Restaurants are high-volume businesses that process hundreds or even thousands of transactions a week. That leaves a lot of chances for cyberthieves to steal data from your customers, opportunities they seem to be embracing. According to the Trustwave Global Security Report, food and beverage is the second-most compromised industry, making it an easy target for hackers. Even franchise owners are highly vulnerable, as attackers can exploit a security weakness in one location, and use it to gain access at others.
As payment processing technology advances, so does the sophistication of cyberattacks. So how can you stay one step ahead and utilize fraud prevention to protect your restaurant? A combination of layered security measures will help. Here is a checklist of steps you can take:
1. On-location processing
When you add extra layers to transaction security, you make it that much harder for criminals to steal personal card data.
Encryption – This algorithmic formula encodes text into a non-readable format, a critical step to make sure the cardholder's data is protected the moment data is captured. However, an attacker can unscramble the card to get the information.
Tokenization – This complements encryption by removing coveted information, such as account numbers, and replaces it with a token that retains some of the data's original properties. Tokenization is useful because it allows a business to do recurring billing without taking on the risk of storing a customer’s sensitive data.
EMV Cards – EMV is an acronym for EuroPay, MasterCard and Visa, a consortium of companies that have developed global standards for smart cards that consumers can use to process transactions. Unlike the ones most consumers carry today, these cards feature fraud reduction technology in the form of a microchip that's embedded on the card. Unlike the magnetic stripe on conventional cards, the chip is a more secure container for the user's account number and other sensitive data.
2. Online ordering and reservations
If you allow customers to order food online or make reservations, having a secure POS is not enough to keep their personal information safe. Most restaurant owners use an internet firewall to keep unauthorized messages from infiltrating your system, but if you receive web orders or reporting from an external location, you will need to leave a door open for those messages to get through. Hackers can use that portal to get inside as well, unless you use a demilitarized zone, also known as a DMZ, to intercept and validate incoming traffic.
Putting a DMZ in place adds an extra layer through which messages are scanned and filtered before reaching your cardholder data environment. This will help reduce your risk and bring you closer to PCI-DSS standards.
Requirement 1.3.1 states: "Implement a DMZ to limit inbound traffic to only system components that provide authorized publicly accessible services, protocols, and ports."
A payment card data breach can be disastrous for restaurants, resulting in costly reparations and a damaged reputation. Restaurants that use unsecured networks, like wireless internet and cable modems, as well POS software that doesn't comply with PCI standards, run a higher risk of a cyberattack than most merchants. By taking some proactive steps to impede hackers, you can increase your business's security and reduce the collateral damage if you do experience a data breach.