Card Skimmers Found On Florida Nordstrom’s Cash Registers

November 5, 2013

Just caught an article from last month, where a group of men installed card skimmers on cash registers in a Florida Nordstroms. The registers used the PS/2 port on the PCs for keyboard entry, and so any text sent to the register would be caught by the skimmer. Unfortunately, the keyboards used generally have the credit card reader built into the keyboard, so that means credit card data was being sent as plain text through that same port. That’s a really big risk for cardholders and Nordstrom.

I’m not sure how they were able to hot install a PS/2 device without having to reboot the PC. In my experience, unplugging a PS/2 mouse or keyboard usually meant you had to reboot the PC to re-establish the connection. But they were able to get the skimmer installed somehow, so that’s a threat right there. Also amazed that PS/2 is still being used in industry. When I started, support handled a 50/50 split between PS/2 and USB-based keyboards and input devices. Today, it’s closer to 95% in favor of USB. It’s just easier to use and troubleshoot.

Anyway, as I’ve mentioned in previous posts, if third parties have access to your POS system, they have access to everything on it, including credit card data. It doesn’t matter if your processing software encrypts it before it shoots it off to the internet, the data is still available at some point on the computer. That’s why companies like MagTek have created great products like the Dynamag, which can encrypt the data in the MSR itself before sending it to the PC. So even if it does get compromised, all the thieves get is a garbled mess.

With PCI compliance becoming more prevalent, and merchants facing fines for data loss, doing what you can as a business owner to mitigate the damage now is a great way to avoid paying a steep fine later. We have the Dynamag available for a little over 50 dollars, and your merchant account provider can encode it usually for a nominal fee, or even for free. Seems a lot cheaper than a $20,000 fine for a data breach.

Card Skimmer Caught In WA State

May 31, 2013

As PCI standards have become more stringent, there’s been some hesitation from retailers and restaurant owners. Ensuring your business is compliant can be expensive, and the standards have been a relatively mobile target over the years. One of the big ones on the horizon is table-side payment, which can be a tremendous cost, including mobile computers and software to take payment.

But the upside is your customers can be certain that their card isn’t being compromised, like in this KIRO article of a Red Robin employee skimming cards and then making major purchases with the card data. If you don’t feel like checking out the nitty gritty of the article, the employee had a secondary card reader, probably something that paired with her phone or maybe a custom built device to batch store card data. When she’d ring up the customers, she’d also swipe the card in the device and have all the info needed to perform online purchases.

This is usually the portion of the post where I talk about the great products that make it easy to have table-side payment. And there are some options available, such as the Motorola MC40, or mobile card readers for iOS & Android devices. But the big thing is that these kind of situations can cause problems for business owners, such as an increase in liability insurance, or increased processing fees. So while meeting PCI standards can have a steep initial investment, in the long term you are definitely going to save money and provide a safer and better experience for your customers.

Mobile POS System

April 3, 2012

We’ve kicked around the idea for a mobile POS system for a few years. Unfortunately, the products were always really expensive, or the software required specific hardware which made support difficult. Since our first attempt, prices have normalized, and we’re proud to announce the POSGuys.com Mobile POS System. I’d throw beta up on there, because I’m pretty sure once it gets going, we’ll need to make changes, but for now it looks like a good fit for farmer’s market, line busting, or any POS application where being able to wander around is important.

The PartnerTech EM-200 tablet PC powers the system, running Windows 7. This was always the hardest part to find: a good, affordable tablet PC that is a little tougher than consumer units. The EM-200 comes with an energy efficient 1.6GHz Intel Atom processor, 1 GB of Memory, and 160 GB hard drive, similar to what you would see on a secondary POS station or maybe a thin client. You also get bluetooth and 802.11b/g radios standard, which seems important when you want to flit about while ringing up customers.

By default, we pre-load the EM-200 with Proxis Store Manager POS software, which is pretty easy to setup and use and works well for a variety of retail locations. The software provides standard retail functionality, as well as consignment and rental options, giving you choices when setting up your business.

For receipt printing, we’ve paired the EM-200 with the Star Micronics SM-S300 mobile printer. The lightweight printer is compatible with Store Manager’s receipt formatting, and comes standard with Bluetooth printing, great for easy wireless compatibility. We also preinstall the drivers on the EM-200, cutting down on setup for your business.

Additional hardware is available if you need greater functionality from your system. If you need to take the Mobile POS Sytem into hazardous locations, or are worried about damage from drops, our ruggedization kit is a great fit. The kit adds in the EM-200 protective jacket with handstrap and credit card reader, as well as replacing the SM-S300 with the more durable Star SM-T300 receipt printer. The rugged kit is a good fit for food trucks or concessions vending, situations with a lot of hustle & bustle.

We also offer a stationary kit, which includes the EM-200 POS base and adds in an Epson ReadyPrint T20 receipt printer and POS-X EVO-CD cash drawer. Sometimes it’s nice to be able to help customers, do inventory checks, etc. with greater mobility, but still have a POS checkstand at your business. We feel this gives you the best of both worlds, without having to purchase an entire secondary POS System.

Other add-ons complete the retail POS experience, including the Motorola CS3070 bluetooth barcode scanner and high speed credit card processing. We also offer a year of telephone support free, helping you get set up and familiar with the system, as well as a 1-year warranty on top of the existing hardware warranties. We’re really proud of this system and believe it’s a great fit for any business wanting the mobility not available with a stationary POS system.