Data Breach , Fraud , Payments

POS Security Essentials: How to Prevent Payment Card Breaches
POS Security Essentials: How to Prevent Payment Card Breaches

Financial criminals breach hundreds of merchants each year, displaying a better understanding of how point-of-sale systems operate than even the technicians that maintain them. Security professionals must understand POS architecture, integrated payment processing and weaknesses in the technology, so they can better protect organizations that handle payment card information.

Register for this session to learn:

  • The POS essentials about how card data flows when transactions are processed;
  • Which attack vectors POS hackers continue to exploit successfully;
  • Effective attack mitigations that can stop organizations from being breached.


Payment card data breaches are a big deal in terms of both overall economic cost and the effect it has on merchants. For small businesses, breaches often put them out of business, affecting the livelihood of their families and their employees' families. As a low hanging fruit, awareness-raising can make a real world difference in our communities. For large businesses, there's a lack of awareness surrounding the sophistication of the attackers targeting them due to news reports focusing almost exclusively on "malware" as though virus infections are the problem.

Security practitioners need to know how these niche systems work and where they're vulnerable to better protect businesses and innovate on electronic payment security. There are several common false premises when it comes to how POS systems handle card data and the security benefits of payment security technologies. A primary goal of this session is for attendees to be able to construct educated opinions about payment security in order to avoid common mistakes, formulate effective risk mitigation strategies and see through vendor hype.

By receiving a crash course on POS systems and the payment processing infrastructure, attendees will learn the most critical unknowns in this niche industry as it applies to protecting cardholder data. Next, showing the exact data transferred by card readers and mapping out how it flows throughout the entire lifecycle of a transaction will reinforce the conceptual understanding. Revisiting where card data is vulnerable to data theft techniques will solidify the big picture. Lastly, simple recommendations for protecting small businesses from opportunistic attackers and strategic recommendations for larger businesses facing targeted attacks will be presented to drive prioritization in the most efficient and effective manner.


  • How opportunistic attackers breach small businesses; and highly skilled targeted attackers bypass multiple layers of defense;
  • Common misconceptions on payment security, attacker methodology and how to see through security vendor hype;
  • Effective and efficient risk mitigation strategies for both opportunistic and targeted attackers.

Around the Network