SLIDE 1
NCR – Confidential - Use and Disclose Solely Pursuant to Company Instructions
A brief history…
SECURITY AND CUSTOMER EXPERIENCE IN SELF SERVICE A brief history - - PowerPoint PPT Presentation
SECURITY AND CUSTOMER EXPERIENCE IN SELF SERVICE A brief history - - PowerPoint PPT Presentation
SECURITY AND CUSTOMER EXPERIENCE IN SELF SERVICE A brief history NCR Confidential - Use and Disclose Solely Pursuant to Company Instructions NCR Confidential NCR Confidential friction Experience = + confusion NCR Confidential NCR
SLIDE 2
SLIDE 3
NCR Confidential
SLIDE 4
NCR Confidential
SLIDE 5
NCR Confidential
friction confusion Experience + =
SLIDE 6
NCR Confidential
SLIDE 7
NCR Confidential
- 1. Enter your account number
- 2. Enter your TPIN
SLIDE 8
NCR Confidential
SLIDE 9
NCR Confidential
- 1. Insert your card
- 2. Enter your PIN
SLIDE 10
NCR Confidential
SLIDE 11
NCR Confidential
SLIDE 12
NCR Confidential
SLIDE 13
NCR Confidential
AGAIN…
SLIDE 14
NCR Confidential
AGAIN… What to do?
SLIDE 15
2 Factor Authentication
SLIDE 16
SLIDE 17
SLIDE 18
SLIDE 19
SLIDE 20
THE POWER OF PRE- STAGING
20
SLIDE 21
NCR – Confidential - Use and Disclose Solely Pursuant to Company Instructions
SLIDE 22
NCR – Confidential - Use and Disclose Solely Pursuant to Company Instructions
Realized the power
- f prestaging long ago
SLIDE 23
NCR Confidential
SLIDE 24
NCR Confidential
Checkin at Home, speed up transaction at airport
SLIDE 25
NCR Confidential
SLIDE 26
BIOMETRIC AUTHENTICATION
26
SLIDE 27
SLIDE 28
SLIDE 29
NCR Confidential
- 1. Enter your account number
- 2. Enter your TPIN
We go from this…
SLIDE 30
NCR Confidential
- 1. Enter your account number
- 2. Enter your TPIN
My voice is my password
SLIDE 31
NCR Confidential
- 1. Enter your account number
- 2. Enter your TPIN
My voice is my password
SLIDE 32
NCR Confidential
- 1. Insert your card
- 2. Enter your PIN
We go from this…
SLIDE 33
NCR Confidential
- 1. Insert your national ID card
- 2. Scan your fingerprint
SLIDE 34
NCR Confidential
We go from this…
SLIDE 35
NCR Confidential
happiness experience becomes
SLIDE 36
NCR Confidential
SLIDE 37
Black Box Online Offline Network Unknown
The Growth and Geographic Expansion of Logical Attacks since 2013 Requires URGENT Action
Mexico Mexico Mexico Germ… Mexico Russia Guatemala Malaysia Brazil Dominican Republic UK Russia Russia Mexico Canada Jordan Oman Romania Mexico India Spain Hungary Brazil India Germany Russia Poland Russia USA Ukraine India Ukraine Russia Russia Russia India Italy Brazil Germany Estonia Sweden Greece Brazil Germany Romania Czech Republic India UK Thailand Mexico Mexico Dominican Republic Italy Mexico Spain Philippines Cyprus Russia Cyprus Ireland Peru UK Dom Rep India UK Norway Czech Republic UKUK 10 20 30 40 50 60 70 80 Oct‐12 May‐13 Nov‐13 Jun‐14 Dec‐14 Jul‐15 Jan‐16 Aug‐16 Mar‐17
Total No of attacks
SLIDE 38
Malaysia
Over $19 million lost
Logical Attacks responsible for major losses
Germany
Approximately $200K in losses
Canada
Multiple malware attack attempts made
Brazil
Lost more in 1 day than in the previous year
United Kingdom
Potential losses of $300K per ATM affected
Mexico
Over $12 million in losses in 2013
NCR Confidential
SLIDE 39
Logical Attacks
Black Box
EMERGING NEW LOGICAL THREATS
NCR Confidential
Malware in the Network Malware
- n the
ATM
39
SLIDE 40
Logical Attacks
Black Box
EMERGING NEW LOGICAL THREATS
NCR Confidential
Malware in the Network Malware
- n the
ATM
40
SLIDE 41
Black Box Attacks
Criminal gains access to the Top Box of an ATM
NCR Confidential
SLIDE 42
Black Box Attacks
Criminal gains access to the Top Box of an ATM Bypasses the ATM’s core processor and connects an electronic device to the cash dispenser
NCR Confidential
SLIDE 43
Black Box Attacks
