Electronic payment terminals, also called EPTs, are subjected to numerous attempts at hacking or theft. Indeed, owing to the nature of the information that they contain and the sensitivity of the data that they process, a payment terminal is an object of great value for malicious individuals.
A certain type of fraud especially is tending to become widespread: this is the technique of replacing an authentic payment terminal by a fraudulent payment terminal. The authentic payment terminal is stolen from a commercial establishment and immediately replaced by a payment terminal that has an appearance of validity but has actually been modified, for example to read and copy out data from customers' bank cards so as to be able thereafter to carry out fraudulent transactions with the customer data that has already been read.
In another type of fraud, the authentic payment terminal is stolen and hacked into (both at the software and the hardware levels). Then this stolen and hacked terminal is put back in its place so that it can perform fraudulent transactions.
The unsuspecting merchant can thus easily be duped and it will be several days before he realizes that his terminal has been replaced or hacked into.
Wire-connected payment terminals, for example a terminal connected to a base, are of course more difficult to steal than mobile payment terminals but are nevertheless subject to numerous attempts at theft or replacement. These terminals are connected to a communications cable by means of a main connector. Such a main connector generally comprises at least one electrical power supply line and at least one data communications line. Since no efficient anti-theft method is proposed at present, it is relatively easy for a malicious individual to remove the connector in order to get hold of the payment terminal for purposes of hacking. The presence of locks or other anti-theft equipment calls for additional equipment, and this is not optimal and is not always dissuasive.
One way to detect the fact that an authentic payment terminal has been replaced by a fraudulent payment terminal or has been hacked into is to weigh the payment terminal daily. If the weight measured in the weighing operation is different from the original weight of the terminal, then it means that the terminal has been replaced by a fraudulent terminal or that it has been modified for the purposes of being hacked. The merchant can then be alerted to the fraud.
However, this technique does not prevent hacking into the payment terminal since it is used only to detect the fraudulent act and not to prevent it. It is therefore not very dissuasive.
It would be therefore particularly useful to be able to propose a solution so as to obtain efficient protection against fraud and hacking in electronic payment terminals.