ATM Encryption (SSL)

ATM Secure Communications

Solution Summary

An important aspect of ATM security is securing the communications between the device and SWITCHWARE, using a holistic approach that includes Secure Socket Layer/ Transport Layer Security (SSL/TLS). The most important thing to consider when evaluating how to secure the communications to an ATM is to also ensure high availability, which most financial institutions expect form their ATMs. Using SSL/TLS secures ATMs by encrypting the transmission of sensitive data across networks.

Functions

  • Prevent man-in-middle attacks, SSL replay attacks, truncation attacks and SSL key renegotiation
  • Endpoint authentication of data delivery
  • SSL data encryption confidentiality
  • Message integrity and validation
  • Certificate verification between endpoints (ATM and SWITCHWARE)
  • Set minimum public key length
  • Ensure data values have not been manipulated

Benefits

  • A fully integrated SSL/TLS solution for SWITCHWARE
  • Fast and reliable data security
  • No additional hardware required to operate
  • Fewer operational components with less complexity
  • No third-party interfacing required
  • Eliminate impersonation of an endpoint (ATM, POS, network, etc.)
  • Secure the contents of the message using encryption
  • Avoid very costly data breaches and resulting loss of reputation
  • Improved customer support services

Secure Socket Layer/Transport Secure Layer (SSL/TLS)

Secure Sockets Layer/Transport Layer Security (also referred to as SSL) covers all the categories listed above with the added benefit of running over TCP/IP channels. This is the protocol of choice for the Internet due to its reliability. The most common operating mode for SSL is server-authentication and it is this mode that highlight SSL’s ability to satisfy the categories of authentication, confidentiality and message integrity.

Security for NCR Aptra

When combined with “Security for Aptra” which creates a trusted environment to protect the assets and the network by applying different policy settings and using the product “Solidcore” that ensures the integrity of applications on the ATM by making sure that only authorized code can run, and that this code cannot be modified or hijacked. SSL would allow banks to provide a secure environment for customers when conducting ATM transactions. This emphasizes the importance of SSL in the layered security model adopted by NCR.

NCR Requirements & Recommendations

  • Minimum of TLS 1.1 (recommended 1.2)
  • Verify certificates of the server
  • Minimum 2048 bit public key length
  • Creation of new sessions when renegotiation is needed

Comments are closed.