||The many opportunities for innovation and business development must not be questioned by the new generation ATMs.Computer security must always be an up-most factor when considering the interaction between the banks and customers.
Current situation in the sector
The management of self-service equipment is of great importance to credit institutions, regardless of size and their territorial coverage.
The services that banks provide today through "self-banking" are informative only (information distribution channels) and device type (client access in performing transactions on the current account and financial trading instruments).
A further classification can also be distinguished also between traditional ATMs that allow cash withdrawals and deliver basic information, such as account handling and balance, and evolved ATMs, which allow payment of cheques and cash.
The increasing amount of ATM equipment, their diversity and their presence in metropolitan areas and suburb areasl, however, has introduced a number of vulnerabilities in the security of these systems against possible attacks from both internal and external of the organization.
ATM systems, are no longer only subjected to physical attacks or keyboard violation with the various techniques of skimming. The first generation of ATMs operated through secured networks and connections, while new versions of ATMs are likely to become, to meet the new needs of business development and marketing, nodes of an open network "TCP / IP", with all the security issues that are necessary in these cases: periodical "patching", antivirus, anti-spyware
The proposed solution
ATM GUARD - Is the solution designed precisely to ensure the surveillance of these logic devices from any fraudulent cyber-attack, whether being at the ATM or the network "back-end" to which it is connected.
It provides an integrated infrastructure that includes an "appliance", for the protection of the ATM, that implements security services and networking, which are perfectly integrated with the centralized system of management and control which in turn simplifies activation, streamlines maintenance and increases the effectiveness of operations.
The solution, non-intrusive with respect to the operating environment, allows credit institutions to "put" in security systems, ATMs, leaving unaltered system "policy" and "self-service" defined previously with suppliers.
The general architecture in reference to the system is represented in the figure:
The solution "ATM GUARD" consists of two components:
The component Foxwall is characterized by a hardware device, on which there is installed a suite of software modules that implement all required safety functions.
- Foxwall-Appliance ATM GUARD (hereinafter Foxwall)
- Foxwall-Manager ATM GUARD (hereinafter Foxwall Manager)
The functions of the component Foxwall Manager are carried out exclusively by software applications.
The Foxwall Manager, consists of two software components:
The Backend is the central component that coordinates the activities of Foxwall.
The main functions provided are:
- Manage the information exchange with Foxwall using SSL protocol and digital certificates.
- Determine and record the operating status of individual Foxwall and related modules.
- Determine and record the events and alarms generated by the individual Foxwall and related modules.
- Record performance statistics and use of individual Foxwall.
- Send to individual Foxwall, modules to be installed, its configuration and activation commands and properly functioning context.
The Console is the central tool with which administrators and operators govern and monitor the operation of the entire system.
It is "web-based" and can be accessed via a browser program, thanks to a simple and immediate interface , which displays a list of all active devices in the system, with its relative modules and its operating status.
This list can be filtered by area of origin, by state, by alarm, by type of module and the active configuration on the specified device.
To enhance the report efficiency, the Console displays a list of Foxwall alerts in order of seriousness, beginning with the devices that show abnormalities considered more harmful. The operator can, via the Console, perform a series of actions, including the "reset" of the device, or a replacement of configuration with one of those pre-determined.
Selecting a specific Foxwall, the operator can investigate, with greater detail, the operating parameters of the device (CPU load, memory occupation, etc.) As well as identify the corresponding apparatuses connected to it and the physical location of placement.
From the console you can install and activate a new module in each Foxwall, check the operation and modify any configuration.