The customer is able to swipe card on readers (without pressing start) and then charge an amount in excess of the current balance (minus deductions for the swipes just performed).


Functioning as designed- card balance is not actually altered until 'Start' is pressed on the machines and the POS does not check the database a second time to verify the balance.


  1. Card #1 has $10.00 balance
  2. Card is swiped in machine ($8.00 start price). Start button is not pressed.
  3. Card is scanned on POS. POS loads card details into memory ($10.00 balance)
  4. Start button is pushed on machine. Card balance is now $2.00.
  5. Item on POS is selected and purchased ($3.00). The POS has the balance loaded into memory, and knows the item is $3.00. It will create a transaction for $3.00, and set the cards balance to $7.00 (10.00 - 3.00). The Classic POS does not recheck the balance before actually performing the transaction.