TCP/IP, SSL, TLS. We all know the acronyms involved in our ATM’s communication methodology, but are we using them to the greatest extent possible to provide maximum protection? We’re all aware of the black box attacks that have been in the news and we want to take a moment and explain how to ensure you’re maximizing the communication protection elements already built into your Hyosung ATM’s software.

Continue improving your customer security with the latest Hyosung security options today!

Certificate Validation

Certificate Validation allows for a higher level of security by only allowing TLS communications with servers using certificates issued by a trusted Certificate Authority (CA) in the TLS encryption process. These certificates add a greater level of security due to the fact that they are issued and managed by the CA, and the public certificate is used to verify the authenticity of the host processor. Put another way, when the ATM has certificate validation enabled, it is considerably harder for a bad guy to impersonate a legitimate transaction host. In the case of a hacked or replaced wireless router, this methodology maintains the transmission encryption, protecting your cash from an unauthorized dispense.

There’s an option under TCP/IP Type titled “SSL/TLS CERT. EN/DISABLE” (as seen in the image above). If you do not have this option enabled, then you are not using all the security features available to you. Unless you’ve previously loaded the appropriate certificate for your processor, you will need to download your processors certificate onto your ATM. This can be done remotely using MoniView or at the ATM via a USB drive. Directions for downloading the certificates and enabling the feature can be found by clicking here. Keep in mind that, if you are running value add transactions that communicate with a host other than your primary ATM host such as Planet Payment, you may need to load more than one certificate.

In an effort to help promote greater ATM security we will be changing the default settings in our software, enabling the certificate validation process as the default. If you choose not to use certificate validation, it can still be disabled, however we strongly recommend that you enable this feature. Additionally, we will preload the ATM with the certificates used by the common U.S. processors and value add transaction providers in an effort to save you time in the field.

We hope this guide has helped you better understand IP security and we wish you many more safe transactions to come!

Hyosung software can help ensure IP security for your ATMs. Get started with us today!

Related Posts

ATM Security Bulletin | November 2023

ATM Security Bulletin | November 2023

Key takeaways: Hyosung Innovue is aware that ATM skimming attacks are on the rise in 2023. While non-bank owned ATMs skimming attacks are relatively flat year-over-year, according to FICO, there has been a year-over-year increase in Card skimming of 109% at bank-owned ATMs in the first half of 2023.  Furthermore, there is a shift in […]

Continue Reading
Hyosung Innovue Technical Bulletin

Hyosung Innovue Technical Bulletin

In light of an increase in skimmer attacks, Hyosung encourages you to review the nature attacks, your risk exposure and steps you can take to protect your fleet. The Threat There are 3 types of skimmers, all designed to read Track 2 data from the customer’s card: Risk Exposure Not all card readers have anti-skim […]

Continue Reading
What is Windows OS CE 7.0 for ATMs?

What is Windows OS CE 7.0 for ATMs?

A recent technical bulletin was launched to inform our customers about the new WinCE 7.0 mainboard for our Retail ATMs. The new mainboard does not have a separate I/O board like the WinCE 6.0 mainboard required. The WinCE 7.0 mainboard and I/O board are “combined” so it is only one part. The new WinCE 7.0 […]

Continue Reading