Home > Credit Card Processing

How To Identify And Fix Your POS System’s Security Flaws

By Phillip Parker

No Point Of Sale System Is 100% Secure

Credit card payment
© Depositphotos – Anatoliy Babiy
Whether you’re using a countertop terminal, a virtual terminal, or an online payment gateway to accept credit cards, your payment system is at risk of a hack. In the same way that your storefront or your home is never fully protected against burglary, your point-of-sale system will always have minor vulnerabilities that a savvy hacker can exploit. Of course, this doesn’t mean you should just give up and wait for a scammer to steal your customers’ credit card information. No matter what kinds of equipment or software you use, there are proactive steps you can take to shore up your POS system’s defenses and deter fraudsters.

The PCI Security Standards Council divides all point-of-sale systems into 14 different categories. You’ve probably never heard of these categories before, and you will never need to know them off the top of your head. But it helps to know how your system is classified by the council, because there are specific PCI recommendations for each point-of-sale environment. Below, we’ve provided a list of all 14 POS system types. If you’re shopping for a new point-of-sale system, or if you already have one, click on any POS system to see a description of that system’s security vulnerabilities and PCI recommendations. If you’re not sure which category applies to your POS system, feel free to browse through the list until you find the category that fits.

Payment System Types

  1. Dial-up payment terminal. Payments sent via phone line.
  2. Dial-up payment terminal and Internet-connected electronic cash register. Payments sent via phone line.
  3. Payment terminal connected to electronic cash register. Payments sent via Internet by electronic cash register.
  4. Encrypting payment terminal connected to electronic cash register. Payment sent via Internet by electronic cash register.
  5. Encrypting payment terminal and electronic cash register connected to Internet. Payments sent via Internet.
  6. Encrypting payment terminal and electronic cash register share non-card data (semi-integrated). Payments sent via Internet by payment terminal.
  7. Integrated payment terminal and payment middleware share card data. Payments send via Internet.
  8. Encrypting wireless payment terminal (“Pay-at-Table”) with integrated payment terminal and “middleware.” Payments sent via Internet.
  9. Payment terminal connected to electronic cash register, with additional connected equipment. Payments sent via Internet.
  10. E-commerce merchant with fully outsourced payment page. Payments sent via Internet by third-party provider.
  11. E-commerce merchant accepts payments on own payment page and manages own website. Payments sent via Internet by merchant.
  12. Encrypting secure card reader and mobile payment terminal. Payments sent via cellular network only.
  13. Encrypting secure card reader and mobile payment terminal. Payments sent via cellular network or Wi-Fi.
  14. Virtual payment terminal accessed via merchant Internet browser. Payments sent via Internet.

1. Dial-up payment terminal. Payments sent via phone line.

This system consists of a countertop credit card terminal plugged into your location’s phone line, often connected to a paper receipt printer.

This system’s vulnerabilities include hardware tampering, hardware replacement, and paper data theft. Hardware tampering typically involves a hacker attaching a small device known as a “skimmer” to your terminal in order to collect card information. Hardware replacement involves secretly swapping your terminal with another identical terminal that has malicious code installed on it. Paper data theft occurs when a scammer steals the information that the terminal prints out after each transaction or shift.

To avoid these possible breaches, you should periodically inspect your payment terminals for any tampering, deal directly with your equipment provider when having equipment switched out or serviced, and destroy all non-essential paper receipts. If possible, try not to keep any paper materials containing transaction information at your location at all.

Click to return to menu.

2. Dial-up payment terminal and Internet-connected electronic cash register. Payments sent via phone line.

This system consists of a countertop credit card terminal plugged into your location’s phone line, often connected to a paper receipt printer. It also includes an electronic cash register that connects to the Internet but does not itself transmit payment information to a bank.

This system’s vulnerabilities include hardware tampering, hardware replacement, and paper data theft. Hardware tampering typically involves a hacker attaching a small device known as a “skimmer” to your terminal in order to collect card information. Hardware replacement involves secretly swapping your terminal with another identical terminal that has malicious code installed on it. Paper data theft occurs when a scammer steals the information that the terminal prints out after each transaction or shift. The electronic cash register in this system does not transmit or store credit card information and therefore is not considered an at-risk device.

To avoid these possible breaches, you should periodically inspect your payment terminals for any tampering, deal directly with your equipment provider when having equipment switched out or serviced, and destroy all non-essential paper receipts. If possible, try not to keep any paper materials containing transaction information at your location at all.

