For years JCR Systems’ position on the card reader (magnetic stripe reader, MSR) is to not use what’s referred to as a “keyboard wedge emulation” card readers. This basically means that the card reader is emulating a computer keyboard and the terminal the card reader is connected to registers that the card reader is a keyboard. These old school card readers generally plug into a USB port or keyboard port on the terminal.
In past decades this was the norm, but in recent years they are no longer in the best business practices category because they present a weakness to key loggers and skimmers designed to intercept what is typed in. If credit cards are swiped through a keyboard wedge emulation card reader, the card holder data encoded on the black magnetic stripe can be sent directly to the key logger or skimmer. Data Security Breach! New terminals with built in encrypted card readers are the best way to go to help prevent your customer’s card holder data from being compromised as it’s swiped.
If you are not sure if your card readers are the old keyboard wedge style or not, it’s easy to find out. Simply plug a keyboard into your terminal and if it’s running a Windows operating system bring up Windows Notepad (or Wordpad or Word). With the cursor blinking in Notepad type something in using the keyboard and you should see what you are typing in. Now pull out your credit card and swipe it on the terminal’s card reader. Upon swiping your card, if you suddenly have a lot of data appearing in notepad, that is your credit card data that is encoded on the black mag stripe on the back of your card. Time to retire and replace the point of sale terminal with a new generation terminal running an encrypted card reader.
Though these old school card readers are still being manufactured today, best business practices is to use an encrypted card reader, or one with a different interface such as serial that requires special software drivers to properly interface and work with the point of sale software application.
A recent event happened with a retailer’s store in Florida where they found the skimmers the thieves installed on their pos terminals. You can read the article here Posted October 13th 2013: http://krebsonsecurity.com/2013/10/nordstrom-finds-cash-register-skimmers/