Hardware vendors often skimp on providing basic security for products even when it is no real skin off their noses.
Hackers David Byrne and Charles Henderson cited the case of the world’s largest Point of Sale (PoS) systems vendor which has been slapping the same default password (66816) on its gear since 1990.
This has led to 90 per cent of customers are still using the same password. But Byrne and Henderson said that the outfit is not the only borked sales system.
In this case the only expertise required to carry out a hack is to open a panel using a paperclip – something which has been spotted by low paid staff with a grudge.
What is even more ironic is that the open password is being carried across to across to rival vendors as customers who assume their codes are unique switch equipment.
Henderson told the RSA Conference in San Francisco that 166816 is the default password for one of the largest manufacturers of point of sale equipment and has been since at least 1990.
The hackers also slammed nameless vendors for borking cryptography and basic best security practice, splashing the POS badge across their slide decks.
“Vendors claim that running in admin is a requirement but it’s nothing but lies, damn lies. I know why they do it; it’s like Nirvana for them. But if in fact [the PoS system] needs to run as administrator, that’s a good indicator that your vendor doesn’t take security seriously.”
What is strange is that it would not kill the Vensdors to fix the problem. It is not difficult to come up with new passwords for each machine sold, it is just they can’t be bothered.
NFC is slowly taking off, but adoption is still limited. The technology is there, most phones and tablets ship with NFC chips, but very few people and businesses actually use it.
Now Asus has an interesting product that could help bring NFC to desktops and notebooks, but there is a catch.
The company’s NFC Express receiver is a USB 3.0 device that could have quite a few uses. It could allow users to log in using Windows 8 and NFC tags and it could allow the transfer of photos and images without WiFi.
The catch is that the device was designed to be used with Asus Z87 motherboards. It also ships as an accessory with the Z87-DELUXE/DUAL motherboard. It can also be bought separately and it uses two USB 3.0 ports.
Logging into Windows without a password sounds interesting, but NFC dongles could have a lot of other applications. Cheap, off-the-shelf devices could be used to upgrade existing PCs or POS systems in retail outlets. However, for this to happen NFC needs to see a lot more adoption across the board.
Tablets and smartphones are synonymous with cannibalisation and the smart-device craze is now taking its toll on the POS market. Apple pioneered the use of tablets in a POS setting and it didn’t take long before the rest of the industry recognised the advantages of mobile POS solutions.
According to a report from IHL Group, 28 percent of US retailers plan to “embrace” mobile POS by the end of the year. In America alone, the mobile POS market is expected to be worth over $2 billion this year, reports Forbes.
However, not everyone wants an iPad cash register. The report also found that a third of retailers don’t plan to deploy mobile POS devices over the next three years. Although most retailers could benefit from sleeker and smarter POS solutions, some don’t believe they are worth the investment. This is probably true of small outfits operating on a shoestring, as they are more likely to use existing POS systems for as long as they can.
The advantages of mobile POS solutions are quite obvious. They rely on relatively cheap off-the-shelf consumer gear like iPads and Android tablets, backed by a legion of cheap and eager developers who can take care of software. Furthermore smart devices are available in a wide range of form factors, they are very portable and they can handle all sorts of payments. Ruggedized devices are available, too.
It is not a case of going out, buying a tablet, then looking for adequate software. Big players have recognised the trend and they are already offering the whole monty. Last month HP announced a new POS solution based on a run of the mill ElitePad tablet, in a fancy jacket designed specifically for POS applications.
The mobile wallet market is about to get big, huge even. According to a new report published by Transparency Market Research, the global mobile wallet market will reach $1,602.4 billion by 2018. In EMEA it will grow at a CAGR of 30.7 percent from 2012 to 2018 and EMEA will be the largest mobile wallet market in the world by 2018.
EMEA accounted for about 40 percent of the global mobile wallet share in 2011, but the Asia Pacific region is expected to see the fastest growth over the next five years.
The staggering figures sound optimistic to say the least, but Transparency Market Research is basing them on a few emerging trends that hold a lot of promise. The outfit found that affordable NFC enabled phones and POS (point of sale) systems will be the main drivers of growth over the next few years.
Retail is currently the biggest application for mobile wallet services and the trend is set to continue, due to ease of payment using smartphones and initiatives to introduce new POS terminals in convenience stores. Vending machines are also a potent market. Mobile network operators are expected to play a pivotal role in future mobile wallet adoption.
Unsurprisingly, the key players in the market will be Visa, MasterCard, American Express, PayPal, Google and others from the list of usual suspects.
However, it won’t be just smooth sailing. Quite a few consumers still don’t know how mobile wallets actually work and we’re pretty sure that many aren’t even aware of their existence. Security and privacy remain sources of concern, too.
Hewlett Packard has introduced a new point of sale (POS) solution aimed at retail and hospitality businesses.
The HP ElitePad Mobile POS Solution is basically and HP ElitePad tablet with HP’s retail jacket for ElitePad. It is designed to integrate into existing IT infrastructure and connect to store systems on the go.
As many as 57 percent of retailers plan to implement tablets in their stores over the next one to three years and HP is clearly trying to cash in on the trend.
The package includes a 1D/2D barcode scanner and three-track encrypted bi-directional magnetic stripe reader (MSR). It also has an integrated detachable hand strap and an optional secondary battery for extended endurance.
“Consumers expect the same personalised experience they get online or on their mobile device in a retailer’s brick-and-mortar store,” said Kobi Elbaz, director, Commercial and Retail Solutions, Printing and Personal Systems Group, HP EMEA. “With the HP ElitePad Mobile POS Solution, store managers and associates are empowered to move the sale from behind the counter, giving them the ability to assist the customer right on the sales floor for immediate customer satisfaction.”
The HP ElitePad is available in EMEA, but the HP Retail Jacket for the tablet will show up in September.
NFC has been around in select high-end phones for years, and Google has included NFC support in every Nexus handset dating back to the Nexus S, which launched in late 2010. However, Apple and a few other names were not as keen to embrace it.