Criminal gains access to the Top Box of an ATM Bypasses the ATM’s core processor and connects an electronic device to the cash dispenser Send unauthorized commands to dispense the cash from the ATM
NCR Confidential
SLIDE 44
Black Box Attacks
Criminal gains access to the Top Box of an ATM Bypasses the ATM’s core processor and connects an electronic device to the cash dispenser Send unauthorized commands to dispense the cash from the ATM
NCR Confidential
Encrypted Comms Core to Dispenser UL 437 Locked Cabinets
SLIDE 45
NCR Confidential
Source: http://www.lockwiki.com/index.php/UL_437
45
SLIDE 46
Logical Attacks
Black Box
EMERGING NEW LOGICAL THREATS
NCR Confidential
Malware in the Network Malware
- n the
ATM
46
SLIDE 47
47
SLIDE 48
Logical Attacks: Malware in the Network
Black Box
EMERGING NEW LOGICAL THREATS
NCR Confidential
Malware in the Network Malware
- n the
ATM
48
TLS Encryption or VPN (end to end encryption of ATM traffic)
SLIDE 49
Logical Attacks
Black Box
EMERGING NEW LOGICAL THREATS
NCR Confidential
Malware in the Network Malware
- n the
ATM
49
SLIDE 50
Malware on the ATM
Logical Attacks
ATTACK CATEGORIES – Malware on the ATM
NCR Confidential
ATM Hard Disk OFFLINE ATM Hard Disk ONLINE
50
SLIDE 51
Malware on the ATM
Logical Attacks
ATTACK CATEGORIES – Malware on the ATM
NCR Confidential
ATM Hard Disk OFFLINE ATM Hard Disk ONLINE
51
SLIDE 52
Lockdown the BIOS, Encrypt Hard Disk
NCR Confidential
52
SLIDE 53
53
Temkin Group Employee Engagement Benchmark Study, 2017
SLIDE 54
NCR Confidential
SLIDE 55
Malware on the ATM
Logical Attacks
ATTACK CATEGORIES – Malware on the ATM
NCR Confidential
ATM Hard Disk OFFLINE ATM Hard Disk ONLINE
55
SLIDE 56
56
SLIDE 57
57
WHITELIST
SLIDE 58
Security Requirements Summary to Protect against Logical Attacks
- 1. Secure your BIOS
- Only allow boot from the primary hard disk
- Editing of BIOS settings must be password protected
- 2. Establish an adequate operational password policy for all
….passwords
- 3. Implement communications encryption
- e.g. NCR Secure TLS Encrypted Communications
- 4. Establish a secure firewall
- The ATM firewall must be configured to only allow known authorized
incoming and outgoing connections necessary for an ATM environment, the connections must be configured per program rather than per port
- 5. Remove unused services and applications
- Removing these from the system help reduce the attack surface area
- 6. Deploy an effective anti-malware mechanism
- NCR Recommends active whitelisting applications: e.g. Solidcore
Suite for APTRA
- 7. Establish a regular patching process for ALL
software installed
- 8. Harden the Operating System e.g.
- Ensure the application runs in a locked down
account with minimum privileges required
- Disable Auto play
- 9. Implement Rule based access control e.g.
- Define different accounts for different user privileges
- Restrict functionality allowed via remote desktop access to ATMs
- 10. Deploy a network authentication based Hard Disk
..Encryption Solution
- NCR Secure Hard Disk Encryption
- 11. Ensure there is protected communications to the
...dispenser of the ATM
- 12. Perform a Penetration Test of your ATM production
...environment annually
- 13. Use a secure Remote Software Distribution that will
..assist in maintaining the Confidentiality; Integrity and . ..Availability of your ATMs
- Required to meet rule 7 and allows for timely distribution of
updated malware signature files if malware is found
- 14. Consider the physical environment of ATM deployment
- e.g. Through the Wall ATMS may be more suitable for unattended
environments
- 15. Consult a security enterprise specialist to deploy industry
best-practice security controls within your enterprise
15 Recommendations
SLIDE 59
59
http://response.ncr.com/security-alerts
SLIDE 60
60