Skimming Prevention: Overview of Best Practices August 5, 2014
Introductions • Ken Keegan - Jamba Juice • Kevin Trimble - McDonald’s Corporation • Kimberly Bloomston - The Zellman Group • Keith Hoover - United States Secret Service
Today’s Discussions • Types of Cyber Threats • Point of Sale Intrusion • Cyber Incident Response Plan and Preventative Measures / Solutions
Secret Service Presentation Keith Hoover - Asst. to Special Agent in Charge
QSR Loss Prevention • Impacts as a result of increased claims of unauthorized credit card usage: • Due diligence with Merchant card vendors • PCI compliance • Increased Gift card abuse
Merchant Card Vendors • Notices from US Fraud Control and Investigations on Common Point of Purchase (CPP) notifications • Due diligence required by the organization • PCI, Payment Card and other assessments may need to be completed, documented and forwarded • Possible fines for non-compliance.
PCI Compliance • Additional assessments and analysis may be required by IT if incidents continue • Improved surveillance on servers and POS equipment may be required • Confusion on standards may occur within organization and vendors
Gift Card Abuse • 86% of all online fraud is within 24 hours • Primary Target of Fraudsters (2013) • Online Retail 45% • Food & Beverage 24% • Other 31% • Need to employ appropriate technology to identify stolen cards online
Gift Card Abuse • Increase in fraudulent gift cards in locations • Good customers purchasing BAD cards through other means • Online Market • Mall Kiosks
Solutions • Implement / enforce a strict company policy against skimming / credit card fraud • Raise awareness within your organization • Establish investigative protocols / standards • Monitor fraud trends (Google Alerts, etc.) • Network with peers / LE to understand ORC / skimming / data breach trends SMARTER. TOGETHER.
Inspect • Physical inspections of POS systems incorporated into operation checklists • Management inspects POS systems for tampering • Regulate pin pads, seals, manufacturer labels • Investigate / report exposed or compromised cabling • IT should conduct inventory of all devices in all locations (annually, quarterly or post-incident) SMARTER. TOGETHER.
Communicate • Documented process for approving authorized service technicians (ID, background checks, etc.) • Consider control process for repairing store devices / equipment. (Devices sent back to corporate for repair / replacement) • Educate restaurant employees during new hire orientation / onboarding • Educate employees on what a skimmer does / looks like • Clearly present policy and consequences SMARTER. TOGETHER.
Investigate • Establish investigative protocol • Use a group distribution to enable ease of communication to appropriate delegates • React quickly and discreetly! • Review equipment • Preserve CCTV • Pull schedules • Interview compromised cardholder SMARTER. TOGETHER.
Network • Network with loss prevention / security / law enforcement peers to understand ORC trends • Join appropriate organizations to conduct research quickly (e.g. IAFCI) • Partner with eCommerce Fraud Detection partner to keep the fraudsters out SMARTER. TOGETHER.