It's becoming a dangerous time to be a restaurateur.
This year alone, recent reports have surfaced that nationwide restaurant chains Wendy's, CiCi's, and Noodles & Company have been the subjects of data breaches, leaving millions of consumers' credit card information at risk.
Credit cards are - for many restaurants - seemingly essential. Most modern establishments won't even consider running operations without credit cards. Due to the nature of many restaurants, it's not uncommon for some to go completely cashless. But with large businesses now appearing unsafe for credit card processing, how can your restaurant secure its safety?
The security of transactions at your restaurant can boil down to the system you use to process credit cards. If cards are processed through your POS system, the security of that POS system is a crucial factor in safety. Should you choose the wrong POS system for your restaurant, your sensitive financial information (and that of your customers) could be completely vulnerable to hackers. So, what should be considered when choosing the right POS system to protect your restaurant and your patrons?
Let’s talk about the first thing you should consider when it comes to credit card security. All restaurants want to make sure they’re a trusted vendor in the eyes of their customers. The best way to do this is by making sure your point of sale system is PCI (Payment Card Industry) compliant. PCI compliance is described as a set of standards to “ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment,” thus allowing customers to trust you with their sensitive payment card information. It ensures that the extra steps have been taken wherever possible to ensure technological security.
Without PCI compliance, potential liabilities as listed by the PCI Security Standards Council include diminished sales, high legal costs, lost jobs for C-level executives, and even going out of business entirely. With all that at stake, it’s safe to say that PCI compliance is something your restaurant cannot afford to go without.
Cloud-Based Point of Sale Software
To safeguard your information, cloud-based POS systems are a much wiser and safer way to secure your restaurant's information compared to legacy POS systems for a multitude of reasons. Primarily, this is because legacy POS systems store information in the technology within the restaurant. Here’s an excerpt from an earlier Toast blog post on POS safety:
Due to this practice of local storage, this puts customer credit card information at a substantial risk compared to cloud-based POS systems, where information is instantaneously transferred to the next step in the transaction process.
Encryption of Credit Cards
Credit card information is very tempting to data hackers - but there’s no point in stealing information if they don’t understand it. Now some point of sale systems have the capability to immediately encrypt credit card information as soon as the card is swiped. As part of the encryption process, everything is immediately and securely transferred throughout the transaction process.
When this sensitive information is encrypted, both you and your customers can take comfort in the security of the transaction. Encrypting a credit card number in the card reader hardware, as soon as the card is swiped, means that an attacker cannot steal credit card numbers by installing malware on your network. At that time, there's no worthwhile information to steal on-site, so the risk of information theft decreases dramatically.
SaaS Model with Regular Software Updates
Technology is always changing, and that’s a good thing for your restaurant - but only if you’re using the right software. POS technology and software providers that do not send out regular updates leave your company in danger. Why? Because modern systems receive regular updates.
Software as a service (SaaS) provider models of POS technology are typically priced on a monthly basis. This is done not only to provide technical support, but also regular software updates. Included in these updates: security enhancements to safeguard valuable customer information. When software engineers pick up on a possible area for a security breach, they dedicate time to fixing things and resolving the issue for a subsequent software update.
As a plus, ensure that updates come frequently from both your POS provider (the company you pay a monthly subscription fee to) and your operating system (what runs the hardware you use – i.e. Android or Windows). This way, you are covered on every angle. Since Windows XP-based POS systems no longer receive those crucial updates, consider an Android-based system so that you'll be a safer business for credit card transactions.
RELATED ARTICLE: Tablet POS Systems: The Benefits of Android POS Hardware
Staying Ahead of Hackers
If a POS provider says they have made improvements to their software to prevent the actions of a recent hack after the attack happened, take it with a grain of salt. While this seemingly reassuring message suggests they are on top of safety, it actually means they were just as susceptible to a breach in the first place. This is reactive – not proactive. Instead, look for a POS software that reviews historic hacks, and was proactive. While there is no such thing as an invincible POS provider, there are those that have made purposeful and intentional decisions to cover their bases more than others. One of these POS providers should be the one you should be using in your restaurant.
The sad truth is that we live in a world full of cyber threats, identity theft, and credit card hacks. It's a harsh reality faced by all businesses, including restaurants. But for the sake of yourself and of your customers, taking the time to research and wisely choose a safe, secure, and trustworthy restaurant POS may just make the difference between a thriving business and a hacked establishment.