Skip to main content

You can break into almost any retail store’s credit card reader with 2 passwords

credit card readers password problems cashier 1
Canadian Couponing
It’s common knowledge that point-of-sale machines aren’t exactly the most secure pieces of technology in the world — you need only look at last year’s pilfering of Home Depot, Target, Neiman Marcus, Michael’s customer data for evidence of that — but the reality may be worse than previously thought. Researchers at cybersecurity firm Trustwave discovered that a vast majority of retailers fail to change the default password on their credit card readers. It’s usually 166816 or Z66816.

The researchers examined machines at more than 120 clothing, electronics, and local stores. The default password in many instances granted administrative access to the machines, Trustwave executive Charles Henderson explained at last week’s RSA security last week in San Francisco. Worst case scenario, that could enable any ruffian with the know-how to scrape payment data like credit card numbers and names.

A majority of the vulnerable terminals are manufactured by Verifone, but the company’s not necessarily the one to blame. “No one is changing the password when they set this up for the first time; everybody thinks the security of their point-of-sale is someone else’s responsibility,” Henderson told CNN Money. “We’re making it pretty easy for criminals.”

It’d be risky to try at a crowded outlet — the passwords are just lengthy enough that entering them would probably make you the target of suspicion — but the real potential for hacking arises from unsecured systems. Speaking to Digital Munition, Henderson described an instance  in which an employee inadvertently downloaded keylogging software onto a retail PoS system while attempting to install a pirated video game.

Verifone doesn’t believe there’s too much cause for concern. The passwords on new payment terminals expire periodically, a spokesperson said, and the company “hasn’t witness[ed] any attacks on the security of terminals based on default passwords.” All the same, it said retailers are “strongly advised to change the default password.”

You’d think that’d be common sense.

Editors' Recommendations

Kyle Wiggers
Former Digital Trends Contributor
Kyle Wiggers is a writer, Web designer, and podcaster with an acute interest in all things tech. When not reviewing gadgets…
Don’t buy this new Motorola phone — get this other one instead
Renders of the Moto G 5G (2024) and Moto G Power 5G (2024).

the Moto G 5G (left) and Moto G Power 5G Digital Trends

Budget phones can slip under the radar when shiny, powerful flagships launch. But if you're in the market for a smartphone that gets the job done and won't blow a four-figure hole in your bank balance, then a great budget smartphone is the way to go.

Read more
Get 32% off the cellular model of the iPad Pro 12.9 this weekend
The iPad Pro on a desk next to a stylus and AirPods.

If you've been thinking about getting the iPad Pro with cellular connectivity but you've been hoping to buy the tablet from iPad deals for a discount, this may be what you've been waiting for -- a 32% discount from Amazon's Woot on the 12.9-inch, Wi-Fi + Cellular model of the 2021 Apple iPad Pro with 128GB of storage. From $1,199, it's down to just $810, which is a steal price for this device with savings of $389. However, while there are still several days left on this offer, it's highly recommended that you proceed with the purchase immediately because there's a chance that stocks don't last that long.

Why you should buy the 2021 Apple iPad Pro 12.9
It's not the latest version of Apple's top-of-the-line tablet -- the honor goes to the 2022 Apple iPad Pro -- but the 2021 Apple iPad Pro is still a pretty powerful device by today's standards. That's because it's equipped with Apple's M1 chip, which promises fantastic speed and excellent graphics when you're working on your multimedia projects, multitasking between several apps, or playing console-level games. With its 12.9-inch Liquid Retina XDR touchscreen, you'll enjoy high-brightness and high-contrast content, and its mini-LED display provides deeper black levels and more vibrant colors.

Read more
Samsung Galaxy A55 vs. A54: all the big changes, explained
Renders of the Samsung Galaxy A55 next to the Galaxy A54.

Galaxy A55 (left) and Galaxy A54 Digital Trends

Samsung has been on a roll with new phone releases in 2024. At the end of January, Samsung released the flagship Galaxy S24 lineup. It's fantastic, but not everyone can afford the latest and greatest flagship. Thankfully, Samsung also makes budget-friendly alternatives, and that’s the appeal of the new Galaxy A55.

Read more