Embedded Systems Security for ATM and POS systems | Kaspersky Lab AU and NZ
View all solutions

Kaspersky Embedded Systems Security

Specialized security for Embedded systems

Contact us VIEW PDF

What's At Risk

All types of Embedded system are highly vulnerable to cyberattacks.

Today, Embedded systems are everywhere: in ticketing machines, ATMs, kiosks, Point of Sale systems, medical equipment… the list goes on.

Kaspersky Embedded Systems Security protects Windows-based devices from unauthorized access and ongoing damage caused by cyberattacks. We ensure safety of your business from:

  • Theft and exploitation of your customers’ credentials and confidential data.

  • Targeted attacks, initiated through your Embedded system.

  • All the costs associated with reputational and brand damage, and remediation at individual customer level.

  • Theft through duplicated credit cards, created from POS and ATM memory dumps.

  • Cash lost through the direct hacking of individual ATMs.

  • Being forced to update hardware and operating systems in order to update your security.

What We Offer

Windows Embedded systems are becoming an ever more popular target for cybercriminals. These devices tend to operate inside the corporate network, to be geographically scattered and to handle with critical data, often working with credit and debit cards. End-of-life Windows XP is still a standard for most of these systems, as is low-end hardware.

Kaspersky Embedded Systems Security is specially designed to protect such systems against specifically oriented attacks.

  • Supporting Low-End Operating Systems and Hardware

    Kaspersky Embedded Systems Security is fully operational and supported on all Windows operating systems, from the Windows XP family to Windows 10 IoT. Hardware requirements are as little as 256Mb of RAM and 50Mb of disk space.

  • Default Deny for Applications, Drivers and Libraries

    ATM and POS systems are fixed passive systems undertaking strictly limited functions. By preventing drivers, libraries or non-approved applications from launching, attackers are denied access through these means.

  • Device Control

    The most dangerous attacks on ATM and POS systems are closely associated with USB and CD-ROM access. Implementing a rigorous, comprehensive device access and control policy is the most effective form of risk mitigation.

  • Antivirus On-Demand

    The solution can be installed in ‘Default Deny’ mode, minimizing hardware resource impact. An antivirus module, also providing on-demand scan controls, with optional real-time protection from Kaspersky Security Network, is also included.

Business Benefits

Devices based on Windows Embedded are designed to offer the best possible service to users. Their weakest point is security. We’re seeing more and more malware targeting embedded devices, including POS systems, ATMs, ticketing machines and medical devices, together with non-malware-based attacks using middleware changes and additional libraries created by insider activity.

Using a classic “antimalware approach” is impractical due to of the limitations of low-end hardware, and is anyway largely ineffective in this unique threat landscape. Your business needs a cybersecurity solution specifically designed to protect systems based on Windows Embedded against new and emerging advanced cyber-threats.

  • Kaspersky Embedded Systems Security is designed specifically for service devices with Embedded operating systems. It respects related hardware and efficiency considerations while simultaneously controlling and protecting the attack surfaces unique to these architectures.

  • The overall replacement of obsolete Windows XP systems is a painful process. We help buy you time to upgrade your nodes at your own pace. Kaspersky Embedded Systems Security supports all current Microsoft Windows Embedded and POS ready families, from the now-unsupported Windows XP family, to Windows 10 IoT.

  • Powerful, effective protection against both external threats and illicit insider activity is delivered through granular Device Controls and full Default Deny mode operation for applications, drivers and libraries.

  • Antivirus is provided as an optional module. Once Kaspersky Embedded Systems Security is installed in Device Control and Default Deny mode, additional antivirus is not always necessary, but can be added as a further security level where needed.

  • Hardware requirements are low. The solution is designed to work on 256Mb RAM and 50Mb disk space while running in ‘Application Control only’ mode on Windows XP.

  • PCI DSS requirements (v3.1 paragraphs 5.1, 5.1.1, 5.2, 5.3, 6,2) with which the Financial Services Industry must comply, are covered by Kaspersky Embedded Systems Security and Kaspersky Security Center.


Suitable for

  • Financial

  • Insurance

  • Retail

  • Hospitality

  • Healthcare

  • Restaurants

  • Ticketing

  • ATM and POS service providers


Related Solutions