BPM Analytics

PoS fraud challenges and solutions

According to a study, global mobile wallet transactions were up by a whopping 76%. As the point-of-sale (PoS) transactions continue to tilt towards digital and touchless methods, there has been increase in fraudulent transactions. Technologies such as near-field communication (NFC) and radio-frequency identification (RFID) are still susceptible to hackers, cybercriminals, and other malicious actors.Traditional PoS transactions in brick-and-mortar stores are also prone to loyalty program frauds, inventory misalignment, cashier theft, employee discount abuse, and sweetheart deals.

With the brick-and-mortar stores back in action after the pandemic, PoS machine frauds are again on the rise. Every time your customers swipe their credit cards, or use a self-service terminal, or pay using their smartphones, they are vulnerable to PoS fraud.

The rise of PoS fraud

As technology evolved, so did the hacking mechanisms. Therefore, it is important for merchants to opt for the right service provider that keeps pace with the security requirements of the future*. The reasons for the rise in PoS fraud include:

  • Absence of point-to-point encryption: With most emphasis placed on cloud and mobile security, it is common to ignore PoS systems. PoS terminals contain firmware that the hackers can target to steal payment data. Many merchants only focus on transmission-level encryption for PoS transactions. They don’t incorporate point-to-point encryption solutions to safeguard a customer’s smartphone data.
  • Legacy systems: Backend operating systems may have major loopholes. Merchants run legacy systems, such as Linux and older versions of Windows, that are prone to attacks. Manufacturers deliver the PoS equipment, but they don’t update the software with regular security patches to prevent malware.

For instance, Visa, the world leader in digital payments, detected security breaches in fuel dispenser machines in North America. The fraudsters had compromised the merchant’s network using phishing emails and ultimately targeted the payment card data from the PoS system.


Four solutions for PoS fraud prevention

As the PoS transactions increase in volume, businesses should adopt proven compliance and security methods, which include:[1]

  • PCI DSS standard:
  • Businesses should comply with the Payment Card Industry Data Security Standard (PCI DSS). It provides an overall framework with guidelines for PoS systems. Even if the fraudsters gain access to the PoS system, they won’t be able to decrypt the data.

  • PoS lockdown:
  • This strategy whitelists authorised processors. The system shuts and locks down automatically if a system or a software not on the whitelist comes in contact with the PoS. This prevents any fraudulent transaction from processing.

  • Video systems:
  • Self-service checkouts in commercial establishments reduce human touchpoints but require surveillance to prevent fraud. Video systems attached to the self-service PoS machines let you quickly search for an image in case of any suspicious activity.

  • PoS system-level checks:
  • Data checks at the PoS terminals can raise red flags on a timely basis. These checks include:

    • Logs per user - number of deletions:
    • Bills are void when the fraudster avoids logging in the sale in the system and siphons off the money.

    • Duplicate bill printing:
    • This happens when the cashier doesn’t print a bill but hands over another bill with a similar amount to the customer.

    • Refunds issued per customer:
    • The store’s PoS system must link the usage of the cash drawer to the system to prevent leakage of cash during refunds.

    • Loyalty program card usage:
    • Multiple uses of loyalty program cards can cause revenue loss.

    • Gift card usage:
    • Multiple uses of gift cards or the same card redeemed with a different mobile number will result in revenue loss.

    • Credit sales:
    • Track trends in credit sales by mapping the customer’s phone number to the system data.

    • Manual discount:
    • Track manual discounts and understand their frequency.


How can Infosys BPM help?

Our solutions work on multiple sources of data within the business. This includes PoS transactions, inventory, promotions, returns, and more. The advanced analytical techniques include pattern identification, anomaly detection, and supervised and unsupervised machine-learning algorithms. Our PoS fraud management solutions include:

    Predictive analytics:

    ML models to capture complex patterns that you cannot detect manually.

    Rules/risk repository:

    Create a fool-proof solution by enhancing the rules in the decision engine/rule book.

    Case/workflow management:

    Monitor all suspicious cases, manage watchlists, and block suspicious users.

  • Video analytics:
  • Use existing CCTV networks to pull videos of any suspicious transactions with the click of a button.

  • Reporting and analytics:
  • Understand potential areas of concern and plug the leaks.

For more insights, visit our retail and e-commerce fraud management solutions.

*For organisations on the digital transformation journey, agility is key in responding to a rapidly changing technology and business landscape. Now more than ever, it is crucial to deliver and exceed organisational expectations with a robust digital mindset backed by innovation. Enabling businesses to sense, learn, respond, and evolve like a living organism, will be imperative for business excellence going forward. A comprehensive yet modular suite of services is doing exactly that. Equipping organisations with intuitive decision-making automatically at scale, actionable insights based on real-time solutions, anytime/anywhere experience, and in-depth data visibility across functions leading to hyper-productivity, Live Enterprise is building connected organisations that are innovating collaboratively for the future.


Recent Posts