Home Checker ATM Security® Comprehensive and Effective Solution Designed for ATMs Print What is Checker ATM Security? General Information Cybersecurity product specifically designed for financial self-service networks. Checker ATM Security® is a world-class cybersecurity product specifically designed for ATMs and kiosks. Checker® will help you protect your ATMs from logical fraud while meeting applicable PCI-DSS requirements quickly and effectively, even for unsupported versions of the ATM operating system. Comprehensive and effective cybersecurity designed for ATMs > 300,000 Protects over 300,000 ATMs > 100 Serves over 100 clients > 40 Present in some 40 countries around the world Highlights Collaboration on ATMIA Next Gen Champions, a project to create a new API model compatible around the world. Associate member of the European Association for Secure Transactions (EAST) since 2013. Features Checker ATM Security Protection of the entire system based on security policies Checker® provides a set of tools for creating, implementing, and maintaining server-side security policies and applying them on the agent side (ATM). ATM security policies are a consistent set of standards, principles, and practices that determine how to implement and manage security on the ATM network. These security policies can be configured flexibly, which makes it possible to set a common policy or a close definition. Security policies can be defined based on roles or users, which integrates the policy definition with the repository of existing users. Operating System Protection Integrity protection: Checker® validates the integrity of the critical processes and resources of the operating system using digital signatures and SHA-256 hashes. Resource usage protection: the use of operating system resources (log, libraries, and controllers) is granted or denied for each process. Multi-version compatibility: validation of Checker® integrity is compatible with different versions of the same (authorized) program or resource. Process Execution Protection Whitelistling: Checker® maintains a list of permitted and approved processes. Processes not included on this list will be blocked. Integrity protection: the integrity of the processes included on the whitelist and the corresponding resources are validated. Processes or resources illegally altered will be blocked and reported. Resource use protection: Checker® controls the utilization of local resources filtered by whitelisted processes. Java resource loading control: Checker® maintains a detailed list of all resources loaded by the Java Virtual Machine in ATMs. Loading of non-permitted Java resources will be blocked. Scripts and interpreted code: Checker® controls the execution of scripts and other types of interpreted code that runs in the interpreter processes macro. Device Protection Plug & play hardware protection via syslog protocol, Windows event log, local auditing log in file: Checker® detects the connection of new hardware and allows or denies the assembly. Device access control: Checker® filters access to connected devices on a process-by-process basis. USB drive control: Checker® provides reliable control of authorized USB units and conducts secure maintenance. Mass storage USB device control: Checker® allows a whitelist and a blacklist to be defined for this kind of USB. Data Protection File system protection: validates access to local files and directories on a process-by-process basis. Integrity protection: checks the integrity of sensitive data files and detects unauthorized modifications. Data loss prevention (DLP) for ATMs: detects track2 card data stored locally in ATMs. Any writing that follows a track2 pattern is reported. ATM Local Access Restriction Restrictions based on roles or users: user control is based on a list of authorized users and groups, both local and those defined by Active Directory. Keyboard control: all ATM keyboards, except the PINPADs, can be partially or totally disabled so that they cannot be used or their use is partially limited. Limitations are selected from a predetermined list of options based on specific keys or groups of keys. External pluggable storage device control: Checker® detects the connection of such devices and allows or denies assembly, reporting this situation as a security event. Full Hard Disk Encryption ATM hard disk encryption can be fully managed from the Checker® console, including remote commands to encrypt or decrypt ATM disks. Key management is automatic and transparent to the user. Zero downtime: the encryption can be commanded from the server and the disk can undergo the encryption process while the ATM keeps operating. Smart Environment Detection: decryption is only possible for a specified ATM environment defined as a configurable combination of identifiers associated with the ATM hard disk, the ATM hardware, and the ATM network. Centralized Management and Monitoring Network Manager: through communication with agents, the Checker® console operator can apply new security policies, manage security execution mode, upgrade Checker® software, request remote system shutdown, and more. Security Policy Management: the Checker® console includes a very complete and intuitive security policy editor. Learning mode allows easy and fast security policy creation from existing and trusted ATMs. Real-time security monitoring: the Checker® server receives security events generated by agents in real time. These events are shown in a security dashboard, enabling easy security monitoring of the whole ATM network. Management delegation: management functions are assigned based on an RBAC matrix, depending on the context and the hierarchically-defined ATM network. Audits and Reports All relevant events that occur in the ATM and are controlled by Checker® are registered locally in the ATM and centralized on the server. These events include the following: Attempts to breach the policy being applied at any given time. Failed signature validations. Requests to execute commands received from the server. Results of executing commands. Agent execution errors. Other events of interest from a security standpoint (e.g.,shift to critical mode, detection of an attempt to end an Agent process or change the ATM’s IP). Broad compatibility Checker® supports a wide variety of operating systems and platforms, so it is suitable for almost any ATM in the world: Compatible with Windows NT4, Windows XP, Windows 7, Windows 8, and Windows 10. Compatible with the 32- and 64-bit versions of Windows 7, Windows 8, and Windows 10. Compatible with BIOS and UEFI firmware. Compatible with discs formatted in GPT and MBR. Partners Resources Documents related to financial self-service networks Checker ATM Security resources Y ahora Windows 10… ¿De verdad? (en inglés) Análisis de comportamiento de la capa XFS (en inglés) Las debilidades de las listas blancas (en inglés) ¿Los recientes ataques a redes cambiarán la ciberseguridad en ATM? (en inglés) Usar árboles de ataque-defensa para analizar amenazas y contramedidas en un cajero (en inglés) Ciberataques de caja negra con malware (ATMIA) (en inglés) Seguridad lógica en cajeros automáticos: el día después (en inglés) Guía de seguridad para software de ATM (ATMIA) (en inglés) La desprotegida vida tras la obsolescencia de Windows XP (en inglés) Other resources Malware en cajeros automáticos (Europol) (en inglés) FF News: Video interview Pedro Celis, Product Manager on Checker ATM Security® at GMV https://youtu.be/acApZmjvC5c News Cybersecurity BLACK FRIDAY, may this Friday not be really black Cybersecurity GMV awarded a prize by SIC magazine for its three-decade track record and contribution to the cybersecurity sector Cybersecurity 26th International Information Security Workshop 14 Nov More news