Kaspersky Embedded Systems Security for ATM and POS systems

All-in-one security addressing the vulnerabilities and constraints of embedded systems

Request a Call Try for free Download Datasheet

Windows Embedded systems are becoming an ever more popular target for cybercriminals. These devices tend to operate inside the corporate network, to be geographically scattered and to handle critical data, often working with credit and debit cards. End-of-life Windows XP is still a standard for many such systems, as is low-end hardware.

Kaspersky Embedded Systems Security is specially designed to protect these systems against attacks targeting their contents and exploiting their limitations.

What We Offer

Kaspersky Embedded Systems Security has been designed for service devices which use Windows Embedded operating systems. It recognises and respects specific hardware, has a flexible modular structure, and efficiency considerations, while simultaneously controlling and protecting the attack surfaces unique to these architectures through:

  • Default Deny for Apps, Drivers & Libraries

    Default Deny for Apps, Drivers & Libraries

    The basis of effective protection for embedded systems

  • Device Control, USB Connections Monitoring

    Device Control, USB Connections Monitoring

    Preventing the physical connection of unauthorised USBs and other devices – a major source of both accidental and deliberate infection

  • Antivirus On-Demand

    Antivirus On-Demand

    Proven protection from the industry’s leading antivirus engine, capable of detecting even the most advanced and aggressive attacks

  • Memory Protection

    Memory Protection

    Securing the system against exploits, ransomware and memory injection

  • File Integrity Monitoring and Log Audit

    File Integrity Monitoring and Log Audit

    Combines the efficiency of critical files protection and change-tracking with regulatory compliance requirements


Suitable for

  • Financial Services

  • Insurance

  • Retail

  • Hospitality

  • Healthcare

  • Restaurants

  • Ticketing

  • Transport

  • ATM and POS Service Providers

In Use

Default Deny for Applications, Drivers and Libraries

Windows Embedded systems are fixed passive systems designed to undertake a strictly limited range of functions, often involving credit and debit cards. By effectively ‘freezing’ the system—preventing any drivers, libraries or applications not on an approved list from launching—Kaspersky Embedded Systems Security denies potential attackers, including insiders or third party service providers, access to any of these means.

Antivirus On-Demand and Firewall Management

Kaspersky Embedded Systems Security can be installed in ‘Default Deny for Applications and Devices only’ mode to minimise the impact on hardware resources. The solution can also centrally manage firewalls and can be installed with the inclusion of an antivirus module providing on-demand scanning controls within the same licence. Should malware penetrate all these defences, optional real-time antivirus protection from Kaspersky Security Network can also come into play.

Regulatory Compliance

In support of regulatory requirements, Kaspersky Embedded Systems Security offers specific features including File Integrity Monitoring and Log Audit in our Compliance Edition. This also includes features like Default Deny, Antivirus, Firewall Management, Device Control and optional Patch Management, all administered through Kaspersky Security Center and designed to help secure embedded systems in compliance with international standards. So there’s no longer any need to purchase three separate solutions from different vendors, or to choose between effective protection and regulatory compliance.

Product Architecture

The solution has been designed specifically to mitigate cybersecurity risks to systems based on embedded operating systems, protecting the attack surfaces unique to these architectures while respecting related hardware and efficiency considerations. A single intuitive console gives you the control and visibility you need to effectively manage multi-layered security for your endpoints, your critical systems and your whole IT infrastructure. The Default Deny, Device Control and Memory Protection modules included are absolutely essential to effective embedded systems protection, while additional modules further enhance security levels where required.

System Requirements

Premium Support and Professional Services

Professional help is available whenever you need it. Operating in more than 200 countries, from 34 offices worldwide, we have you covered 24/7/365. Take advantage of our Maintenance Service Agreement (MSA) support packages, or call on our Professional Services to ensure that you derive maximum benefit from your Kaspersky Lab security installation.

  • 2 4

    a day

  • 0 7

    a week

  • 3 6 5

    a year


The Threats

Today we see embedded systems everywhere: in ticketing machines, ATMs, kiosks, point of sale systems, medical equipment… the list goes on.

Kaspersky Embedded Systems Security secures Windows based devices like these from unauthorised access and ongoing damage caused by cyberattacks, protecting your business from:

  • Theft and exploitation of customer credentials and confidential data

  • Targeted attacks, initiated through your Windows Embedded systems

  • All the costs associated with reputational and brand damage

  • Theft through duplicate credit cards, using POS and ATM memory dumps

  • Cash lost through the direct hacking of individual ATMs

  • Having to update your hardware and OS in order to update your security

Related Solutions

We use cookies to make your experience of our websites better. By using and further navigating this website you accept this. Detailed information about the use of cookies on this website is available by clicking on more information.

Accept and close