Whitepaper • 05.12.2019

Protect yourself!

8 security best practices for retailers

The retail industry is a favorite target of cyber attackers. Hackers know a successful attack on a retailer can give them access to the data of thousands or even millions of payment cardholders. Cybercriminals can sell that data for a tidy profit to other criminals on the dark web who use it for fraud, identity theft, and phishing attacks. Cybercrime is big business; it’s projected to cause damages of $6 trillion by 2021 on organizations of all types and sizes.

When it comes to cyber threats, retailers have a lot at stake. They operate on thin margins and have to protect their brands. A breach that compromises the private information of customers can erode trust, prompting many to take their business elsewhere. Nineteen percent of consumers in a KPMG study said they would stop shopping at a retailer following a breach, and 33 percent said they would do so temporarily.

Logo: APG Cash Drawer

APG Cash Drawer

4 The Drove
BN9 0LA Newhaven
advertising banner for the whitepaper on security best practices for retailers...
More information on each security best practice in the APG whitepaper.
Source: APG

A strong cybersecurity posture, therefore, isn’t optional for retailers. It is an absolute must. Retailers that fail to take proper measures to secure customer data, as well as their own, risk being penalized if a breach is found to have been caused by noncompliance of relevant regulations. For many retailers – especially smaller, independent shops – security is a big challenge because they lack the requisite skills and knowledge, in which case they must seek help from solution providers that can implement security solutions to protect them. A comprehensive retail security strategy (whitepaper) must include the following eight components:

1. POS security

Retailers live and die by their POS systems. Unsecured POS software and hardware such as card readers and receipt printers can cause serious problems

2. e-Commerce protection

Retailers must protect their online storefronts as zealously as they do physical POS stations. As with the POS, PCI regulations apply to online transactions, so retailers must ensure that they have the proper controls in place to protect web shoppers.

3. User authentication

Reliable user authentication policies are critical in two primary ways: to ensure that internal users follow security protocols and to accurately identify customers. Both require strong authentication practices.

4. Endpoint monitoring

In the past, deploying antivirus (AV) software may have been sufficient to protect endpoints, but that is no longer the case. AV typically focuses only on known threats and cannot defend against newly introduced malware strands. This is why businesses need a combination of 24/7 endpoint monitoring and data analytics to defend against all kinds of threats.

5. Email protection

Many cyberattacks originate with phishing emails, and most ransomware infections start with a user clicking an infected URL or attachment. Phishing works because it preys on fear and curiosity by making emails look like they are coming from a legitimate source and persuading users to click on the URL or attachment.

6. Wi-Fi network/communications

Retailers increasingly offer Wi-Fi connections to customers in stores as a convenience – and to capture customer information for marketing purposes. However, Wi-Fi networks open to the public should be separate from those used for business functions such as inventory, HR, and POS.

7. Surveillance systems

In addition to protecting their digital assets, retailers have to secure physical stores to prevent shoplifting, fraud, and employee theft at the POS. Deploying a surveillance system with CCTV or IP-connected cameras not only helps to secure physical spaces but also acts as a crime deterrent.

8. Business continuity

No security strategy is complete without a business continuity plan. If a business suffers a cyberattack or physical operations are interrupted by a natural disaster, a company needs to resume operations as quickly as possible. A data backup and recovery strategy are central to business continuity plans.


Retailers cannot afford to be lax with security, be it in physical spaces, their IT networks, or websites. It can take a long time to recover from a security breach, especially if customers lose trust in the company. Digital theft, data breaches, and security related to new payment methods erode a consumer’s trust in a brand, making security a business essential.

For more information on these eight tips on security see the complete whitepaper on security best practices for retailers.

related articles:

popular articles:

Thumbnail-Photo: Electronic shelf labels: photo store introduces new technology...
09.05.2020   #electronic shelf labels (ESL) #electric displays

Electronic shelf labels: photo store introduces new technology

Cooperation between Photografica and Delfi Technologies

Photografica is a professional photography store in the heart of Copenhagen. Here, personal counseling and service play a crucial role. To the benefit of both employees and customers, the store has installed electronic price tags.With a central ...

Thumbnail-Photo: Creative criminal meets intelligent security system...
28.05.2020   #security #brick and mortar retail

Creative criminal meets intelligent security system

Interview with Ralph Siegfried, Business Development Manager at Axis Communications GmbH

Stores come in different sizes, have different settings and vary in product selection. That’s also why they need a customized loss prevention and security solution. What are some options for retailers and what key elements do they need to ...

