019, over 106 million customers across Canada and the United States were impacted when a hacker retrieved personal data including social security numbers and income. With more sophisticated hacking mechanisms than ever, merchants must take action to protect themselves, their patrons and their reputation – sooner rather than later.
There are a number of ways that your food service operation can enhance security, from encrypted credit card processing, to cash handling practices, to proper reporting and audit logging. Every step that you take towards becoming a more secure food service operation has a lasting impact on your brand, safety and bottom line.
Payments-wise, there are a few key measures to take to help secure your payments and POS usage.
Select a PCI-validated, P2PE Solution for Credit Card Processing
The acronyms may sound intimidating – but they are absolutely worthwhile. The PCI Security Standards Council develops the standards for credit card and payments security to help foster a safer, more secure transaction experience. If you are accepting credit cards at your business, reviewing your PCI scope and selecting POS and payments partners that are PCI-validated should be top of mind. There are areas of your business where you may want to cut corners on cost – but do not let this be one of them.
So – how do you implement something secure?
- Ensure your payment devices are encrypted with point-to-point encryption. Providers like Bluefin develop these solutions, which reduce your PCI scope and ensure data is encrypted right at the POS device. Companies like Volanté provide the encrypted devices as part of your POS package, so it’s becoming easier than ever to provide this high level of security.
- Select a PCI-validated POS partner. As part of your POS selection process, ask the POS company to show you their proof of validation of PCI Compliance.
Implement Fingerprint Readers on your POS Terminals
By having your POS terminals integrated with fingerprint readers, cashiers are required to utilize their fingerprint to log in to the terminal and process transactions. While most locations use a code or swipe card, the chances of a code being compromised or a card being lost are quite high. With a fingerprint, every person accessing the POS terminal must be authenticated in this secure fashion – preventing unauthorized users from accessing your terminals and cash drawers, and adding an extra layer of security to your processing.
Beyond the payments aspect, there are many areas of your operations where you can be more secure.
Control your Cash – No More Sticky Fingers
Properly managing your cash drawer is incredibly important. In addition to theft, employees can make mistakes that result in your cash drawer balancing incorrectly (or not at all). Investing in a POS that has the following features will help control your cash drawers – and allow you to track mistakes should they arise:
- Cash drawer assignment: Know who is on each drawer for every shift, and prevent other cashiers from accessing the drawer without a manager override. This makes it easier to track things down should there be a discrepancy.
- Cash float input: Having your cashiers input a start and end float, without viewing or accessing their net sales, can help reduce theft. Simply count the money in the till at the beginning and end, deposit the difference, and allow your POS to calculate any over/under value, which can only be visible to the management team, if desired.
- Closed drawer sales: By preventing sales from being performed unless the cash drawer is closed, you are reducing the amount of time that the drawer is open, and reducing the potential for cash to be pocketed outside of the till.
Get Comprehensive Reports and Alerts
POS terminals can track every keystroke on your POS, and for each of these, a corresponding report can be found in the system. This will allow you to view and analyze your voids, refunds, “no sales”, and transaction behaviour. Some solutions, like Volanté, can take it one step further by providing flags or alerts when certain thresholds of behaviour are met, such as discounts over $25.00 or cash drawer opening alerts.
When it comes to security, it only takes one breach for your reputation to be destroyed and for your business to suffer financially. Implementing some of the tactics above can help your business stay more secure, keeping you and your patrons safe from malicious attacks. It can also help your merchants avoid paying rent for strangers in Boston – even though they may want to live there someday.