More than one hundred financial institutions turn to NCR's multi-vendor APTRA Software Security to protect their ATMs – and their customers – from 'inside-out' skimming attacks.
NCR Corporation (NYSE: NCR), the global leader in ATMs, announced that it has sold more than 50,000 licenses of Solidcore for APTRA™, an ATM software security solution that prohibits the introduction of unauthorized code to an ATM. Solidcore for APTRA protects the system from “inside out” skimming attacks. These attacks, similar to those recently perpetrated in Russia, involve the insertion of malicious code onto the ATM – usually by someone with insider access to ATM.
Integrated within the NCR APTRA Software Security solution, Solidcore for APTRA is the only proven security solution to preserve system integrity and prevent malware on ATMs. More than 100 NCR customers around the world have turned to NCR to provide Solidcore for APTRA on their single and multi-vendor ATM networks. Solidcore Systems Inc. is a California-based provider of technology to protect critical IT infrastructure, from devices to data centers.
“While the industry only focused on network threats such as viruses and worms, NCR recognized that the underlying risk to any system was unauthorized software from any source - particularly the growing risk of insider fraud,” said Rosen Sharma, chief technology officer for Solidcore. “NCR combined its awareness of IT threats with an in-depth knowledge of financial industry delivery channels such as the ATM and tailored the Solidcore runtime control and whitelisting technology to the unique 24/7 needs of these self-service channels to protect them from unauthorized code.”
Rather than reacting to known attacks as they arise, Solidcore for APTRA proactively allows only authorised code to run. Specifically, Solidcore for APTRA automatically creates and updates the inventory of good code and limits the runtime environment to the code in that inventory, or whitelist.
In addition, authorised code cannot be modified, deleted or hijacked – the process in which malicious code replaces authorized code with itself.
More From This Section
“NCR is determined to continue leading the industry in safeguarding the trust and integrity of the ATM channel,” said Michael O’Laughlin, vice president and general manager, NCR Financial Services Solutions. “Through our APTRA Security Practices and solutions, NCR is protecting ATMs and other consumer end points from software-based attacks. Security is a key pillar of our business, and consumers’ trust in the self service environment can never be compromised.”
In addition to APTRA Software Security, NCR provides a variety of ATM security features and solutions:
- NCR’s latest family of ATMs, NCR SelfServ, is the first to introduce a protected USB architecture that is self-contained within the ATM, helping mitigate the risk of fraudulent connection of unauthorized USB devices.
- Fraudulent Device Inhibitor (FDI) is an external illuminated hardware feature or kit that makes it difficult for criminals to attach foreign devices on or around an NCR ATM card reader.
- Intelligent Fraud Detection (IFD) is a unique approach to countering ATM fraud. Designed to be flexible, NCR IFD can detect a variety of fraudulent devices that criminals may attempt to add to the ATM fascia. The deployer receives an instant alert as soon as a fraudulent device has been added to the ATM, even before any fraud has taken place.
About NCR Corporation
NCR Corporation (NYSE: NCR) is a global technology company leading how the world connects, interacts and transacts with business. NCR’s assisted- and self-service solutions and comprehensive support services address the needs of retail, financial, travel, healthcare, hospitality, entertainment, gaming and public sector organizations in more than 100 countries. NCR (www.ncr.com) is headquartered in Dayton, Ohio.