How to Upgrade Your Cash, Credit Card & POS Security Systems
In busy hospitality businesses, upgrading cash, credit card & POS security systems is more important than ever. While cash use is on the decline, it’s still vital to treat cash handling with care to prevent theft and errors. There’s also a continued rise in credit card and online fraud. This guide covers best practices for managing cash, using your Point of Sale (POS) system, and securely handling customer credit card transactions. Use these guidelines to reduce the risk of losses, keep your staff accountable, and build trust with customers.
Restaurant and Cafe Cash Controls
Check your systems against this best-practice list…
Policy and Access Control – Written standard cash/credit handling policy – Limited access to safe – specifically authorised people only – Key and safe combination access log is maintained – Use of POS-integrated safe deposit tracking for all deposits, ensuring detailed logging of user and timing information
Cash Handling Procedures – Predetermined cash bank – Cash stores kept to a minimum – Use of a drop safe – Individuals handling cash have no access to the books – Paid-outs on form filled out by managers only – Paid-outs are deducted from petty cash or store bank, not from daily deposits – Use of separate envelopes for bank and daily receipts
Deposit and Reconciliation – One nominated person responsible for shift deposits – Use of separate deposits for each shift – Bank deposits made daily – Bank deposit slips attached to daily cash reports – Surprise cash counts of cash drawers and stored cash banks performed on a regular basis – Cash reconciliation software is used to automate and track end-of-day balancing, flagging discrepancies immediately – Daily review of cash variances using analytics software that highlights unusual cash discrepancies by shift or employee
Point of Sale and Cash Register Controls
POS systems can be complicated, so careful training and audits are essential to guard against errors…
POS Access and Security – Written standard cash register procedures – Only trained and authorised personnel are allowed to use the POS/register – Registers not left unattended – Use of biometric or PIN-based employee login for registers to prevent unauthorised access – Restrict the use of ‘No Sale’ and ‘Void’ functions to managers only, with automatic logging for review
Transaction Transparency and Accuracy – Dollar amount of entries and totals are visible to the cashier and customers – Sales always rung up at the time of transactions – not put aside for when it’s less busy – Cash receipts provided to guests for all transactions – Cashiers place customer’s money on the register ledge until the change is given – Manager is called immediately to handle over-rings and under-rings – Brightly-coloured void slips are used for all errors and over-rings – The manager is contacted when customers leave money behind, and contact is made if appropriate. Stored with details in the safe.
End-of-Day Procedures and Reporting – Use of registers with cumulative register reading – Cumulative register reading incorporated in the daily sales report – If multiple registers are used, there is no exchange between registers – Cash register cleared (Z reading) each day – Daily cash register or POS report filed by manager – Daily register tape attached to daily cash report – Automated email alerts to managers for any high-value transactions or refunds processed after-hours or on low-traffic days – Integration of POS data with CCTV to provide synced visuals of transactions, reducing the likelihood of theft – Digital register readings sent directly to cloud storage, with restricted access for security and auditing
These additional controls are essential for protecting sensitive customer information and reducing the risk of fraud, especially in the age of contactless and online payments.
Policy and Compliance – Written standard policy for handling customer credit card information – Only trained, authorised personnel are allowed to handle customer cards – Compliance with PCI DSS (Payment Card Industry Data Security Standard) guidelines – Use of secure, encrypted payment terminals that comply with the latest EMV chip technology
Handling and Transaction Procedures – Credit cards should never leave the customer’s sight during a transaction – if the customer is sitting at a table, the credit card machine should be brought to them – Always request customer identification for high-value transactions over [$500] – Use contactless payments or mobile wallets to reduce card handling – Automatic masking of card numbers on printed receipts (showing only the last four digits) – Manager approval is required for manual entry of credit card details or refunds – these are identified in end-of-shift reports – Daily review of refunds and manual card entries for suspicious activity
Data Security and Monitoring – POS systems integrated with encrypted credit card processing software – Regular software updates to payment terminals to protect against vulnerabilities – No storage of customer credit card information on local systems or printed forms – Use of automated alerts for any after-hours or high-value credit card refunds – Review of all credit card chargebacks to identify potential fraud patterns – Secure disposal of any paperwork containing partial credit card information (e.g., shredding)
Handling Declined Credit Card Transactions
Help staff navigate awkward situations smoothly while ensuring security and professionalism. Card declines usually happen for a valid reason, and it’s important to maintain security while managing customer embarrassment.
