TTrustwave, a managed security service provider, disclosed July 11, 2019, that it has completed a six-month remediation process with Uniguest, following the discovery of a software flaw in one of the company's older kiosks. Originally identified by Adrian Pruteanu, senior security researcher at Trustwave SpiderLabs, during routine penetration testing, the vulnerability had the potential to expose guest information and log-in credentials to hackers, if left untreated.
In a July 11 blog post titled, "Hardcoded Credentials in Uniguest Kiosk Software lead to API Compromise," Pruteanu observed that Uniguest deploys self-attended solutions in hotel lobbies across North America. The machines are centrally managed and run a locked-down version of Windows that restricts users to basic tasks like web browsing and printing boarding passes.
By Dale S. Laszig
IIn a hyperconnected world of one-click checkouts and same-day deliveries, the race is on to provide seamless, frictionless commerce. Consumers share buying experiences and reviews on social media, encouraging or discouraging others who contemplate similar purchases. Merchants thank positive reviewers and beg critics for a second chance. Service providers bundle reputation management with processing, helping merchants engage with customers in the always-on, virtual marketplace.
In this week's podcast Ben Trombley describes how his firm, Encytro, helps ISOs and MLSs grow revenues through a merchant data security and chargeback reimbursement program. Patti reports on the ongoing need to protect against POS hacks. And James offers advice on overcoming barriers to productivity and profitability.
Company profile from GS190701
WWhen international Massachusetts Institute of Technology student Iker Marcaide had trouble wiring tuition money overseas, he decided it was time to craft a new kind of international payments model. Two years later, Marcaide's inspiration resulted in the formation of Flywire, a money transfer business that was already proving it could process international payments for education institutions with less time, aggravation and cost for both payers and receivers.