Click to return to menu.

3. Payment terminal connected to electronic cash register. Payments sent via Internet by electronic cash register.

This system consists of a countertop credit card terminal connected to an electronic cash register, which transmits payment data to the bank via an Internet connection. It may also include a receipt printer that produces paper records of transactions.

This system’s vulnerabilities include hardware tampering, hardware replacement, internet-transmitted malware, and paper data theft. Hardware tampering typically involves a hacker attaching a small device known as a “skimmer” to your terminal in order to collect card information. Hardware replacement involves secretly swapping your terminal with another identical terminal that has malicious code installed on it. Malware can be downloaded onto the internet-connected cash register through the register’s internet browser or as a result of weak password protection on the location’s internet connection, insufficient firewall software to protect the location’s internet connection, or outdated payment processing software with known exploits. Paper data theft occurs when a scammer steals the information that the terminal prints out after each transaction or shift.

To avoid breaches through your terminals, you should periodically inspect your payment terminals for any tampering, deal directly with your equipment provider when having equipment switched out or serviced, and destroy all non-essential paper receipts. If possible, try not to keep any paper materials containing transaction information at your location at all. To avoid breaches to your internet-enabled cash register, be sure to install a firewall for your internet connection, keep your register’s POS software up to date, maintain strong passwords, switch passwords out frequently, and restrict internet browsing on any devices connected to the register.

Note: any version of this POS system that uses a magnetic stripe card reader instead of an EMV-enabled card reader is considered “higher” risk by the PCI council.

Click to return to menu.

4. Encrypting payment terminal connected to electronic cash register. Payment sent via Internet by electronic cash register.

This system consists of a countertop credit card terminal that encrypts card data at the moment the card is swiped or inserted. This terminal transmits encrypted payment data to a connected electronic cash register, which then passes the encrypted payment data to the bank via an Internet connection. It may also include a receipt printer that produces paper records of transactions.

This system’s vulnerabilities include hardware tampering, hardware replacement, and paper data theft. Hardware tampering typically involves a hacker attaching a small device known as a “skimmer” to your terminal in order to collect card information. Hardware replacement involves secretly swapping your terminal with another identical terminal that has malicious code installed on it. Paper data theft occurs when a scammer steals the information that the terminal prints out after each transaction or shift.

To avoid breaches, you should periodically inspect your payment terminals for any tampering, deal directly with your equipment provider when having equipment switched out or serviced, and destroy all non-essential paper receipts. If possible, try not to keep any paper materials containing transaction information at your location at all.

Click to return to menu.

5. Encrypting payment terminal and electronic cash register connected to Internet. Payments sent via Internet by payment terminal.

This system consists of a countertop credit card terminal that encrypts card data at the moment the card is swiped or inserted and then transmits the encrypted payment data to the bank via the internet. This system also includes an electronic cash register that connects to the internet but does not accept credit card payments. The payment terminal and cash register are independently connected to the internet, and are not connected to each other. No other third-party devices are connected to the payment system. This system may also include a receipt printer that produces paper records of transactions.

This system’s vulnerabilities include hardware tampering, hardware replacement, internet-transmitted malware, and paper data theft. Hardware tampering typically involves a hacker attaching a small device known as a “skimmer” to your terminal in order to collect card information. Hardware replacement involves secretly swapping your terminal with another identical terminal that has malicious code installed on it. Malware can be downloaded onto the Internet-connected payment terminal through the terminal’s internet browser or as a result of weak password protection on the location’s internet connection, insufficient firewall software to protect the location’s internet connection, or outdated payment processing software with known exploits. Paper data theft occurs when a scammer steals the information that the terminal prints out after each transaction or shift.

To avoid breaches through your terminals, you should periodically inspect your payment terminals for any tampering, deal directly with your equipment provider when having equipment switched out or serviced, destroy all non-essential paper receipts, be sure to install a firewall for your internet connection, keep your terminal’s POS software up to date, maintain strong passwords, switch passwords out frequently, and restrict internet browsing on the terminal or any devices connected to the terminal. If possible, try not to keep any paper materials containing transaction information at your location at all.

Click to return to menu.

6. Encrypting payment terminal and electronic cash register share non-card data (semi-integrated). Payments sent via Internet by payment terminal.


