TCP/IP, SSL, TLS. We all know the acronyms involved in our ATM’s communication methodology, but are we using them to the greatest extent possible to provide maximum protection? We’re all aware of the black box attacks that have been in the news and we want to take a moment and explain how to ensure you’re maximizing the communication protection elements already built into your Hyosung ATM’s software.

Continue improving your customer security with the latest Hyosung security options today!

LEARN MORE

Certificate Validation

Certificate Validation allows for a higher level of security by only allowing TLS communications with servers using certificates issued by a trusted Certificate Authority (CA) in the TLS encryption process. These certificates add a greater level of security due to the fact that they are issued and managed by the CA, and the public certificate is used to verify the authenticity of the host processor. Put another way, when the ATM has certificate validation enabled, it is considerably harder for a bad guy to impersonate a legitimate transaction host. In the case of a hacked or replaced wireless router, this methodology maintains the transmission encryption, protecting your cash from an unauthorized dispense.

There’s an option under TCP/IP Type titled “SSL/TLS CERT. EN/DISABLE” (as seen in the image above). If you do not have this option enabled, then you are not using all the security features available to you. Unless you’ve previously loaded the appropriate certificate for your processor, you will need to download your processors certificate onto your ATM. This can be done remotely using MoniView or at the ATM via a USB drive. Directions for downloading the certificates and enabling the feature can be found by clicking here. Keep in mind that, if you are running value add transactions that communicate with a host other than your primary ATM host such as Planet Payment, you may need to load more than one certificate.

In an effort to help promote greater ATM security we will be changing the default settings in our software, enabling the certificate validation process as the default. If you choose not to use certificate validation, it can still be disabled, however we strongly recommend that you enable this feature. Additionally, we will preload the ATM with the certificates used by the common U.S. processors and value add transaction providers in an effort to save you time in the field.

We hope this guide has helped you better understand IP security and we wish you many more safe transactions to come!

Hyosung software can help ensure IP security for your ATMs. Get started with us today!

CALL NOW
Tags security

Related Posts

ATM Security Bulletin | June 2024

ATM Security Bulletin | June 2024

Michael Graham is the Vice President of Retail Solutions & Strategy for Hyosung. In this role, he helps retail customers make decisions about transformation products and unlock the value of those investments. Prior to joining Hyosung, Michael worked at Wells Fargo Bank in both the Retail Banking and Technology business units, developing and implementing many […]

Continue Reading
PCI TR-31 and TR-34 Guidance for FI ATMs

PCI TR-31 and TR-34 Guidance for FI ATMs

Hyosung ATMs have been updated to support a more secure method of storing and securing encryption keys. The new standard TR-31 (“key blocks”) will be mandated by PCI (Payment Card Industry) for the transfer of keys to ATMs starting January 1, 2025. To transfer the master key from the host processor to the ATM in […]

Continue Reading
Service Parts Bulletin

Service Parts Bulletin

Replacement BMD and BMU Control Boards This bulletin is to inform our customers about a part number change for the replacement TCR control board and core board for the BMD and BMU. When replacing the main control board on the BMD or BMU of the TCR, you must also change the core board. In the […]

Continue Reading