Archive for category EPoS
Visa Europe releases best practice guidelines to help hotels protect customer data
Posted by admin in EPoS, Legislation, News on July 26th, 2010
Visa Europe, Europe’s leading payment system, today launched the first whitepaper aimed at helping the hospitality industry safeguard customer data. ‘Hospitality Breaches on the Rise’ offers insight on how cyber-criminals target hotels, and guidance on how data can be protected to help businesses comply with the Payment Card Industry Data Security Standard (PCI DSS).
Research by Trustwave, a Visa Qualified Forensics Investigator (QFI), found that 38% of all card compromise incident investigations in 2009 occurred in the hospitality industry – highlighting the need for hotels to protect their payment systems.
Hotels can have more complex payment systems than other retail businesses, making it harder for them to achieve PCI DSS compliance. Compared with some retailers who may have only one point-of-sale, customer card data is stored and retrieved at multiple pay terminals within hotels, such as the reservation desk, restaurant, bar, or for room service, internet access and online bookings.
Visa Europe and Trustwave, in consultation with leading hotels, has developed a series of recommendations to help hoteliers and franchises lower the risk of security breaches:
· Change vendor-supplied defaults for passwords or other security information for Hotel Management Systems (HMS) and Point of Sale (POS) payment systems. The HMS is the central and core component in which cardholder data is stored, processed and transmitted to perform authorisation and settlement across other payment terminals in the network
· NULL sessions (unauthenticated connections to a Windows computer) should be disabled. This is the number one method for hackers to gain information on passwords, groups, services and users
· Install and maintain a firewall to protect data. HMS and POS payment systems should not be directly accessible via the Internet; inbound traffic should be blocked and outbound services should be filtered
· Assign a unique ID to each person with computer access and implement a dual-factor authentication method for remote system access via the Internet. This will mitigate unauthorised access into HMS and POS payment systems
· Track and monitor all access to network resources and cardholder data to track and monitor anomalies and suspicious attack activity
Stanley Skoglund, Senior Vice President Payment System Risk at Visa Europe said, “Cardholder data held by hotels is a potentially lucrative hub of information for fraudsters who view the hospitality sector as an easy target. By understanding the nature of security threats and the preventive measures that can be taken, hotels can reduce the risk of compromise. Hotels make up a large proportion of data compromises and Visa Europe is keen to work alongside the industry on initiatives like this white paper, to help increase awareness, to help strengthen defences, and reinforce consumer trust.”
Visa is introducing a range of guidelines for retailers including advice on emerging technologies such as data encryption and tokenisation, which help secure card data when it is either being moved or stored and make it simpler to achieve PCI DSS compliance.
For more information for Visa’s PCI DSS compliance guidelines and Visa’s Hospitality Breaches on the Rise whitepaper click here and look under Vulnerability Guidance
Little Chef goes contactless with Barclaycard
Little Chef today announces that it will be helping customers to beat the rush hour by deploying a contactless payment system using Barclaycard technology across all 173 Little Chef roadside restaurants, including its Coffee Tempo brand and Burger King franchises. The payments system will allow customers to purchase meals quicker and easier, letting them get straight back on the road for their onward journey after their meal.
Following successful rollouts of contactless by Barclays and Barclaycard in London across establishments such as EAT. and Subway, Little Chef’s adoption will see the technology implemented in all of its outlets. It is the first UK restaurant group to fully embrace contactless.
Little Chef is positive that contactless will improve the overall experience for its guests by making the payment process as efficient as possible. The contactless payments system is live now and will be promoted to customers with a full range of Point of Sale material in all restaurants. The restaurant chain has opted for Barclaycard’s own technology and had new machines installed to support this where required.
Tracey Mulligan, Interim Managing Director, Little Chef said: “We’re constantly working on improving our offer within Little Chef. As well as food and service, technology plays a big part in improving the customer experience and making our offer relevant to today’s busy traveller. We believe that contactless is an important part of the future of payments and are committed to embracing it in its early stages.”
Stuart Neal, Head of UK Payment Acceptance, Barclaycard, commented: “The rollout at Little Chef is a significant development in the progress of contactless. The technology fits just as well in a restaurant as it does in a coffee shop or retailer, and the nature of Little Chef’s business means that its customers are looking for a quick and convenient pit stop. It is also encouraging to see contactless being established outside of central London, meaning that our eight million contactless cardholders across the UK can make full use of the technology.”
Barclays and Barclaycard are the leading providers of contactless debit and credit cards and terminals in the UK. Since September 2007, they have issued over 25,000 contactless terminals, enabling retailers to manage transactions quicker and more easily.
Contactless allows customers to make purchases of £15 or less, without the need to enter a PIN or enter their card into a payment terminal. Once the card has been held over the contactless terminal, the transaction uses a secure network to automatically add the purchase to the customer’s credit card bill or debit it from their current account.
Tossed beats the queues with pointOne EPoS
pointOne, a leading supplier of EPoS (electronic point of sale) technology has supplied Tossed – the healthier eating place, with a new electronic point of sale solution to replace the company’s old cash till technology across the group’s seven stores.
Tossed’s Vincent Mckevitt explains the reason for the upgrade “We needed to have better business information in order to expand, and the only way we could achieve this was to upgrade our point of sale system, so we could access information and reports in real-time from a centralised source.”
The new pointOne EPoS solution will enable Tossed to hold information such as menu details; pricing and special offers in one place, as well as increase their throughput and improve customer service.
Following initial installation, Tossed has undergone dramatic growth and now has 7 outlets with 3-4 pointOne terminals installed at each site. Vincent continues “The great thing about pointOne EPoS is that it is fast and reliable at the point of sale, which reduces stress for the team during peak servicing periods and our guests love it because it busts the queues”.
Using pointOne’s Head Office product Vincent can also manage Tossed’s chain of eateries remotely, irrespective of location. He added “I can sit anywhere in the world, even on the beach, and still be in control of our business which gives me a great sense of freedom. I can monitor team performance, and even send them a message saying hi”.
Tossed are delighted with their new EPoS system and Vincent said “pointOne EPoS is a very good system for the hospitality operator. I would have no hesitation in recommending this product; it really has transformed our business”.
Using pointOne EPoS Tossed has realised the following benefits:
High throughput of customers at its outlets
Enhanced customer service
Ease of use reduces training and errors
Automated & comprehensive customer billing
Security and accountability
Discourages fraud
Improved management reporting
Improved stock control
Remote access to financial information from any location
For more information visit : www.pointone-epos.co.uk or call on 0845 862 0005