“Banks need to understand that, in these difficult times, employees may be tempted to abuse their position of trust. We are working closely with the ATM Industry Association to upgrade their security best practices." - Michael Kalinichenko, SafenSoft CEO
San Jose, CA & Moscow (PRWEB) May 31, 2011
SafenSoft’s TPSecure software was designed from the ground up to secure unattended devices such as ATMs, POS systems, and eVoting machines, both to prevent unauthorized transactions and to prevent insider tampering with the device. The system is focused on maintaining system integrity rather on the resource-intensive signature-based approach of many security solutions, and ensures that only authorized personnel using authorized devices can access authorized data and applications.
“Once an ATM or other unattended device has an established TPSecure profile, it is secure against both internal and external attacks, even if the perpetrator has local administrator rights,” points out Kalinichenko. “TPSecure is already in use at a number of banks in Russia, and we are looking forward to extending that protection to North American institutions.”
TPSecure ensures neither logical (malware) nor physical (unauthorized access) methods can be used to access or tamper with the way ATMs function. It does this by building and maintaining a system profile for each ATM based on a number of different checkpoints designed to ensure the trustworthiness of the applications, drivers, and registry entries on that ATM.
TPSecure can be configured to prevent these and other attack methods from succeeding:
- Replacing ATM software with a new image or modifying current ATM processes.
- Unauthorized termination of the TPSecure process
- Unauthorized termination or launch of ATM processes
The software monitors every attempt to launch an application, blocking any launch activity if the trusted identifier for that application is not present in the system profile. TPSecure itself also includes multiple levels of self‐protection to prevent its own processes from being stopped.
SafenSoft was founded in 2006 in Moscow, Russia, and the company’s board of directors is led by Victor Kousnetsov, a former senior development executive with McAfee. SafenSoft solutions include TPSecure for ATMs and other unattended devices, SysWatch for enterprises, and SafenSec for home users. The company maintains development offices in Moscow, Russia, and business offices in Silicon Valley, California, and is funded by Troika Dialog. SafenSoft is a member of the PCI-DSS Security Council and CEO Michael Kalinichenko serves on the Security Best Practices committee of the ATMIA.