Whitepaper • 05.12.2019

Protect yourself!

8 security best practices for retailers

The retail industry is a favorite target of cyber attackers. Hackers know a successful attack on a retailer can give them access to the data of thousands or even millions of payment cardholders. Cybercriminals can sell that data for a tidy profit to other criminals on the dark web who use it for fraud, identity theft, and phishing attacks. Cybercrime is big business; it’s projected to cause damages of $6 trillion by 2021 on organizations of all types and sizes.

When it comes to cyber threats, retailers have a lot at stake. They operate on thin margins and have to protect their brands. A breach that compromises the private information of customers can erode trust, prompting many to take their business elsewhere. Nineteen percent of consumers in a KPMG study said they would stop shopping at a retailer following a breach, and 33 percent said they would do so temporarily.

Logo: APG Cash Drawer

APG Cash Drawer

4 The Drove
BN9 0LA Newhaven
advertising banner for the whitepaper on security best practices for retailers...
More information on each security best practice in the APG whitepaper.
Source: APG

A strong cybersecurity posture, therefore, isn’t optional for retailers. It is an absolute must. Retailers that fail to take proper measures to secure customer data, as well as their own, risk being penalized if a breach is found to have been caused by noncompliance of relevant regulations. For many retailers – especially smaller, independent shops – security is a big challenge because they lack the requisite skills and knowledge, in which case they must seek help from solution providers that can implement security solutions to protect them. A comprehensive retail security strategy (whitepaper) must include the following eight components:

1. POS security

Retailers live and die by their POS systems. Unsecured POS software and hardware such as card readers and receipt printers can cause serious problems

2. e-Commerce protection

Retailers must protect their online storefronts as zealously as they do physical POS stations. As with the POS, PCI regulations apply to online transactions, so retailers must ensure that they have the proper controls in place to protect web shoppers.

3. User authentication

Reliable user authentication policies are critical in two primary ways: to ensure that internal users follow security protocols and to accurately identify customers. Both require strong authentication practices.

4. Endpoint monitoring

In the past, deploying antivirus (AV) software may have been sufficient to protect endpoints, but that is no longer the case. AV typically focuses only on known threats and cannot defend against newly introduced malware strands. This is why businesses need a combination of 24/7 endpoint monitoring and data analytics to defend against all kinds of threats.

5. Email protection

Many cyberattacks originate with phishing emails, and most ransomware infections start with a user clicking an infected URL or attachment. Phishing works because it preys on fear and curiosity by making emails look like they are coming from a legitimate source and persuading users to click on the URL or attachment.

6. Wi-Fi network/communications

Retailers increasingly offer Wi-Fi connections to customers in stores as a convenience – and to capture customer information for marketing purposes. However, Wi-Fi networks open to the public should be separate from those used for business functions such as inventory, HR, and POS.

7. Surveillance systems

In addition to protecting their digital assets, retailers have to secure physical stores to prevent shoplifting, fraud, and employee theft at the POS. Deploying a surveillance system with CCTV or IP-connected cameras not only helps to secure physical spaces but also acts as a crime deterrent.

8. Business continuity

No security strategy is complete without a business continuity plan. If a business suffers a cyberattack or physical operations are interrupted by a natural disaster, a company needs to resume operations as quickly as possible. A data backup and recovery strategy are central to business continuity plans.


Retailers cannot afford to be lax with security, be it in physical spaces, their IT networks, or websites. It can take a long time to recover from a security breach, especially if customers lose trust in the company. Digital theft, data breaches, and security related to new payment methods erode a consumer’s trust in a brand, making security a business essential.

For more information on these eight tips on security see the complete whitepaper on security best practices for retailers.

related articles:

popular articles:

Thumbnail-Photo: The iXtenso editors tested self-scanning ......
30.09.2019   #mobile payment #self-checkout systems

The iXtenso editors tested self-scanning ...

... with an app of the Hobbymarkt Knauber in Bonn, Germany

Snabble has developed a payment app that allows customers to scan their purchases in retail stores and pay online. I wondered: How does it work?The app is in use in the Bonn DIY and hobby market Knauber, among other places. Let’s make a move ...