Thumbnail-Photo: “Dear shopping cart, please show me the way!“...
06.07.2020   #self-checkout systems #scanner

“Dear shopping cart, please show me the way!“

Shopping Cart 2.0 – gimmick or idea with intrinsic value?

Not all shopping carts are the same... far from it! Digitization and automation also put their stamp on this aspect of the retail sector. What’s usually a plain, large basket on wheels that makes it easier for shoppers to transport products ...

Thumbnail-Photo: eBay’s management of payments begins scaling globally...
24.07.2020   #online trading #e-commerce

eBay’s management of payments begins scaling globally

Payments initiative reaches a milestone as the Operating Agreement with PayPal expires

Starting today (July 20th), eBay will begin expanding its management of payments around the globe. The company embarked on its journey to manage the end-to-end payments process on its marketplace platform in late 2018 and is already seeing success ...

Thumbnail-Photo: CCV announces consolidation of its international payment division,...
02.07.2020   #mobile payment #payment systems

CCV announces consolidation of its international payment division, focuses on market innovations

Under the flagship of CCV GmbH, the company plans to bring its innovation into specific international markets

CCV Group B.V. has announced that all of its international business activities will now be consolidated and run within its Germany-based division - CCV GmbH. CCV GmbH will carry out the activities of the former CCV Deutschland GmbH and CCV Easy, a ...

Thumbnail-Photo: SALTO releases the SALTO Neo Cylinder
18.08.2020   #access control #access control systems

SALTO releases the SALTO Neo Cylinder

State of the art, wireless access control technology

SALTO Systems, a leading manufacturer of electronic access control solutions, has released the SALTO Neo Cylinder – a new electronic cylinder that offers more features and better functionality than any other cylinder on the market. ...

Thumbnail-Photo: Electric vehicles for safe on-the-go food distribution during pandemic...
28.08.2020   #food retail #delivery

Electric vehicles for safe on-the-go food distribution during pandemic

Gallery E vehicles solve food service challenges at universities and corporate campuses this fall

Gallery, the leading innovator of mobile carts for food, beverage and retail businesses, has announced a unique partnership with AYRO, Inc. and Club Car to launch a new line of electric vehicles to help bring food, beverage, and retail merchandising ...

Thumbnail-Photo: Stay safe with VariPOS
11.05.2020   #cashpoints #terminals

Stay safe with VariPOS

How technology helps – Stay safe at the point of sale

Technologies for product identification and payment authentication are great for improving the customer experience with speed and accuracy, but these technologies are also being seen as beneficial in the wake of the Coronavirus Pandemic. ...

Thumbnail-Photo: World’s first convenience store retrofitted with AI technology...
14.08.2020   #video surveillance #video cameras

World’s first convenience store retrofitted with AI technology

Standard Cognition to provide Circle K with autonomous checkout

Standard (“Standard Cognition”) announced that Alimentation Couche-Tard, a company that operates close to 14,500 convenience stores worldwide, including under the global brand Circle K, has selected Standard to pilot touchless, ...

Thumbnail-Photo: Digital access controls support distancing requirements in the era of...
06.07.2020   #brick and mortar retail #retail

Digital access controls support distancing requirements in the era of Corona

Essential staff are relieved and the risk of infection is reduced

Since the beginning of the pandemic, larger supermarkets and discounters have been imposing entrance restrictions to ensure that only a certain number of people are allowed within their Stores. Usually the access management is carried out by ...


Reflexis Systems GmbH
Reflexis Systems GmbH
Kokkolastr. 5-7
40882 Ratingen
POS TUNING Udo Voßhenrich GmbH & Co KG
POS TUNING Udo Voßhenrich GmbH & Co KG
Am Zubringer 8
32107 Bad Salzuflen
APG Cash Drawer
APG Cash Drawer
4 The Drove
BN9 0LA Newhaven
Gewerbering 1
84072 Au i.d.Hallertau
Delfi Technologies GmbH
Delfi Technologies GmbH
Landgraben 75
24232 Schönkirchen
Adasys GmbH – a Poindus Company
Adasys GmbH – a Poindus Company
Max-Planck-Straße 10
70806 Kornwestheim
SALTO Systems GmbH
SALTO Systems GmbH
Schwelmer Str. 245
42389 Wuppertal
Poindus HQ - Taiwan
Poindus HQ - Taiwan
5F., No.59, Ln. 77, Xing-Ai Rd.,Neihu Dist.
Taipei City 114
Apostore GmbH
Apostore GmbH
Uferstraße 10
45881 Gelsenkirchen