The Outdoor EMV C-store Cybersecurity Gap February 22, 2021 Tim Tang, Director, Enterprise Solutions EMV false In less than a couple of months, C-store operators who have not upgraded their fuel dispensers to accept EMV chip transactions will be held liable for fraudulent credit card transactions. In the convenience store industry, this Outdoor EMV liability shift rightly receives the lion’s share of market attention. However, Outdoor EMV upgrades alone are not enough to protect the store from cybersecurity threats. The outdoor EMV upgrades only protect the operator from counterfeit credit card transactions that occur at the dispenser. While secure credit card transactions are essential, convenience store operators must also manage store and fuel inventories, schedule employees, run sales reports, and much more. These critical activities occur on the C-store operator’s back-office machine, which has become a primary target for cybercriminals. Consider a ransomware attack, where an operator loses access to their back-office systems until they pay a ransom of hundreds of thousands of dollars! How many days could you maintain your business without your back-office functions? Upgrading a dispenser with a new swiper to support EMV chip transactions does nothing to protect the back-office from cyber-attacks. When it comes to cybersecurity, all of the store’s essential systems need to be protected. To succeed in today’s market, you must protect your store against common cybersecurity threats and maintain the ability to support critical business functions. The leading Point of Sale providers for the C-store industry require operators to use a certified Managed Network Service Provider (MNSP) as part of their Outdoor EMV solution. MNSPs provide managed security services to help operators meet PCI compliance—a standard credit card processor requirement. Failure to meet PCI compliance results in penalty fees that are, in some cases, more expensive than the MNSP fees! Not only are operators failing to protect their businesses from significant cyber threats, but they are also wasting precious financial resources on meaningless fees. In many cases, operators are unaware of the situation because these fees show up as a single line item in a monthly bill that is dozens of pages long. For operators, who do not have dedicated IT staff, MNSPs can improve their cybersecurity posture with a portfolio of cybersecurity services, including Security Information and Event Management (SIEM), Managed Detection and Response (MDR), and Endpoint Detection and Response (EDR). While a significant portion of the C-store market is still waiting to upgrade their dispensers to support EMV chip transactions for various reasons, operators should engage with MNSPs now to protect their business from ongoing cybersecurity threats. Categories See All SD-WAN (53) Networking (25) Retail Technology (18) Managed Security (11) EMV (10) SASE (8) Managed Services (7) Conference (7) Digital Media (5) Edge Computing (5) WiFi Analytics (4) SCS (1) Popular Blogs The Technology Problem in FranchisingFeb 22, 2021 Rebuilding Trust between Franchisors and FranchiseesFeb 25, 2021 Takeaways from 2020Dec 3, 2020 Success in a Hyper-Connected World Requires Global ConnectivityDec 10, 2020 More Cashless Transactions Mean Greater Need for Payment Protection and PCI ComplianceDec 17, 2020 Related Posts See All More Cashless Transactions Mean Greater Need for Payment Protection and PCI Compliance Brittany Hilton December 17, 2020 5 Steps to Prepare for the EMV Liability Shift Brittany Hilton October 07, 2020 MNSP: Preparing for C-store Digital Transformation Tim Tang, Director, Enterprise Solutions August 11, 2020 Dangerous Assumptions About Outdoor EMV Liability Shift Tim Tang, Director, Enterprise Solutions July 09, 2020 Hit the Gas on Outdoor EMV Upgrade Brittany Hilton July 02, 2020 ENJOY THIS POST? Provide your email below to receive a monthly round-up of what’s happening in the world of connectivity! First Name Last Name Email Company Campaign ID CAPTCHA This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.