Avoid clients credit card info being sold on the dark web with basic cyber-security for retail
Many bars, restaurants and retailers provide WiFi Internet access for visitors. This service is helpful because 4G and 5G signal strength drops quickly inside buildings. As carriers move to higher transmission frequencies it will be more difficult to get a mobile phone signal inside a building.
The businesses that provide WiFi access for visitors often provide an open door for hackers who steal credit card information from point of sale (PoS) terminals. This is because the businesses connect a wireless access point to the same ISP network as the PoS terminals that must have Internet access to communicate with the credit card processors. A skilled hacker can connect to the business WiFi and get access to the PoS data in a few minutes. Stolen credit card information is sold on the dark web. It is easy for the credit card companies to identify where the information was stolen. The merchant has to pay compensation and possibly loose merchant rights to accept credit cards.
The payment card industry data security standard (PCI DSS) states that a public WiFi service must be connected to an Independent ISP service, or else connected to the business ISP service via a firewall. This is basic cyber-security information. Unfortunately many businesses do not follow these instructions, most of them don't know they have to protect their clients information and they end up paying a high price with compensation and can damage their business reputation. Businesses also need other cyber-security protections as hackers will attempt to access from the Internet or access the network through a staff device via an email virus that was download.
PCI DSS requires businesses that process large volumes of credit card transactions to have an annual audit by a PCI consultant to verify that the business follows PCI DSS best practices. It is wise to also to call a cyber-security consultant to advise about overall cyber-security protection and request the IT service company to install the recommendations. The cost of cyber-security will seem very cheap when a business that does not implement it gets hacked and ransomware is installed.
Guest Internet developed a PCI compliant firewall for WiFi Internet Hotspot controllers back in 2010 to prevent hacking and protect retailers, hospitality businesses and many other segments. Since then many tens of thousands of business have installed Guest Internet products to provide WiFi Internet for customers while protecting the customer information stored in the PoS terminals.
The Guest Internet WiFi Hotspot controllers for retail combines several features:
- Firewall to protect the business network by blocking visitor access.
- Set maximum data speeds to share the service between visitors.
- Set optional time limits for access (good for coffee bars).
- Option to request an access code (good for hotels).
- Block access to devices that have a virus.
- Option to request contact information from the customer.
A small business can install a low-cost Guest Internet wireless unit like the GIS-K1. It's a low-cost solution that will bring many benefits to your business.
Large businesses and hotels can install a larger Guest Internet gateway such as GIS-R10, GIS-R20 or GIS-R40 with multiple wireless access points.
Minimize the risk of getting hacked with a cyber-security assessment and then implement the recommendations given. Talk to us about the best solution for your business to avoid your clients credit card information being sold through the dark web.