This system consists of a countertop credit card terminal that encrypts card data at the moment the card is swiped or inserted and then transmits the encrypted payment data to the bank via the internet. This system also includes an electronic cash register that connects to the internet but does not accept credit card payments. The payment terminal and cash register are connected to each other but do not transmit any payment card data between themselves. No other third-party devices are connected to the payment system. This system may also include a receipt printer that produces paper records of transactions.

This system’s vulnerabilities include hardware tampering, hardware replacement, internet-transmitted malware, card data incorrectly transmitted between the two devices, and paper data theft. Hardware tampering typically involves a hacker attaching a small device known as a “skimmer” to your terminal in order to collect card information. Hardware replacement involves secretly swapping your terminal with another identical terminal that has malicious code installed on it. Malware can be downloaded onto the Internet-connected payment terminal through the terminal’s internet browser or as a result of weak password protection on the location’s internet connection, insufficient firewall software to protect the location’s internet connection, or outdated payment processing software with known exploits. Card data can be incorrectly passed between the two devices as the result of improper integration or installation. Paper data theft occurs when a scammer steals the information that the terminal prints out after each transaction or shift.

To avoid breaches through your internet-connected terminals, you should periodically inspect your payment terminals for any tampering, deal directly with your equipment provider when having equipment switched out or serviced, destroy all non-essential paper receipts, be sure to install a firewall for your internet connection, keep your terminal’s POS software up to date, maintain strong passwords, switch passwords out frequently, ensure that sensitive data is not being transmitted between your terminal and cash register, and restrict internet browsing on the terminal or any devices connected to the terminal. If possible, try not to keep any paper materials containing transaction information at your location at all.

Click to return to menu.

7. Integrated payment terminal and payment middleware share card data. Payments send via Internet.

This system consists of a single combined payment terminal and electronic cash register that sends payment data to the bank via an internet connection. Staff members can swipe magnetic stripe cards through a card reader, but there is no EMV reader or separate PIN entry device. The integrated terminal runs payment processing software that is used to process each transaction. No other third-party devices are connected to the payment system.

This system’s vulnerabilities include hardware tampering, hardware replacement, internet-transmitted malware, and remote access vulnerabilities. Hardware tampering typically involves a hacker attaching a small device known as a “skimmer” to your terminal in order to collect card information. Hardware replacement involves secretly swapping your terminal with another identical terminal that has malicious code installed on it. Malware can be downloaded onto the Internet-connected payment terminal through the terminal’s internet browser or as a result of weak password protection on the location’s internet connection, insufficient firewall software to protect the location’s internet connection, or outdated payment processing software with known exploits. “Remote access” refers to the ability for your merchant services provider to connect to your device via the internet from an off-site location in order to provide customer support. Hackers can exploit poorly configured or unmonitored remote access connections.

To avoid breaches through your internet-connected terminals, you should periodically inspect your payment terminals for any tampering, deal directly with your equipment provider when having equipment switched out or serviced, be sure to install a firewall for your internet connection, keep your terminal’s POS software up to date, maintain strong passwords, switch passwords out frequently, ensure that sensitive data is not being transmitted between your terminal and cash register, restrict internet browsing on the terminal or any devices connected to the terminal, and only use remote access with caution and as a last resort.

Note: this system is considered “higher” risk by the PCI council.

Click to return to menu.

8. Encrypting wireless payment terminal (“Pay-at-Table”) with integrated payment terminal and “middleware.” Payments sent via Internet.

Common at restaurants, this system consists of a single combined payment terminal and electronic cash register that sends payment data to the bank via an internet connection, but the integrated payment terminal’s magnetic card reader in this case has been disabled. Instead, card payments are accepted “at the table” via a wireless credit card processing terminal with a built-in magnetic stripe or EMV chip reader. The integrated payment terminal runs also payment processing software that is used to process each transaction. No other third-party devices are connected to the payment system.

This system’s vulnerabilities include hardware tampering, hardware replacement, internet-transmitted malware, and remote access vulnerabilities. Hardware tampering typically involves a hacker attaching a small device known as a “skimmer” to your terminal in order to collect card information. Hardware replacement involves secretly swapping your terminal with another identical terminal that has malicious code installed on it. Malware can be downloaded onto the Internet-connected payment terminal through the terminal’s internet browser or as a result of weak password protection on the location’s internet connection, insufficient firewall software to protect the location’s internet connection, or outdated payment processing software with known exploits. “Remote access” refers to the ability for your merchant services provider to connect to your device via the internet from an off-site location in order to provide customer support. Hackers can exploit poorly configured or unmonitored remote access connections.

