Printer Friendly

The pros of your POS.

HE RETAIL INDUSTRY ENCOMPASSES an array of market segments that reflect the changing demands of consumers. But as diverse as the retail market is, all of its segments have one factor in common--the need for point of sale (POS) systems.

Although often perceived as completely separate functions, POS systems and security systems overlap. Yet POS systems do not displace security requirements; they enhance them. Today, POS systems can be directly tied into security systems. Here's how.

Retail stores are particularly susceptible to robbery attempts. One approach to prevent the risk of robbery is to fortify POS functions with security procedures.

For example, the no-sale command that opens the cash drawer can be programmed to require a two-step sequence, such as hitting the subtotal key before the no-sale key. The drawer may open even if the no-sale key is pressed alone, but if this happens, the POS system will send a message to an alarm panel to initiate a trouble message to a central monitoring site.

Certain types of transaction exceptions--transactions that vary from the norm--can be monitored by being tied into a POS system. For example, a no sale may occur for valid reasons and signifies that the cash drawer is exposed. A count of the number of no sales should be maintained for each cashier.

A common transaction exception is an item correction. After a sale is rung up and paid for, a dishonest cashier may perform several item corrections before the transaction is completed. The difference--the sum of the item corrections--is then pocketed by the cashier.

One way to circumvent this is to have a POS system that marks each item as it is registered. If an item correction is attempted for an unmarked item, the correction attempt will be ignored.

Another solution is to count the number of times each item in the store is registered. If a correction is attempted and this count is zero, the attempt will be ignored. This requires that the POS system clear these temporary item counters at the end of a transaction.

The retail security director and the system installer must team up to design these procedures. Only the security director can outline to the system installer what the needs of his or her business are.

Because exceptions are--or should be associated with a cashier known to the POS system and the POS system maintains an ongoing internal record of the cashier, an exception report, containing the exception type, amount, time, and other pertinent information, can be attached to a cashier's record.

A receipt of the exceptions can also be printed and signed by a manager. These exceptions should have a nonresettable counter to provide an audit trail.

The cashiers' exception reports can be included in a separate summary report, which is accessible only to management. These exception reports can only be cleared after the report is examined.

The intent of these exception reports is not to admonish the cashier, since mistakes do happen, but to deter him or her from temptation.

ALL POS SYSTEMS COLLECT INFORMATION, such as inventory levels, total sales, tendering media, and cashier activity. Many of the newer POS systems can be called from a central store over the phone and transfer this information in the form of reports without an attendant and without affecting the POS system's operation.

The central site may also send the POS system new information, such as price changes, inventory transfers, and adjustments. Unfortunately, anyone with a computer and modem can call the POS system and, given enough time and determination, initiate a report transfer. Several data transfer methods can be used to reduce this risk:

* Encrypting data. This is the most secure way to protect the information transfer. It is also the most expensive, requiring both the transmitters and the receivers to have specialized modems.

* Limiting access time. The POS system can be directed to only accept a remote transfer during certain time periods. To be effective, the time window should be changed randomly.

* Condensing reports. Fully formatted reports can be reduced to contain only the basic information. This reduces transfer time and, consequently, communications costs.

* Scrambling data. This method is similar to condensing reports, with one exception. The placement of the cell values are randomly mixed, with the mixing order changed periodically.

* Calling back. The POS system hangs up and then calls the central site back before initiating a transfer. The call-back phone number cannot be changed by store personnel. This method can use any of the transfer methods outlined previously.

Reports taken locally at the POS system can also be secured in a variety of ways. This is particularly important for protecting exception reports that could be cleared otherwise.

The POS system could have access to the local reports protected by passwords. Passwords may also be augmented by entitlement levels in which a password holder may initiate some reports but not others, and the accessible report information sensitivity is linked to the password holder. Reports considered confidential may require two separate password holders.

A POS system's ability to secure specific report information, particularly when coupled with exception handling, provides a powerful tool to authenticate operations. An example of this is an absentee owners ability to validate a contract employee's performance in high cash-flow businesses, such as parking lots or dry cleaners.

INVENTORY MANAGEMENT AND CONTROL represent particular challenges because of the variety of retail products. A store that has a relatively small number of high-value products, such as an appliance store, uses control techniques that are markedly different from a store that has a large number of low-value products, such as a convenience store.

Food establishments have a special problem. Tracking the flow of products from receiving to inventory to sales can be particularly difficult unless products are conveniently marked. In such cases, the POS system must be able to read the markings not only to register sales but also to check inventory.

Inventory shrinkage due to spoiling, waste, or employee theft can be detected on a statistical basis. The POS system maintains a computed on-hand count for each item (that is, a previously established physical on-hand count less the total sales count). The count is then periodically compared to a physical inventory count, which should be done regularly but randomly.

The physical count should be entered into the POS system. If the physical count does not match the computed on-hand count, the system will generate an exception message.

Food establishments cannot use bar codes for raw materials tracking, but because food is perishable, it sells fairly quickly. Therefore, if the POS system is capable of correlating the products sold to the raw materials, shrinkage can be detected quickly.

On the other hand, shrinkage from shoplifting can be difficult for food establishments to detect. One way to mitigate this problem is to have the POS system send a copy of a transaction, in ASCII, to CCTV systems that can accommodate recording text mixed with the camera image. The POS system can also provide a continuously recorded time stamp.

Several tags today operate as proximity cards that trigger an exit alarm if not disabled at the POS. These tags must be attached to the merchandise and must be electronically disabled or physically removed after the sale. Since the labor in handling these tags is high, they are generally used for high-value items, such as computer equipment, or items that could be confused with customer property, such as clothing.

Because disabling these tags requires specialized equipment, it is unlikely that a customer could defeat the system. Store personnel, however, could defeat it by not attaching the tags or by disabling them without an associated sale. To avoid the latter problem, the disabling electronics should be activated by the POS system only while a transaction is in progress.

Fully programmable POS systems allow for the inclusion of security aspects into the application itself. A few POS system manufacturers provide software development tools and utilities that can develop these applications in-house by using predefined vertical application templates or from independent third-party application developers.

These development tools provide a range of capabilities, such as transaction processing, report organization, and data maintenance. Different functions should be performed by different departments within an organization to preclude an individual from programming the POS system for his or her own benefit.

C. M. Brooks is the owner of Rexbro Systems in Buena Park, CA.
COPYRIGHT 1992 American Society for Industrial Security
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 1992 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:incorporating security features in point of sale systems
Author:Brooks, C.M.
Publication:Security Management
Date:Jun 1, 1992
Previous Article:Monitoring retail losses.
Next Article:Going undercover: an inside or an outside job?

Related Articles
Netupdate releases digital POS system. (Tech Newz).
Sollen partners with Netupdate. (Tech Newz).
Controlling the flow: control state agencies are looking at the newest point-of-sale technologies for their stores.

Terms of use | Copyright © 2017 Farlex, Inc. | Feedback | For webmasters