Customer Interaction Process – Stay calm and discreet: If a customer’s card is declined, handle the situation quietly to avoid embarrassment. Politely inform the customer: ‘I’m sorry, it seems your card didn’t go through. Would you like me to try it again?’ – Offer to retry: Sometimes, a declined transaction may be due to a temporary issue. Politely ask if they would like to try again or use a different card or payment method. Never publicly announce or discuss a declined card with other customers or staff.
Verification and Alternatives – If the card continues to decline, ask if the customer has another form of payment, such as another card or mobile wallet (e.g., Apple Pay, Google Pay). – Do not pressure the customer: Respectfully allow them a moment to check their balance or call their bank if needed. – If the customer is unsure why the card is being declined, offer to hold their bill while they resolve the issue privately, if possible.
Security and Reporting Procedures – Never override the decline: Do not attempt to bypass the declined transaction by entering the card details manually without customer authorisation. – Inform a manager if a customer insists there must be a mistake, and let the manager decide how to proceed. – Log all declined transactions in the POS system with a note to track any potential patterns of fraud or recurring issues. – Immediately report any suspicious behaviour (e.g., multiple declined cards or attempts) to management for further investigation.
Maintaining Customer Relations – Be empathetic and professional. A declined card can be embarrassing for customers, so maintaining a friendly tone is essential to preserving the customer relationship. ‘These things happen sometimes. No worries, we’ll get it sorted.’ – Thank the customer for their understanding and ensure they leave with a positive impression, regardless of the payment issue.
In busy hospitality businesses, upgrading cash, credit card & POS security systems is more important than ever. While cash use is on the decline, it’s still vital to treat cash handling with care to prevent theft and errors. There’s also a continued rise in credit card and online fraud. This guide covers best practices for managing cash, using your Point of Sale (POS) system, and securely handling customer credit card transactions. Use these guidelines to reduce the risk of losses, keep your staff accountable, and build trust with customers.
Restaurant and Cafe Cash Controls
Check your systems against this best-practice list…
Policy and Access Control
– Written standard cash/credit handling policy
– Limited access to safe – specifically authorised people only
– Key and safe combination access log is maintained
– Use of POS-integrated safe deposit tracking for all deposits, ensuring detailed logging of user and timing information
Cash Handling Procedures
– Predetermined cash bank
– Cash stores kept to a minimum
– Use of a drop safe
– Individuals handling cash have no access to the books
– Paid-outs on form filled out by managers only
– Paid-outs are deducted from petty cash or store bank, not from daily deposits
– Use of separate envelopes for bank and daily receipts
Deposit and Reconciliation
– One nominated person responsible for shift deposits
– Use of separate deposits for each shift
– Bank deposits made daily
– Bank deposit slips attached to daily cash reports
– Surprise cash counts of cash drawers and stored cash banks performed on a regular basis
– Cash reconciliation software is used to automate and track end-of-day balancing, flagging discrepancies immediately
– Daily review of cash variances using analytics software that highlights unusual cash discrepancies by shift or employee
Point of Sale and Cash Register Controls
POS systems can be complicated, so careful training and audits are essential to guard against errors…
POS Access and Security
– Written standard cash register procedures
– Only trained and authorised personnel are allowed to use the POS/register
– Registers not left unattended
– Use of biometric or PIN-based employee login for registers to prevent unauthorised access
– Restrict the use of ‘No Sale’ and ‘Void’ functions to managers only, with automatic logging for review
Transaction Transparency and Accuracy
– Dollar amount of entries and totals are visible to the cashier and customers
– Sales always rung up at the time of transactions – not put aside for when it’s less busy
– Cash receipts provided to guests for all transactions
– Cashiers place customer’s money on the register ledge until the change is given
– Manager is called immediately to handle over-rings and under-rings
– Brightly-coloured void slips are used for all errors and over-rings
– The manager is contacted when customers leave money behind, and contact is made if appropriate. Stored with details in the safe.
