POS Systems Face Risks with End of Support for Windows XP
Microsoft will end technical assistance for Windows XP operating system on April 8, 2014. This includes automatic updates and regularly issued security patches. Systems that continue to use Windows XP after the deadline will face increased security risks, particularly if new vulnerabilities are discovered in the OS. Symantec pointed out in a statement today that many point-of-sales (POS) systems are still running Windows XP.
“There are many steps that POS operators can take to reduce the risk from attacks against POS systems but above all, the overarching reminder is to implement layered security on the POS systems and throughout the network,” said Nigel Tan, Symantec Malaysia's Systems Engineering Director.
However, a properly configured endpoint protection product can block even the most determined attacker, and this is especially true when it comes to a POS system. POS systems actually have a security advantage over a PC as a single function device. As no one on that device is web browsing, emailing or opening shared drives, the functionally of the machine and the files needed on that machine are limited. Tan added that that credit and debit card data theft continues to persist today. Attackers can target the point at which a retailer first acquires that card data – the point of sale (POS) system.
According to Symantec, by using a process known as “skimming”, card data can be stolen by installing a device onto the card reader, which can read the data off the card’s magnetic strip. However, as of end 2004, almost all credit cards issued in Malaysia had been replaced with chip cards, and Point-of-Sale terminals have also been upgraded to accept chip cards.
For the first half of the year 2005, statistics on credit card fraud showed that the number of cases and losses has declined by 43.2 percent and 33.5 percent respectively, compared with the same period in 2004. The EMV standards are set by the international credit card associations to curb counterfeiting fraud. Malaysia is the leading country in the region adopting EMV chip infrastructure to address counterfeit fraud.
For more news about Symantec, please click here