Payment Systems Security Assessment
Overview
Payment Systems Security Assessment is a comprehensive analysis of your ATMs and/or POS devices, designed to identify vulnerabilities that can be used by attackers for activities like unauthorised cash withdrawal, performing unauthorised transactions, obtaining your clients’ payment card data, or initiating denial of service. This service will uncover any vulnerabilities in your ATM/POS infrastructure that are exploitable by different forms of attack, outline the possible consequences of exploitation, evaluate the effectiveness of your existing security measures, and help you plan further actions to fix detected flaws and improve your security.
Seeking out and identifying configuration flaws and vulnerabilities in obsolete software versions
Analysis of the logic behind the processes performed by your ATMs and POS devices, undertaking security research aimed at identifying any new vulnerabilities at component level
ATM and POS Security Assessment involves emulating the attack behavior of a genuine malefactor in order to practically assess the effectiveness of your defenses
Detailing all found vulnerabilities and security flaws, with actionable recommendations for immediate remediation
In Use
Prevent financial losses resulting from potential attacks
Recognize how intruders could attack your infrastructure:
- Unauthorized cash withdrawal
- Performing unauthorized transactions
- Obtaining your clients’ payment card data
- Initiating denial of service
- Attacks aimed at adjacent assets, processing center and banking network
Identify a wide range of security flaws ripe for exploitation in your systems:
- Vulnerabilities in network architecture and insufficient network protection
- Vulnerabilities which enable an attacker to escape kiosk-mode and obtain unauthorized access to the OS
- Vulnerabilities in third-party security software, allowing potential attackers to bypass security controls
- Insufficient input and output device protection including vulnerabilities, which can allow the interception and modification of transferred data
- Vulnerabilities and security weaknesses in communications between main ATM software and cash devices, enabling the interception and modification of transferred data leading to unauthorized cash transactions
Detailed reporting and recommended remediation
- Conclusions on your current security levels of your ATMs against potential attacks
- Comprehensive descriptions of potential attack surfaces for various intruder models
- Descriptions of identified vulnerabilities, according risk levels and exploitation conditions
- Demonstrations of vulnerability exploitation
- Actionable recommendations for vulnerability remediation