The “Onion Principle” in ATM Security | updated
The security of ATMs becoming more and more complex and as a result, require a more complex approach.
It must be systematic, “coordinated” and multi-layered.
ATM security depends on all sides involved in the ATM manufacturing, installation, running and using process.
The cardholder must be educated on how to use the ATM to avoid possible card skimming!
The special design of the ATM shutter, made by the ATM vendor, could significantly lower the chance of “cash trapping” by criminals.
The special SW installed by the ATM owner could prevent criminals from installing the special malware on ATMs.
The small device along with SW “agent” running on ATM will not allow performing “black box attack” on the ATM when it can be emptied in some minutes even without opening the vault of the machine!
All “actors” participating in ATM security must be involved, including also criminals itself. Criminals must be “educated” they get fewer chances for a successful attack on the ATM if the ATM owner follows the right strategy in ATM security!
This is very important especially avoiding the “brute force” attacks (ram raids, explosions using gas or solid explosions), due to the fact these type of attack can be accompanied with the high “collateral damage” or even loss of human life! “Education “ of criminals will also help to avoid damages they can do to ATMs due to unsuccessful attacks if the right security solution has been implemented on the machine!
The “experience” we have learned from the attacks on the ATM has clearly shown the strategy in ATM security must be multi-layered, protecting ATM from the whole complex of possible risks.
We call it “The Onion Principle”!
If anti-skimming device is installed on the ATM, it will protect the machine against placing the “overlay” skimming device on the facia of ATM. Still, the installed device will not protect the ATM against the “deep insert skimmer” and definitely it will not help in the case if criminals will manage to launch the malware on the ATM!
Even installing an “anti-virus” program on the ATM possible will not help here, due to the fact viruses used on ATMs are “different” from what commercial anti-virus SW is “expecting”.
One will need here the “special” solution, developed specially for ATM protection.
Even if the ATM owner has invested in anti-skimming solution and inappropriate “malware protection”, this doesn’t mean it has avoided all risks related to ATM security!
If criminals get access to the cabling, coming from PC inside ATM to the “cash dispenser”, they will be able to empty the entire ATM using a laptop or just mobile phone!
Last development in the “criminal technology” development has eliminated completely even the necessity to get access to the ATM!
So-called “fake host” technology allows the criminal to empty the ATM just getting access to the network cable, connected to the machine!
Our “Onion Principle”
means the security strategy shall address not one “isolated” risk source, but possibly as many as possible, or as many as the ATM owner can afford.
Till last time the two biggest hurdles in implementing “Onion Principle” in large scale by ATM owners were: the price and the complexity of implementation, partially due to the inability to get all necessary solution from “one hand”.
One very important aspect in designing the “Onion Principle” in ATM security is the ability to forecast the criminal activity “migration path”, as a result of activity in developing ATM security.
When criminals understand their activity is losing the efficiency, or the related risk to be matched rises significantly, this dent means they will entirely stop the activity and all will become “good guys”. In this situation, criminal elements, in fact, are starting to search for new methods, the new technology of attacks on ATMs. It is very important to be able to “forecast” the “path”, how criminals will change their activity?
SPL GROUP, has used the “historical approach” here. It means, we have analyzed how criminals have migrated in their logical attacks on ATM. They have started from card skimming when skimming became less efficient (due to EMV implantation), they have switched to “jackpotting using malware installations”. After ATM owners started to install anti-virus protection and OS “hardening”, criminals have developed the “jackpotting” using “black box technology”.
SPL GROUP has developed the “ULTIMATE ATM SECURITY COMBO” to fight all these 3 types of attacks!
We call the solution The “ULTIMATE ATM SECURITY COMBO” or “UASC”!
The UASC is targeted to diminish (or completely eliminate) risks related to:
- CARD SKIMMING (including stereo and deep insert skimming)
- JACK-POTTING (HW or SW based)
- BLACK BOX ATTACK
- MALWARE BASED JACK-POTING
SPL GROUP currently is offering two UASC “editions”: Gold and Platinum.
GOLD EDITION of ULTIMATE ATM SECURITY SUITE includes:
- StopSkimmer (Active Jammer Unit, Anti-Skimming Bezel, Ethernet Port) – a state-of-the-art high-tech anti-skimming solution that uses a dual jamming antenna, patented jamming algorithms, special deep-skimming prevention HW, Note: Remote management and monitoring solutions are optional
- ATM Armor – possibly the only HW/SW solution on the market that protects ATMs from most Black Box and Jack-potting attacks. It even protects against “fake host attacks” – with some host adjustments possibly being necessary
- Checker (the “Checker Crypto“ module) – the best software to secure your ATM application, libraries, and operating system integrity. Leveraging cryptographic signatures and Hard Disk Encryption.
The GOLD EDITION ULTIMATE ATM SECURITY SUITE covers all known ATM security needs, except for physical attacks, and is immediately available for the incredibly low introductory price of only $899 for up to 100 units (no shipment expenses included).
The PLATINUM EDITION ULTIMATE ATM SECURITY SUITE includes additionally DSS (Detector Skimmer System) – the “active” bezel to StopSkimmer anti-skimming device, that immediately switch the ATM “offline” in the case if the skimming device is installed on ATM card reader.
The complete “Checker” solution is included in Platinum Edition.
The Platinum Edition is available for $1199 (no shipping cost included), for the volume of up to 100 units.
Subscribe to Our Newsletter