Security Problem POS

[Robert_Nel]

Hi Dale ,
First thank you for the Pos.zip ver 6.08 that you sent me via email. I will install it today.
I had a bad experiance yesterday/last night where the cashier/ bar tender switched off the computor in my absence and changed the opening Cash figures, and took money , hoping I would blame the previous shift. Lucky I had a cash sales printout at the change of shift with me .I picked this up half an hour after she had left and when I was balancing my cash flow.
Maybe you could consider as a suggestion, a password to open the till? or changeing the opening figures?.
Thanks again
Robert Nel.
Ps. I retreived the missing money from her, at her home 2am in the morning. A young lady of 19 years old. I don't think I will press charges because of her age.

[Andrew]

In a nutshell - this hasn't identified a bug in DHPOS, but a loophole for your staff, which can be easily fixed (and should be asap) by yourself and any other similar employers...

1) For the 2 times I was a cashier, I signed a form submitting to a police vetting check. Thus allowing my employer to gain a list of any criminal offences against me. I think this is a good start when hiring staff.

2) Do you have video surveilance in this area? As well as store surveilance, we had one lane which had focused cameras for filming cash handling operations. Anyone cashier who was considered "dodgy" was placed on this lane.

Does anyone remember XBOB? He was the affordable video-POS data linking modue mentioned on here a while ago, he would have been a great help in this matter. But noooo-one said "yeah what a great idea, let's support it".

3) This isn't a security problem in DHPOS, it's doing exactly what it's designed to do. If you really want to stop someone rebooting - setup a power-on password in the BIOS. This will require entry before the computer will even start to think about loading the operating system. Thus preventing bypass...

4) This also indicates why it IS NOT a good idea to disable the print open/close receipt. If the person throws away the receipt or opts to not print one, you can always check the journal - this IS your friend, use it, and do so wisely.

5) Here, the young lady involved would have most definitely been prosecuted by the employer. You are entrusting your cashiers with your income, do you want to encourage this sort of thing happening again?

6) Have set and defined procedures and policies for the running of your store. At one job, the cash office monitored the takings of every lane via the POS system, of which there were 16.

When a pre-set level was reached, they would be alerted and a cash pickup would be performed on every lane to ensure a minimum of large notes were in each till. This cash pickup was assisted by a burly grocery person, who would walk with the cash office staff to each lane and collect the cash bags.

The cash was also removed from the premises on a regular basis by certified security guards.

[Nick]

I wrote somthing similer to what you discribed as a cashroom program but received little intrest except from one or two people but i do have a version I am working on for myself that will do almost excatly what you explaned including a pickup notifyer. I will post a link when I get this version working bug free.
-Nick

[Dale Harris]

Robert_Nel,

The "opening cash fund" feature is just there to do the math for you at the end of the day. It was never intended to be an official, uncorruptable, money amount. There are too many ways to cheat on it such as just filling in an incorrect value when the register is originally opened. And for that matter you can change the amount when the register is closed so there is no reason to power off the computer and then restart it. You can even go to the close screen, hit option #2, change the "opening cash fund", and then press [ESC] twice to return to the main menu to ring more sales.

The opening cash fund is printed on the opening receipt (once again I must stress what a horrible idea it is not to printing the opening receipt.) Does the opening cash fund on the opening reciept of your journal match the opening cash fund on the closing receipt of the journal? Put the opening receipt under the cash drawer so that the cashier can attach the opening receipt to closing receipt at the end of the day. Do the opening cash funds on both receipts match?

Somewhere, such as in the cash office, you must write down the correct opening cash fund for each register and then at the next morning verifiy that the correct value was used when each register was closed.

[Robert_Nel]

Thanks Dale,
What I have now done is use a password to "lock" the register, in the event of the power being switched off I personally will have to be contacted. to reopen. I think this will solve the problem.
I am doing an audit on the daily journals and have noticed that should you choose NOT to print a Opening Reciept , there is no record of opening in the journal ( Pos 6.08).Thanks again for your advice.
Robert Nel

[Alan]

You can put a password on both the BIOS and system startup, so that it can't even go into Windows/DOS without a password being entered.

Alan

[Andrew]

Alan,

I suggested that

[Chas]

An Idea,
In our store we have more than 1 till that contains a set amount in each one. To be exact each till has 251.00 in it. The starting amount is always the same. When the shift is over the $$ is counted and the till is put back to 251.00 for the next person. When the next person takes the til they count it to verify that it is actually 251.00. Using the same amount each time makes it easier to spot weird activity. It's a good idea to always use reports & before a cashier hands in their til, it's also a good idea for them to verify the drawer contents on some kind of count form\sheet to be handed in along with the reading. This method keeps people honest as each cashier is responsible for their own drawer.

Chas