Breaches in the retail and hospitality industries have decreased to less than 5 times per month. Previously, it was in the double digits over the past two years. The decrease is due to the merchants, hotels and restaurants improving their point-of-sale (POS) systems to accept EMV or chip payment cards. The POS systems were a large target for attacks for the hospitality industry. This accounted for almost 40% of the 181 breaches hotels and restaurants faced over the two-year period. The amount of attacks decreased to eight per month in 2015 then to two by the end of 2016.
For the retail industry, web apps were the main target for attacks. During the beginning of 2016, the retail industry saw an increase in web app attacks, but no POC system attacks. However, the hospitality industry experienced web app attacks in addition to the POS system attacks. Chip cards are more work for attackers to deal with. EMV cards do not hold a user’s data on a magnetic strip that could be skimmed and sold to the dark web. Also, special equipment is required to collect information off the chip payment cards. Due to this, it is easier for attackers to target web apps and intercepting an e-commerce transaction.