It seems that Best Buy uses unencrypted wireless to transfer in-store data, including register transactions & credit card info.
It seems that Best
Buy uses unencrypted wireless to transfer in-store data, including
register transactions & credit card info.
There was a thread about this, on the Kismet list previously. All Best
Buys use 802.11b, without WEP. With some strange SSID’s (That almost look
random). […]
Another anonymous posting on the topic:
This is indeed what’s going on, and Best Buy is not the only retailer that
is guilty of it. In the last two years I and others have done our own
research and found several large retailers that use WLAN to allow their
registers at the front of the store to talk to their main computer in the
back to handle things like pricing (how the register knows that the
toothpaste that was $1.99 on Saturday is now $1.50 on Sunday) as well as
credit card processing. At first we thought it was simply POS data to
help keep an accurate inventory and pricing data, but soon discovered
there was also credit card data being sent. I’ve found a decent indicator
to be the use of pricing/stocking guns with antennae, but it is not always
a smoking gun. When you consider that it’s names like Wal-Mart and Best
Buy, both large retailers, the benefits of making this information known
has been a equally weighed against what said retailer would do to us in
the courts if we made the information public.
[…]