Thumbnail-Photo: “Money left on the table”
19.11.2019   #customer satisfaction #customer analysis

“Money left on the table”

Mark Thomson from Zebra explains why stock management is essential for retailers

Zebra Technologies Corporation did a study on attitudes of shoppers and their buying behavior. It shows that more than half of Generation X shoppers shopped in a store and left without a purchase only to end up purchasing the item ...

Thumbnail-Photo: Spar: opening in Copenhagen
30.10.2019   #electronic shelf labels (ESL) #price labelling

Spar: opening in Copenhagen

International Flagship-Store opens for business in Sydhavn, in the South of Copenhagen

On August 22nd, the grocery chain Spar opened its doors to a brand new store with international concepts in the South of Copenhagen area, Sydhavn. The new store offers a modern shopping experience where it should be easy, convenient and enjoyable to ...

Thumbnail-Photo: When customers become cashiers
01.10.2019   #epos systems #mobile payment

When customers become cashiers

Treading a fine line between traditional and visionary, between checkouts and codes

For years, we have done this in online stores: we fill our shopping cart, click to pay and are excited about our purchase. Thanks to the snabble app - now available at the Knauber Hobbymarkt in Bonn and at IKEA in Frankfurt – consumers can ...

Thumbnail-Photo: Mobile payments at the supermarket checkout
05.08.2019   #mobile payment #smartphone

Mobile payments at the supermarket checkout

An early adopter’s experience of mobile payments

Or: "What’s that you’re doing with your watch?“I still remember the first time I used mobile payment technology and paid for items with my smartphone at a supermarket checkout: It was October 17, 2018, exactly seven days after ...

Thumbnail-Photo: App creates personalised shopping experience...
26.08.2019   #mobile payment #app

App creates personalised shopping experience

The Swiss trading company Valora is opening its first cashless convenience store

The goods are chosen, scanned and paid for using the avec smartphone app. Mobile computer vision specialists Scandit’s scan engine is a key component of the customer-facing app. The future of shopping - whether online or offline - is ...

Thumbnail-Photo: Smart meters: Be proactive and reap the benefits...
12.08.2019   #energy optimization #electrical installation

Smart meters: Be proactive and reap the benefits

The Metering Point Operation Act calls for smart meter rollout

The black and analog electric meter box has become obsolete: The mandatory smart meter rollout will commence in a few months. What does the installation of digital, smart electric meters mean for retailers and chain stores? ...

Thumbnail-Photo: Retail Asia Conference & Expo (RACE)
07.10.2019   #online trading #retail

Retail Asia Conference & Expo (RACE)

As the leading retail exhibition in Asia, RACE is taken place from 6 – 8 May 2020.

As the leading retail exhibition in Asia, RACE is recognised as the must-join event among the industry’s most influential retailers and customers. RACE features three focus areas: Retail technology, retail design & in-store marketing ...

Thumbnail-Photo: Retail analytics: Breaking down data silos and improving operational...
29.07.2019   #data management #data analysis

Retail analytics: Breaking down data silos and improving operational efficiency

How comprehensive data usage led to higher revenue at Heine

“As a business with heritage in mail order, we used to have access to detailed reports about product performance in our catalogues. Once our digital presence grew, we had very limited information available that combined the KPIs for both our ...

Thumbnail-Photo: drs//POS – The POS system for many check-out situations...
13.09.2019   #pos systems #cashpoints

drs//POS – The POS system for many check-out situations

With the POS system developed by Superdata you are put in the picture

The POS acts as an ear in the store. It affects how timely, and with what information, decision makers at the head office are in a position to assess developments in the store and are able to respond appropriately to the situation.With our POS ...


Superdata GmbH
Superdata GmbH
Ruhrstr. 90
22761 Hamburg
APG Cash Drawer
APG Cash Drawer
4 The Drove
BN9 0LA Newhaven
Permaplay Media Solutions GmbH
Permaplay Media Solutions GmbH
Aschmattstr. 8
76532 Baden-Baden
iXtenso - Magazin für den Einzelhandel
iXtenso - Magazin für den Einzelhandel
Celsiusstraße 43
53125 Bonn
Delfi Technologies GmbH
Delfi Technologies GmbH
Landgraben 75
24232 Schönkirchen