The Frontline Defenders’ Guide: How to Safeguard Customer Data at the Point of Sale – The Aussie Way
G’day, point-of-sale warriors! Ever feel like you’re in the frontline trenches, battling against identity theft and credit card fraud? Well, you’re not just feeling it—you are in the frontline! In Australia, fraud losses on card transactions totalled $464 million in 2019, and a hefty chunk of that was due to point-of-sale skulduggery (Australian Payments Network).
1. Keep Digital Snipers at Bay: Screen Privacy
Ever felt that bloke behind you is getting too curious? Yeah, we’ve all had the ‘stickybeak syndrome.’ Utilise screen filters or privacy screens to make sure that only you and the customer can see what’s displayed. Make it a standard to use built-in security features like Windows’ Dynamic Lock or MacOS’ Screen Lock to automatically lock the screen when you step away.
2. Mates Don’t Discuss PINs: Keeping Conversations Confidential
Having a chinwag is great, but discussing personal data openly? Nah, mate. Whenever you need sensitive information, ask the customer to either show identification or jot down the details. For heightened security, use encrypted customer-facing PIN pads where they can safely input their personal details, like Ingenico or Verifone systems.
3. Don’t Be a Galah: Secure the Paper Trail
You wouldn’t leave your sunnies or stubbies lying around at the beach, so don’t leave credit card applications out and about. Invest in a secure safe or a lockable cabinet that’s bolted to the ground. For added protection, deploy multi-factor authentication (MFA) to access these physical safes.
4. No Chucking in the Bin: Secure Disposal of PII
Think a half-completed form is harmless? Think again. Even partial information can be a goldmine for identity thieves. Utilise a secure shredding service or a high-security micro-cut shredder. Also, familiarise yourself with the Australian Privacy Principles (APPs) around data disposal (OAIC).
5. Company Policy is Your Best Mate: Follow Internal Guidelines
Every organisation should have strict policies on how to handle and dispose of customer PII. Make sure you are well-versed in your organisation’s playbook, whether it’s the ACSC Essential 8 for SMBs or something tailored to your specific industry.
6. Stay Vigilant, Stay Awake
According to a study by NortonLifeLock, one in four Australians have experienced identity theft (NortonLifeLock). So, your actions at the till aren’t just procedural; they’re part of a larger ecosystem to thwart thieves and fraudsters.
Tech Stack for the Point-of-Sale Protectors:
- Secure Payment Systems: Use PCI-DSS compliant systems.
- Endpoint Security: Install robust anti-malware and antivirus software. Companies like Sophos and Norton are good choices.
- Data Loss Prevention (DLP) Software: Solutions like McAfee Total Protection for DLP can track sensitive data.
- Secure Communication Channels: Use encrypted communication platforms, even for internal communications.
You’re not just a cashier; you’re a guardian of data, a protector of privacy. With great data comes great responsibility. So go ahead, be the frontline hero we all need! 🦸♂️🦸♀️