PoS terminals have been a primary victim of hacking attacks in 2016, a new Trustwave report shows. Attacks targeting sales terminals increased to 31% last year, whereas e-commerce incidents fell to 26%.
49% of Data Breaches in 2016 Happened in the US, Trustwave Report Indicates
Interestingly, attacks involving sales registers were most seen in the United States where the EMV chip technology is employed.
EMV is a technical standard for smart payment cards and for payment terminals and ATMs. EMV cards are considered smart cards and are also known as chip cards or IC cards. They store their data on integrated circuits and magnetic stripes.
These cards can be physically inserted into a reader, or can be contactless cards that can be read over via the radio-frequency identification technology. Payment cards using the EMV standard are often called Chip and PIN or Chip and Signature cards, depending on the authentication methods used by the card issuer.
49% of data breaches inspected by Trustwave took place in North America, 21% were registered in Asia-Pacific, 20% in Europe, Middle East and Africa, and 10% in South America. The industry which saw the highest share of incidents is the retail sector with 22%, followed by the food and beverage industry with 20%.
Unfortunately, more than 50% of the incidents Trustwave followed involved payment card data:
- Card track data also known as magnetic stripe data was compromised in 33% of incidents stemming from PoS;
- Card-not-present data known as CNP data is at 33% coming from e-commerce transactions;
- Financial credentials such as names and passwords for banks were compromised in 18% of incidents.
As explained by researchers, attackers have started to adopt more sophisticated techniques, choosing to target SaaS platforms that provide solutions for the PoS market. This fact accounts for the ever-increasing large-scale data incidents and data breaches.
Trustwave’s report is available for download but you need to register first.