18 October 2017
visit www.avoka.com

Visa Europe issues anti-skimming guidelines

20 September 2010  |  4521 views  |  0 Source: Visa Europe

Visa Europe, Europe's leading payment system, today issued the latest addition to its security guidance series on system vulnerabilities.

"Device Skimming: Attacks and Defence" is based on industry best practices to help retailers protect payment systems and limit the likelihood that they will be the victim of skimming attacks.

Skimming attacks involve criminal gangs who attempt to modify Point of Sale (PoS) terminals by fitting them with equipment that captures card information and potentially customer's PIN numbers whilst the card is being processed. To assist retailers, Visa Europe has developed a set of best practice guidelines to mitigate the risk of skimming attacks.

Effective management of PoS devices and increased vigilance can significantly reduce the likelihood of skimming attacks being successful. Following this simple set of guidelines will help make the payment system more secure. Visa Europe recommends that all of the guidelines should be followed in order to form a layered approach to system defence. Retailers should:

• Examine payment acceptance devices on a regular basis to identify whether the device has been altered or tampered with. This examination should include the retailer looking for: missing seals or screws, extraneous wiring, holes in the device or additional labels used to mask damages.
• Familiarise themselves with the environment in which payments systems are operating and be aware of any additional or unknown items that appear in the vicinity of the device. Many criminals use the areas surrounding PoS devices to install cameras to record customer PIN entry details. Retailers can use CCTV to deter criminals and help to protect the security of PoS devices. Cameras should be positioned to monitor the location of devices and not record PIN entry at the device.
• Secure their devices to prevent their substitution and protect against tampering. Where possible, cables connecting to terminals should be protected using a conduit or held within a physically secure structure. This should be carried out in accordance with relevant disability legislation for the country in which the device is deployed.
• Implement employment policies to ensure that appropriate background checks are carried out on employees who will be handling the devices. Employees should also be made aware of their responsibilities to protect PoS devices and be vigilant to possible attacks.
• Develop and implement policies and procedures to train staff to validate the identity of all payment systems repair technicians or any other entity who tries to either remove or install a PoS device.
• Use PCI Security Standards Council (PCI SSC) approved devices.


Stanley Skoglund, Senior Vice President Payment System Risk at Visa Europe, said "Skimming attacks are becoming increasingly sophisticated. Fraudsters operate in organised groups around the world and attacks are often difficult to detect. Visa Europe does not tolerate activities that undermine the integrity of the payment system as this has an impact on the trust that consumers have in your business. By taking an active stance, Visa Europe's guidelines highlight pro-active steps that retailers can take to ensure acceptance of card payments take place in a safe and secure environment and reinforce consumer trust."

Over the past year, Visa Europe has introduced a range of guidelines for retailers including advice on emerging technologies such as data encryption, tokenisation, and industry-specific whitepapers to help participants in the payment chain better understand their responsibilities related to securing cardholder data as well as providing simply guidance on how retailers can protect themselves from common attacks.

Comments: (0)

Comment on this story (membership required)

Related company news

 

Related blogs

Create a blog about this story (membership required)
Register nowvisit www.fivedegrees.nlvisit www.capgemini.com

Top topics

Most viewed Most shared
Ripple looks to drive bank adoption with $300m XRP rebate programmeRipple looks to drive bank adoption with $...
15412 views comments | 12 tweets | 4 linkedin
Swift positive on blockchain, but big challenges remainSwift positive on blockchain, but big chal...
8620 views comments | 16 tweets | 22 linkedin
hands typing furiouslyHow artificial intelligence can deliver a...
8155 views 0 | 8 tweets | 9 linkedin
satelliteGates Foundation backs Ripple collaboratio...
7666 views comments | 13 tweets | 10 linkedin
IBM uses blockchain to improve cross-border payments processingIBM uses blockchain to improve cross-borde...
6854 views comments | 9 tweets | 17 linkedin

Featured job

Competitive base + commission + benefits
Denmark, Finland, Iceland, Norway or Sweden

Find your next job