To avoid breaches through your internet-connected terminals, you should periodically inspect your payment terminals for any tampering, deal directly with your equipment provider when having equipment switched out or serviced, be sure to install a firewall for your internet connection, keep your terminal’s POS software up to date, maintain strong passwords, switch passwords out frequently, ensure that sensitive data is not being transmitted between your terminal and cash register, restrict internet browsing on the terminal or any devices connected to the terminal, and only use remote access with caution and as a last resort.

Click to return to menu.

9. Payment terminal connected to electronic cash register, with additional connected equipment. Payments sent via Internet.

This system consists of a payment terminal that transmits card data to banks via the internet and also connects to an electronic cash register. The system also contains any number of additional electronic devices connected to the same local network, such as desktop computers, cameras, and IP phones. These devices may or may not connect to the actual POS equipment, but they definitely share an internet connection with it running through the same router and firewall.

This system’s vulnerabilities include hardware tampering, hardware replacement, internet-transmitted malware, remote access vulnerabilities, and unsecured devices connected to the network. Hardware tampering typically involves a hacker attaching a small device known as a “skimmer” to your terminal in order to collect card information. Hardware replacement involves secretly swapping your terminal with another identical terminal that has malicious code installed on it. Malware can be downloaded onto the Internet-connected payment terminal through the terminal’s internet browser or as a result of weak password protection on the location’s internet connection, insufficient firewall software to protect the location’s internet connection, or outdated payment processing software with known exploits. “Remote access” refers to the ability for your merchant services provider to connect to your device via the internet from an off-site location in order to provide customer support. Hackers can exploit poorly configured or unmonitored remote access connections. Unsecured devices connected to the network (including the router itself) provide another way for hackers to access the payment environment.

To avoid breaches through this system, you should periodically inspect your payment terminals for any tampering, deal directly with your equipment provider when having equipment switched out or serviced, be sure to install a firewall for your internet connection, keep your terminal’s POS software up to date, maintain strong passwords, switch passwords out frequently, ensure that sensitive data is not being transmitted between your terminal and cash register, restrict internet browsing on the terminal or any devices connected to the terminal, secure all third-party electronic devices connected to the network, and only use remote access with caution and as a last resort.

Note: this system is considered “higher” risk by the PCI council.

Click to return to menu.

10. E-commerce merchant with fully outsourced payment page. Payments sent via Internet by third-party provider.

This e-commerce payment environment consists of a business website that advertises products but does not process payments. After selecting the items they wish to purchase, customers are sent to an off-site page exclusively hosted by a third party payment processor. The checkout process is completely outsourced and the merchant has no access to card data.

This system’s vulnerabilities include the hacking of the merchant’s website and the hacking of the third-party processor’s systems. Your website can be hacked if it maintains poor password protection or if you download malware that allows hackers to infiltrate your computer. Hackers can then track visitors to your website and record their payment information as they enter it. A third-party payment processor’s systems can be hacked via similar means.

To avoid any breaches to this system, be sure to maintain strong passwords, switch passwords frequently, keep your computer’s software updated, browse the internet with caution on your work computer, run anti-virus software on your computer, and install security patches when they are available from your processor. The hacking of your third-party payment processor’s systems is largely out of your control.

Click to return to menu.

11. E-commerce merchant accepts payments on own payment page and manages own website. Payments sent via Internet by merchant.

This e-commerce payment environment consists of a business website that advertises products and processes payments from customers. The merchant controls both the online storefront and at least some elements of the payment page. The payment page may be hosted by the merchant or by the merchant’s processor, but it isn’t fully managed by the third-party processor. This means that customers will enter their payment information into a page that is controlled by the merchant or hosted on the merchant’s website.

This system’s vulnerabilities include the hacking of the merchant’s website and the hacking of the third-party processor’s systems. It is more vulnerable than completely outsourcing the payment process to a third-party processor because any device or piece of software on your system creates an access point for hackers to steal data. Your website can be hacked if it maintains poor password protection or if you download malware that allows hackers to infiltrate your computer. Another common method for hacking merchant websites is called SQL injection. Once a website is compromised, hackers can track its visitors and record their payment information as they enter it. A third-party payment processor’s systems can be hacked via similar means.

To avoid breaches to this system, be sure to maintain strong passwords, switch passwords frequently, keep your computer’s software updated, browse the internet with caution on your work computer, run anti-virus software on your computer, avoid storing payment information on your system, limit remote access, and install security patches when they are available from your processor. The hacking of your third-party payment processor’s systems is largely out of your control.

