TCP/IP, SSL, TLS. We all know the acronyms involved in our ATM’s communication methodology, but are we using them to the greatest extent possible to provide maximum protection? We’re all aware of the black box attacks that have been in the news and we want to take a moment and explain how to ensure you’re maximizing the communication protection elements already built into your Hyosung ATM’s software.

Continue improving your customer security with the latest Hyosung security options today!

LEARN MORE

Certificate Validation

Certificate Validation allows for a higher level of security by only allowing TLS communications with servers using certificates issued by a trusted Certificate Authority (CA) in the TLS encryption process. These certificates add a greater level of security due to the fact that they are issued and managed by the CA, and the public certificate is used to verify the authenticity of the host processor. Put another way, when the ATM has certificate validation enabled, it is considerably harder for a bad guy to impersonate a legitimate transaction host. In the case of a hacked or replaced wireless router, this methodology maintains the transmission encryption, protecting your cash from an unauthorized dispense.

There’s an option under TCP/IP Type titled “SSL/TLS CERT. EN/DISABLE” (as seen in the image above). If you do not have this option enabled, then you are not using all the security features available to you. Unless you’ve previously loaded the appropriate certificate for your processor, you will need to download your processors certificate onto your ATM. This can be done remotely using MoniView or at the ATM via a USB drive. Directions for downloading the certificates and enabling the feature can be found by clicking here. Keep in mind that, if you are running value add transactions that communicate with a host other than your primary ATM host such as Planet Payment, you may need to load more than one certificate.

In an effort to help promote greater ATM security we will be changing the default settings in our software, enabling the certificate validation process as the default. If you choose not to use certificate validation, it can still be disabled, however we strongly recommend that you enable this feature. Additionally, we will preload the ATM with the certificates used by the common U.S. processors and value add transaction providers in an effort to save you time in the field.

We hope this guide has helped you better understand IP security and we wish you many more safe transactions to come!

Hyosung software can help ensure IP security for your ATMs. Get started with us today!

CALL NOW
Tags security

Related Posts

PCI TR-31 and TR-34 Guidance for FI ATMs

PCI TR-31 and TR-34 Guidance for FI ATMs

Hyosung ATMs have been updated to support a more secure method of storing and securing encryption keys. The new standard TR-31 (“key blocks”) will be mandated by PCI (Payment Card Industry) for the transfer of keys to ATMs starting January 1, 2025. To transfer the master key from the host processor to the ATM in […]

Continue Reading
Service Parts Bulletin

Service Parts Bulletin

Replacement BMD and BMU Control Boards This bulletin is to inform our customers about a part number change for the replacement TCR control board and core board for the BMD and BMU. When replacing the main control board on the BMD or BMU of the TCR, you must also change the core board. In the […]

Continue Reading
ATM Security Bulletin | November 2023

ATM Security Bulletin | November 2023

Key takeaways: Hyosung Innovue is aware that ATM skimming attacks are on the rise in 2023. While non-bank owned ATMs skimming attacks are relatively flat year-over-year, according to FICO, there has been a year-over-year increase in Card skimming of 109% at bank-owned ATMs in the first half of 2023.  Furthermore, there is a shift in […]

Continue Reading