Embedded Systems Security for ATM and POS systems | Kaspersky Lab UK
View all solutions

Kaspersky Embedded Systems Security

Specialised security for Embedded systems

Contact us VIEW PDF

What's At Risk

All types of embedded systems are highly vulnerable to cyberattacks.

Today, embedded systems are everywhere: in ticketing machines, ATMs, kiosks, Point of Sale systems, medical equipment… the list goes on.

Kaspersky Embedded Systems Security protects Windows-based devices from unauthorised access and ongoing damage caused by cyberattacks. We ensure the safety of your business from:

  • Theft and exploitation of your customers’ credentials and confidential data.

  • Targeted attacks, initiated through your Embedded system.

  • All the costs associated with reputational and brand damage, and remediation at individual customer level.

  • Theft through duplicated credit cards, created from POS and ATM memory dumps.

  • Cash lost through the direct hacking of individual ATMs.

  • Being forced to update hardware and operating systems in order to update your security.

What We Offer

Windows Embedded systems are becoming an ever more popular target for cybercriminals. These devices tend to operate inside the corporate network, to be geographically scattered and to handle with critical data, often working with credit and debit cards. End-of-life Windows XP is still a standard for most of these systems, as is low-end hardware.

Kaspersky Embedded Systems Security is specially designed to protect such systems against specifically oriented attacks.

  • Supporting Low-End Operating Systems and Hardware

    Kaspersky Embedded Systems Security is fully operational and supported on all Windows operating systems, from the Windows XP family to Windows 10 IoT. Hardware requirements are as little as 256Mb of RAM and 50Mb of disk space.

  • Default Deny for Applications, Drivers and Libraries

    Windows Embedded systems are fixed passive systems designed to undertake strictly limited functions, often involving credit and debit cards. By effectively ‘freezing’ the system—preventing any drivers, libraries or applications not on an approved list from launching—Kaspersky Embedded Systems Security denies attackers access through any of these means.

  • Device Control

    The most dangerous initial attacks on Embedded system networks are closely associated with insider activity and USB and CD-ROM access. Implementing a rigorous, comprehensive device access and control policy is the most effective form of risk mitigation.

  • Antivirus On-Demand

    The solution can be installed in ‘Default Deny’ mode, minimising hardware resource impact. An antivirus module also providing on-demand scan controls, with optional real-time protection from Kaspersky Security Network, is also included.

Business Benefits

Devices based on Windows Embedded are designed to offer the best possible service to users. Their weakest point is security. We’re seeing more and more malware targeting embedded devices, including POS systems, ATMs, ticketing machines and medical devices, together with non-malware-based attacks using middleware changes and additional libraries created by insider activity.

Using a classic “anti-malware approach” is impractical due to of the limitations of low-end hardware and is anyway largely ineffective in this unique threat landscape. Your business needs a cybersecurity solution specifically designed to protect Windows Embedded systems against new and emerging advanced cyberthreats.

  • Kaspersky Embedded Systems Security is designed specifically for service devices with embedded operating systems. It respects related hardware and efficiency considerations while simultaneously controlling and protecting the attack surfaces unique to these architectures.

  • The overall replacement of obsolete Windows XP systems is a painful process. We help buy you time to upgrade your nodes at your own pace. Kaspersky Embedded Systems Security supports all current Microsoft Windows Embedded and POS ready families, from the now-unsupported Windows XP family, to Windows 10 IoT.

  • Powerful, effective protection against both external threats and illicit insider activity is delivered through granular Device Controls and full Default Deny mode operation for applications, drivers and libraries.

  • Antivirus is provided as an optional module. Once Kaspersky Embedded Systems Security is installed in Device Control and Default Deny mode, additional antivirus is not always necessary, but can be added as a further security level where needed.

  • Hardware requirements are low. The solution is designed to work on 256Mb RAM and 50Mb disk space while running in ‘Application Control only’ mode on Windows XP.

  • PCI DSS requirements (v3.1 paragraphs 5.1, 5.1.1, 5.2, 5.3, 6,2) with which the Financial Services Industry must comply, are covered by Kaspersky Embedded Systems Security and Kaspersky Security Center.


Suitable for

  • Financial

  • Insurance

  • Retail

  • Hospitality

  • Healthcare

  • Restaurants

  • Ticketing

  • ATM and POS service providers


Related Solutions