Many retailers have been rolling to smartphone and tablet POS systems over the last year as a way to improve customer experience. It is much easier for customers to get in and out of a crowded store when the associate helping them find a product can also process the transaction on a mobile POS system right in the aisle. This also cuts the lines at the registers down dramatically during busy hours.
However, mobile commerce in this manner is still a new phenomenon that is being tested and has kinks to be worked out — specifically when it comes to security.
A recent article from Dark Readings featured an interview with Mike Park, the managing consultant at Trustwave. He and his team have been testing mobile POS security and found a flaw where a stolen smartphone or tablet register could be jailbroken and customer credit card information can be broken.
According to Park, the issue is that encryption is handled entirely in the App. This is an example of security being an afterthought and opening up loopholes in the process.
"Retailers are making some poor choices at the beginning ... that are going to allow these kinds of systems to be compromised unless they think from a security perspective," Park said. "The big thing [they are doing wrong] is encryption in software. Regular POS systems don't do that — it's all done in the hardware."
With the help of a payment solution provider that specializes in mobile payment solutions, any retailer can ensure that security is a top priority during the implementation.