Note: this system is considered “higher” risk by the PCI council.

Click to return to menu.

12. Encrypting secure card reader and mobile payment terminal. Payments sent via cellular network only.

Most common among merchants selling at non-fixed locations, this mobile payment system consists of a mobile device and connected credit card reader that exclusively transmits payment data to the bank via a cellular data connection. This system does not transmit payment data via Wi-Fi. The card readers in this system encrypt the card information before it enters the mobile device, meaning that the device does not store or transmit raw credit card data. Additionally, the merchant does not have the ability to manually enter credit card data. There may also be a PIN entry device that connects wirelessly or directly to the mobile device.

This system’s vulnerabilities include the hacking of the mobile device, the downloading of malicious apps to the device, and hardware tampering. Your mobile device can be hacked if you download malware using the device’s browser or if a hacker physically installs malware onto the device. Once installed, this malware enables the hacker to steal card or PIN data that is entered by any method other than the encrypted readers. Malicious apps may be downloaded to the device through the app store, after which they would grant hackers access to any unencrypted payment data. Hardware tampering occurs when a scammer modifies or switches out your existing hardware in order to install a “skimmer” on the device that will collect and relay card data to the scammer.

To avoid breaches to this system be sure to periodically inspect your card readers and mobile devices for signs of tampering, use PCI-approved PIN entry devices and card readers, only enter card information using card readers with built-in encryption, use strong password protection on your device, be highly selective about which apps you install on the device, install security patches whenever they’re available, and run anti-virus software on your device.

Click to return to menu.

13. Encrypting secure card reader and mobile payment terminal. Payments sent via cellular network or Wi-Fi.

This mobile payment system consists of a mobile device and connected credit card reader that transmits payment data to the bank via either a cellular data network or a Wi-Fi internet connection. The card readers in this system encrypt the card information before it enters the mobile device, meaning that the device does not store or transmit raw credit card data. Additionally, the merchant may or may not have the ability to manually enter credit card data. There may also be a PIN entry device that connects wirelessly or directly to the mobile device.

This system’s vulnerabilities include the hacking of the mobile device, the downloading of malicious apps to the device, hardware tampering, and an unsecured internet connection. Your mobile device can be hacked if you download malware using the device’s browser or if a hacker physically installs malware onto the device. Once installed, this malware enables the hacker to steal card or PIN data that is entered by any method other than the encrypted readers. Malicious apps may be downloaded to the device through the app store, after which they would grant hackers access to any unencrypted payment data. Hardware tampering occurs when a scammer modifies or switches out your existing hardware in order to install a “skimmer” on the device that will collect and relay card data to the scammer. An unsecured, public internet connection with no firewall or password protection can enable a hacker to gain access to any device using that connection.

To avoid breaches to this system be sure to periodically inspect your card readers and mobile devices for signs of tampering, use PCI-approved PIN entry devices and card readers, only enter card information using card readers with built-in encryption, use strong password protection on your device, be highly selective about which apps you install on the device, install security patches whenever they’re available, run anti-virus software on your device, and enable password protection and a firewall on the Wi-Fi connection you use.

Click to return to menu.

14. Virtual payment terminal accessed via merchant Internet browser. Payments sent via Internet.

This payment system consists of a virtual terminal running on a merchant’s PC or mobile device. A virtual terminal is a piece of software or a website that securely imitates a conventional credit card terminal, enabling a merchant to manually enter credit card data and transmit it to the bank via the internet. The PCI council does not believe that this system should include an attached card swiper or EMV reader, but some virtual terminals do support connected card readers.

This system’s vulnerabilities include internet-transmitted malware and an unsecured internet connection. Malware can be downloaded onto your PC or mobile device through the device’s internet browser or as a result of weak password protection on your location’s internet connection, insufficient firewall software to protect the location’s internet connection, or outdated payment processing software with known exploits. If your Wi-Fi connection is not secured with a password and a firewall, a hacker could access your virtual terminal through that network.

To avoid breaches to this system, be sure to use strong passwords, change passwords frequently, run anti-virus software on your computer, exercise caution when browsing the internet on your computer, keep your computer’s software updated, and secure your Wi-Fi connection with a firewall and password protection.

Click to return to menu.

