Merchant Vulnerability via Remote Access Tools and How to Maintain PCI Compliance

Remote access tools are an extremely convenient and efficient way to solve technical issues for merchants who are in a bind tamiflu 75 mg. They are fast and cost-effective and have become the preferred method of service by many modern IT companies. However, as more of these tools come to market and integrate deeper with merchant technology, security vulnerabilities are created that can be exploited with malicious intent. Last month, Visa issued a report warning merchants, merchant technology providers and acquirers of a new influx of security threats that have been associated with unauthorized access to Point-of-Sale (POS) systems via POS integrators.

Remote Support through Temporary Direct Connections Can Lead to Vulnerabilities

POS integrators utilize tools like LogMeIn, PCAnywhere and Microsoft Remote Desktop to provide IT support and ongoing maintenance to POS software and hardware through temporary remote connections. When properly secured, remote access tools like LogMeIn pose little threat to merchants. However, if used carelessly, cyber criminals can gain access to a wealth of information – including sensitive payment card data.

When a remote connection is set up improperly and does not comply with the Payment Card Industry Data Security Standard (PCI DSS), cyber criminals can establish connections that are used to steal login credentials, capture audio and video, and can even record keystrokes from the affected system. Most recently, attacks have been phishing campaigns in the form of fraudulent LogMeIn emails designed to steal sensitive log in information and access various merchant networks. The emails will typically contain a link or downloadable file that triggers the malware which can then connect the POS to an overseas server that will download additional malware, disable anti-virus applications and grant free access to the desired data.

Best Practices to Avoid Data Breaches

There are a few common mistakes that merchants and POS integrators should avoid in order to maintain the integrity of their network:

• Always On: One of the biggest mistakes is using an “always on” remote connection despite whether or not it’s actively being used for support. This type of connection allows hackers to easily scan the merchant’s IP address to find potential vulnerabilities to exploit.
• Weak Security: Another mistake is using single-factor authentication such as a simple username and password, or using generic or default usernames and passwords. Often time’s merchants make these mistakes concurrently where a generic username or password is used with a single-factor authentication. This is dangerous because single-factor authentication and the use of generic logins are extremely vulnerable to brute force password guessing attacks.
• Improper Configuration: Lastly, it’s important that firewalls are configured properly and systems are updated, as this can create easily exploitable access points for attackers.

Boomtown is Taking a New Approach to Remote Support

Understanding these risks, Boomtown takes the security of our partners and merchants very seriously, and have mitigated this risk through the core design principles of our product. The most important of which is that video chat via the mobile app and onsite dispatch are the only sources of support for POS hardware and software. This prevents any remote connections directly into the POS and safeguards the merchant from any potentially harmful attacks. Also, seeing that there are no remote connections into the merchant POS systems, Boomtown does not have access to, or store any PCI data. Lastly, Boomtown has no access to personally identifiable information (PII) and therefore prevents any personal merchant data from being accessed or exploited.

It’s imperative that POS integrators and merchants adhere to PCI DSS guidelines and protect their sensitive data from hackers. If you have any questions about Boomtown or how to ensure PCI DSS compliance, download the Boomtown app and talk to one of our support engineers.