Life beyond Microsoft's XP April 2014 deadline: Delivering Protection, Risk Mitigation and PCI Compliance with Wincor Nixdorf's PC/E Terminal Security Software

Share Article

Independent Auditor SRC Conducts Extensive Testing and Concludes that Wincor’s Security Solutions Provide a Viable Alternative to Protect ATMs Running Windows XP, until a Full Migration to Windows 7 can be Planned and Implemented

News Image
By deploying Wincor’s PC/E Terminal Security Software, companies can take an immediate and affordable step to protect ATMs, stay compliant, and buy the time necessary to plan a full-scale migration to Windows 7 on a timeline of their choosing.

Wincor Nixdorf today announced the findings of an extensive testing campaign with accredited PCI-qualified security assessor SRC Security Research & Consulting GmbH (SRC), designed to gauge the effectiveness of Wincor’s PC/E Terminal Security Software on ATMs running Windows XP.

Independent auditor SRC’s findings, which will be presented in detail at Wincor World 2014, showed that Wincor’s security solutions provided such a high level of protection against all known Windows XP vulnerabilities, that ATMs protected by PC/E Terminal Security Software can obtain a PCI DSS Compensating Control to continue running Windows XP after the April 2014 deadline.

Today, more than two thirds of the world’s ATMs are still running Windows XP. A recent Wincor survey indicated that an overwhelming majority of respondents do not plan to migrate their entire ATM fleets to Windows 7 by April of 2014. A number of reasons were cited, including the fact that older ATMs will require memory and processor upgrades – and in some cases complete overhauls – to run the new operating system. But by deploying Wincor’s PC/E Terminal Security Software, these companies can now take an immediate and affordable step to protect ATMs, stay compliant, and buy the time necessary to plan a full-scale migration to Windows 7 on a timeline of their choosing.    

SRC tested ATM environments that have deployed the PC/E Terminal Security Software with unpatched Windows XP operating systems. The extensive penetration and vulnerability tests were designed to inject malware and manipulate the behavior of ATMs. SRC concluded that Wincor’s PC/E Terminal Security Software provided an exceptional level of protection against network and local attacks leveraging all known Windows XP vulnerabilities. SRC also concluded that the security provided by the Wincor software not only surpassed the security of a fully-patched Windows XP system, but it also exceeded the security standards of any Windows environment in an ATM.

“Banks and ATM owners should not make any purchasing decisions on security solutions until they contact Wincor Nixdorf and learn more about our PC/E Terminal Security solution,” said Wincor Nixdorf President & CEO, USA, Javier Lopez-Bartolome. “Our solutions help ATM owners plan the migration to Windows 7, including all of the necessary hardware upgrades, at a time of their choosing. We’re providing a level of security that is not available anywhere else – which also operates in Windows 7/8 environments - to provide both a short term, and a long-term security solution.”

Wincor’s PC/E Terminal Security Solution features three innovative components that work together to provide an unrivaled level of protection:

Access Protection – Because many features of the Microsoft operating systems (XP and Windows 7) are not required for ATM use, they deliver potential vulnerabilities that can be exploited by hackers. Wincor’s Access Protection hardens the operating system by disabling/removing unnecessary components and services in the OS, customizing the system configuration, and reducing the attack surface for potential hackers. By securing log-on processes and restricting remote access, the software makes it harder to exploit security settings in the Windows operating system.

Intrusion Protection - Protects ATMs against all forms of malware, so-called Day Zero and network-based attacks by not only disallowing them to be introduced into the ATM but also from executing. This solution continuously monitors the ATM’s identifying anomalies within its behavior. In addition to protecting against external attacks, it also helps to guard against internal threats, such as rogue programmers or service-branch employees attempting to manipulate ATM behavior. In the event of unauthorized access by a USB device, file system, or any unknown behavior of any software running on the system, the Intrusion Protection software locks down the system and triggers a security event alert.

Hard Disk incryption (HDE) - Many recent ATM attacks started with a bootable disk being inserted in to CDROM and having the ATM boot from it. Once booted, the malicious software needed to steal data or instruct the ATM to dispense cash was installed. Wincor’s HDE minimizes the risk of manipulation, misuse or theft by securing the contents of the drive and making it unreadable not only from unauthorized booting but also access gain from the theft of the PC or disk itself.

All of the above can be integrated into existing centralized monitoring/management systems in real time.

Today, Wincor Nixdorf’s PC/E Terminal Security solution protects more than 10% of all self-service terminals worldwide and has been deployed in 39 countries. To learn more about PC/E Terminal Security Software and the new PCI DSS pre-fabricated Compensating Control, contact your local Wincor sales representative today.

If you would like to learn more about the methodology used by SRC, please join us at Wincor World. Additional information and registration details are available on the official Wincor World Website.

About Wincor Nixdorf
Wincor Nixdorf is one of the world’s most successful IT solution specialists for process optimization at the consumer touchpoint, covering its core industries of banking and retail. With its U.S. headquarters located in Austin, Texas, Wincor Nixdorf Inc. provides a broad range of innovative hardware and software solutions, complemented by high-end services to many of the world’s biggest and most well-known business organizations, raising overall efficiency of procedures and workflow to improve consumer engagement and reduce operational costs. Wincor Nixdorf has a presence in more than 130 countries and annual sales revenue of $3 billion. For more information, visit

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Todd Keefe
Crosswind Communications
+1 (617) 262-1968
Email >
Visit website