 

Every Payment Environment Is Different

Whether or not your payment processing system falls neatly into one of these 14 categories, the challenges of securing your business environment will be specific to your location, your technology, your employees, and your industry. These guidelines are merely intended to give you a starting point for understanding your potential exposure to hackers. Always be sure to voice any security concerns you may have to your merchant account provider, as it is in their interest to prevent a breach to your system as well.

Source consulted: https://www.pcisecuritystandards.org/pdfs/Small_Merchant_Common_Payment_Systems.pdf.

About The Author

Phillip Parker

In the late 2000s, as a broke college student struggling to make ends meet, I was contacted by a merchant services company after uploading my resume to a job listings website. This company promised substantial commissions and ongoing residual income for simply persuading businesses to accept credit card payments. It seemed straightforward enough—after all, what business doesn’t need to process credit card payments? Following a phone interview with a persuasive “sales director,” I found myself embarking on what I believed would be an easy job that would significantly boost my bank account with reliable monthly income and large sales commissions. However, the lessons I learned would profoundly change my life in ways I could never have imagined.

After completing my sales training, I hit the ground running, eager to make sales. This broke college student was determined to improve his financial situation! My first attempt at a cold call, with no prior appointment, ended with a burly man in his 50s yelling at me to leave, claiming he had been “totally robbed” by someone like me before. As I hastily exited, puzzled and intimidated by his reaction, I couldn’t help but wonder what he meant. Throughout the day, I encountered similar hostility from other business owners, all expressing disdain for the industry I had been so excited to join that morning. Confused and curious, I decided to shift my approach from selling to listening.

I quickly uncovered that the merchant services sector was riddled with unethical practices, including hidden fees, deceptive marketing, fine-print traps, and much more. It dawned on me that I had nearly been tricked by a dubious company into selling overpriced services under contracts with long-term commitments, all without being fully aware of what I was promoting. Outraged, I resigned from that company but learned that there were indeed ethical credit card processing companies that treated their clients fairly. Over the next four years, I worked for one such company, assisting hundreds of businesses in securing cost-effective processing solutions. Yet, I also met many more who had been misled and trapped in onerous service agreements. Determined to help people steer clear of these unscrupulous providers, I launched this website in my spare time, dedicating myself to researching and sharing my findings on every merchant account provider I could investigate.

Gradually, more and more business owners began to discover my articles. As word spread, search engines started to rank my content highly, amplifying its reach. My efforts were making a difference! Eventually, the website garnered enough traffic to enable me to leave my job and focus on it full-time, a journey that has now spanned over a decade. This path has not been without its challenges; unscrupulous company owners have tried to intimidate and sue me into silence on several occasions. Yet, I have stood firm against each threat. Here I am, continuing to publish reviews and articles, hoping to safeguard others from the pitfalls of the credit card processing industry.

If you believe in my mission and wish to contribute, please share my articles on your websites and social media. Thank you for visiting!

Follow Phillip Parker

Reader Comments

Tell Us What You Think

Tell Us How They Treated You

Sharing your experience influences our rating and helps other business owners make informed decisions. Please take a moment to tell us if they are serving you well. Your email address will never be published, shared or sold. We only use it to authenticate that you are a real person and, if you select the option for it, to let you know if someone replies to your comment. Required fields are marked *

Comments must contain details about your experience. Please do not use ALL CAPS. Self-promotion, marketing content, or contact information of any kind will not be published. By submitting a comment, you are agreeing to our Comment Policy

Copyright

Copyright © 2024 CardPaymentOptions.com, Inc. (Digital Fingerprint: 0d38c6720f0d78a701b74d58653af608). Getting paid to re-write this page? Click here to earn a reward.

Any unauthorized copying and reproduction of the content of this page, including all meta data and computer code, is strictly prohibited. While the information in the above article is believed to be accurate as of its publish date, the author and publisher make no representation or warranties with respect to the accuracy, applicability, fitness, or completeness of the contents. The author and publisher shall in no event be held liable to any party for any direct, indirect, punitive, special, incidental or other consequential damages arising directly or indirectly from any use of this material, which is provided “as is,” and without warranties. Any and all use of trade names and/or marks are for identification purposes only and shall not be construed as a claim of affiliation, or otherwise, with CardPaymentOptions.com, Inc. ("CPO") in any form. The sole purpose of the material presented herein is to alert, educate, and inform readers. It is not intended as legal or financial advice. We may earn revenue if you obtain services from a provider that we recommend. See this page to learn how we support our operations.