End-of-Day Procedures and Reporting
– Use of registers with cumulative register reading
– Cumulative register reading incorporated in the daily sales report
– If multiple registers are used, there is no exchange between registers
– Cash register cleared (Z reading) each day
– Daily cash register or POS report filed by manager
– Daily register tape attached to daily cash report
– Automated email alerts to managers for any high-value transactions or refunds processed after-hours or on low-traffic days
– Integration of POS data with CCTV to provide synced visuals of transactions, reducing the likelihood of theft
– Digital register readings sent directly to cloud storage, with restricted access for security and auditing
See also: Protecting the Security of your Restaurant Point of Sale
How to Choose the Right Point of Sale System for Your Restaurant or Cafe
Customer Credit Card Management & Security
These additional controls are essential for protecting sensitive customer information and reducing the risk of fraud, especially in the age of contactless and online payments.
Policy and Compliance
– Written standard policy for handling customer credit card information
– Only trained, authorised personnel are allowed to handle customer cards
– Compliance with PCI DSS (Payment Card Industry Data Security Standard) guidelines
– Use of secure, encrypted payment terminals that comply with the latest EMV chip technology
Handling and Transaction Procedures
– Credit cards should never leave the customer’s sight during a transaction – if the customer is sitting at a table, the credit card machine should be brought to them
– Always request customer identification for high-value transactions over [$500]
– Use contactless payments or mobile wallets to reduce card handling
– Automatic masking of card numbers on printed receipts (showing only the last four digits)
– Manager approval is required for manual entry of credit card details or refunds – these are identified in end-of-shift reports
– Daily review of refunds and manual card entries for suspicious activity
Data Security and Monitoring
– POS systems integrated with encrypted credit card processing software
– Regular software updates to payment terminals to protect against vulnerabilities
– No storage of customer credit card information on local systems or printed forms
– Use of automated alerts for any after-hours or high-value credit card refunds
– Review of all credit card chargebacks to identify potential fraud patterns
– Secure disposal of any paperwork containing partial credit card information (e.g., shredding)
Handling Declined Credit Card Transactions
Help staff navigate awkward situations smoothly while ensuring security and professionalism. Card declines usually happen for a valid reason, and it’s important to maintain security while managing customer embarrassment.
Customer Interaction Process
– Stay calm and discreet: If a customer’s card is declined, handle the situation quietly to avoid embarrassment. Politely inform the customer:
‘I’m sorry, it seems your card didn’t go through. Would you like me to try it again?’
– Offer to retry: Sometimes, a declined transaction may be due to a temporary issue. Politely ask if they would like to try again or use a different card or payment method. Never publicly announce or discuss a declined card with other customers or staff.
Verification and Alternatives
– If the card continues to decline, ask if the customer has another form of payment, such as another card or mobile wallet (e.g., Apple Pay, Google Pay).
– Do not pressure the customer: Respectfully allow them a moment to check their balance or call their bank if needed.
– If the customer is unsure why the card is being declined, offer to hold their bill while they resolve the issue privately, if possible.
Security and Reporting Procedures
– Never override the decline: Do not attempt to bypass the declined transaction by entering the card details manually without customer authorisation.
– Inform a manager if a customer insists there must be a mistake, and let the manager decide how to proceed.
– Log all declined transactions in the POS system with a note to track any potential patterns of fraud or recurring issues.
– Immediately report any suspicious behaviour (e.g., multiple declined cards or attempts) to management for further investigation.
Maintaining Customer Relations
– Be empathetic and professional. A declined card can be embarrassing for customers, so maintaining a friendly tone is essential to preserving the customer relationship. ‘These things happen sometimes. No worries, we’ll get it sorted.’
– Thank the customer for their understanding and ensure they leave with a positive impression, regardless of the payment issue.
Check the other useful blog posts on the Foodie Coaches website…
Want to get some 1 on 1 help with your business? Talk to one of our coaches