Proactively identify malware threats. Outsource threats. Software issues.

3.2 million debit cards leaked by almost 19 banks in India, untold losses... Are you sure, your company is not the next Newshour debate on relevance of ATM security?


Most of the banks outsource Payment services in part or in full... what is conveniently forgotten is that outsourcing means outsourcing of operations, NOT accountability. With numerous clients under their belt and thinning margins, its not unusual to see shortcuts being taken. Are you taking refuge in your SLA? be assured that incase of a hack, that SLA won't demonstrate much. With numerous other initiatives such as Any Bank Banking, outsourcing of ATM switch services, outsourcing of even ATM sites, banks have definitely cut down on work overheads, but then the risk exposure has multiplied manifold.

To protect your ATM network from fraud, the banking security experts at VISTA InfoSec have developed a series of customised assessments that consider the entire ATM ecosystem as a whole and not just the machine. We can identify software, hardware and communication protocol vulnerabilities, design vulnerabilities, process vulnerabilities and incident response that are exploited by the likes of Trojan.Skimmer and Ploutus attacks, so you can block unauthorized cash withdrawals and protect payment card data.

Our approach to conducting assessment of your critical ATM Processes:

Takeaways towards a secure and resilient ATM/POS environment:


  • Easy-to-read reports for multiple stakeholders to take appropriate decisive action including.
  • Comprehensive report with prioritized list of vulnerabilities, compensating controls for vulnerabilities that cannot be directly addressed.
  • Actionable recommendations to mitigate the risks your environment faces from external attackers, Insider threats, automated worms, and network management errors to maximize improvement of your environment security posture.
  • Vulnerability Management portal
  • CxO dashboard.
  • Two-factor authentication, SSL data encryption & real time DR backups.
  • Online Submission and tracking of VA/PT tasks.
  • Customizable reports available only in secure repository with encryption
  • Assign vulnerabilities to team member for closure with time limit.
  • Team members can mark vulnerabilities as “Closed” and upload evidence.
  • Track closure of vulnerabilities identified.