1. What is a POS?
POS stands for Point of Sale. It is a device that a consumer interacts with to make a purchase using a credit card or declining balance account. In the context of 365 Retail Markets, a POS could be a MicroMarket kiosk, PicoMarket, mobile pay app, or any other device that a consumer uses to complete and pay for a purchase.
2. What is a security threat?
A security threat is a perceived threat that could potentially affect 1 or more POS endpoints, and may result in a security incident or breach if left uncontained or unaddressed.
3. What is a security incident?
A security incident is a real event taking place on a POS endpoint, where credit card or personal information has been compromised. A POS incident may be real or perceived. Incidents typically affect only 1 POS endpoint.
4. What is a security breach?
A security breach is a real POS incident affecting more than 1 endpoint, happening at approximately the same time. Security breaches are more serious, as they often affect multiple systems or properties, and may be more difficult to identify or contain.
5. How do security incidents or security breaches impact me?
Both incidents and breaches involve personal data getting compromised by a third party system or user. Typically, this data may contain credit card or other personal information, leaving users at risk if left uncontained or unresolved.
6. What is 365 Retail Markets doing to respond to the incident or breach?
365 Retail Markets has a detailed incident response process as well as a detailed security breach response process. These involve identifying the threat, responding and remediating the threat as soon as possible, and communicating updates to affected parties until the issue is successfully resolved. Additionally, we take proactive measures to prevent future incidents or breaches by refining our process by reflecting and learning from past incidents.
7. What action can I take to protect myself from future security threats or incidents?
While our security team acts as a first line of defense against threats, clients can ensure additional security by ensuring passwords are strong, secure, and updated regularly. Never exchange personal information such as credit card information via email, and avoid opening or responding to suspicious emails from unknown addresses. If you detect any unusual or suspicious activity on any kiosks or POS end points, please report them immediately to our Security team at firstname.lastname@example.org.