S.

no
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
 Loss Prevention Checklist
What was the date of the last LP audit?
Does location have a key control log for all business keys?
Location changes locks when a key is lost or stolen?
The location has a functioning alarm system?
Each associate has their own alarm code?
Location does not allow non-associates in the store outside of operating hours?
Non-associates are not allowed in offices or stock areas?
Register (POS) keys are kept in a sealed and secured location?
Associates have individual ID’s and Passcodes to the POS?
Only Managers/Supervisors can conduct “high risk” transactions on the POS?
Does the location change passcodes at scheduled intervals?
Is there a camera covering every POS station?
How many security cameras are offline or down?
Does the loading or delivery area have a working camera?
Are public washrooms monitored and “no merchandise allowed beyond this point” signs in place?
Record amount in the cash float?
Does a Location conducts cash register audits at scheduled intervals?
Does location have shortages/overages throughout the month?
There is a shortage/overage log for each register?
Location manager audit paperwork at regular intervals?
Monthly POS activity of each associate is reviewed?
Location does not allow phones at the POS or Workstations?
Shift sales by associate are monitored?
Location has a camera/recording system over POS?
Is POS/workstation always within view of staff?
Are cash drops being done throughout the day as needed?
What was the date of the last safe check?
The location has a camera/recording system in the stock area?
Are high theft items merchandised appropriately?
Are showcases operational and secured?
Does every item have a hang tag or barcode?
Merchandise has a security tag system in place?
Location conducts regular inventory counts?
What was the date of the last inventory audit?
All delivered product is matched to invoice or packing slips?
Is all damaged or defective product kept in a single location?
Damage or defective product disposal is tracked and reviewed?
Location promotes the business abuse line and open door policy?
The location has the local non-emergency phone number posted?
Written policies for loss prevention are present?
Location has regular discussions on loss prevention?
What was the date of the last LP training session?
Location conducts criminal background checks on new associates?
A written code of conduct is issued to each associate?
Staff understands the refund policy?
Are staff voiding their own transactions?
Staff are restricted from performing self or family purchases?
Staff greet customers upon entry?
Do staff understand how to handle damaged or defective products?
Sno

6
 Method of Attack
Skimming. Skimming occurs when a would-be thief replaces your POS system’s POI co
the attacker to actually physically swap your POI for their own.
Supply chain integrity. When a software is purchased by a company for use as a POS,
software. These vulnerabilities can then be exploited by attackers.
Memory scraping. Memory scraping is a highly effective attack technique. The attacker
POS system, collects data, and then exfiltrates that data. Common malware attackers us
Decebel, and Black POS.
Forcing offline authorization. If an attacker is able to force a POS system offline, the pa
to be locally authenticated. When payment card information is authenticated locally, it is m
can more easily steal it.
Sniffing. Sniffing involves taking network traffic and analyzing it for payment card data.
Crimeware kit usage. Amateur attackers typically purchase illegal crimeware kits. These
to a systems data