Secure Payment Transactions and Consumer Information from Point-of-Sale to the Server Intel delivers flexible, end-to-end data protection for retail point-of-sale transactions any device, anywhere, anytime. We re discovering between one to nine new pieces of malware every second. And this is basically being written by computers. Peter W. Singer, Brookings Institution Protecting consumer data is a 24/7 task that s critical for retailer success. It s also increasingly challenging to do well; as retail environments evolve, including new point-of-sale (POS) options available to the retailer, opportunities for those with malicious intent continue to rise. Improved credit/debit card authentication methods such as EMV implementation are helping to reduce fraudulent use of counterfeit credit cards. But none of these approaches address the basic issue of protecting the data itself, as evidenced by regular reports of fraud and theft that continue to plague consumers and retailers. Across the transaction industry, malware continues to frustrate commerce by infiltrating networks, exploiting security gaps, and stealing staggering amounts of transaction and personal information. Intel Data Protection Technology for Transactions closes this gap by creating a transaction path that directly routes data from the payment terminal to the bank s servers, encrypting sensitive personal information that bypasses the POS platform, its system memory and the POS operating system. Using a combination of hardware authentication and end-to-end encryption, Intel Data Protection Technology for Transactions is designed to secure both credit/debit and personal data from the moment a transaction is initiated all the way through the storage of the encrypted information on retailer and bank server networks. The Result: Consumer data is well-protected, malware attacks are more likely to be prevented, and retailers are set up with a flexible and future-proof solution that simplifies end-point
End-to-end encryption from card-acceptance at the peripheral through server delivery means plaintext data is never exposed to the POS operating system or to any applications including malware on the computing platform. authentication, reduces security worries, and increases POS choice. Strengthening Security in Open Platforms One of the most significant and persistent vulnerabilities in today s data-transaction environment is at the POS system. Built on open architectures, POS systems tablets, scanners, mobile and fixed payment terminals, and more are where transactional information is often processed and stored in plaintext format. This creates opportunities for successful malware attacks. Transactions tackles the issue of data exposure by separating transaction processing from the POS operating system, both physically and logically. This design has the net effect of securely isolating transactional data from start to finish, essentially rendering it inaccessible by the POS system, its memory, and its operating system. Bolstering Hardware Security with Software Transactions is a software download that is compatible with many retail systems built on today s and tomorrow s Intel processors, including Intel Core processors and the latest Intel Atom processor-based devices. Because it is software-enabled hardware security, Transactions offers retailers advanced levels of data security without the need for new hardware. In addition, Intel Data Protection Technology for Transactions is built on numerous Intel and McAfee technologies that provide trusted execution on the client and secure communications to remote management servers. As illustrated in Figure 1, these create a powerful solution for securing sensitive transactional data, end-to-end. Creating a trusted commerce flow According to a Solutionary report, organizations spend over $3,000 per day for up to 30 days in the aftermath of a malware attack. 2 And according to Michael Bruemmer, Vice President for Experian s Data Breach Resolution Group, recent large retail malware attacks have put hundreds of millions of credit/debit card numbers at risk in the United States alone. 3 CARD READER POINT OF SALE COMMAND CONSOLE Policies POS SOFTWARE PROTECTED APPLET Credit card data BANK Figure 1. Intel Data Protection Technology for Transactions provides unique chipsets and peripherals for retail payment solutions, including those using EMV, NFC, magnetic stripe, and PIN entry capabilities. Intel Data Protection Technology for Transactions also protects sensitive non-payment information. Intel Data Protection Technology for Transactions Retail Sector 2
One Record at a Time. That s how malware steals thousands even millions of consumer records. Malware can be aggressive, going into action immediately. It can also be patient, lying dormant for weeks, months, or years before waking up on a specific date or in response to a specific activity. In either case, transactional data sets are collected one-by-one, often ballooning into incredible multitudes of stolen records, wreaking havoc on commerce and consumer trust. Integration & Activation & 1 2 3 4 5 Deployment Provisioning Equipment installed and connected Applet phones home to server, receives initial provisioning & policies Transactions helps mitigate these risks and their costs. Here are four key ways: End-to-end encryption of transaction information. End-to-end encryption from card-acceptance at the peripheral through server delivery means plaintext data is never exposed to the POS operating system or to any applications including malware on the computing platform. This increased transaction protection closes security gaps that have resulted in the theft of millions of credit/debit card numbers. Central management and updates. Intel Data Protection Technology for Transactions software regularly communicates with a command console to receive proactive configuration changes, credential updates and policy changes, as well as to upload current status and security telemetry data. Trusted Commerce Flow Pairing Transaction Management Peripherals pair with applet if and only if applet provisioning allows it Bank Card transactions are encrypted at the peripheral and policies route them to a bank server Applet phones home periodically for configuration updates & security metrics sharing Strict policy-driven access to transactional information. Intel Data Protection Technology for Transactions permits the controlled use of transaction data in accordance to specific policy. For example, POS processes may dictate that an expiration date is required to print a receipt, or only the birthdate from a given identification card be used to calculate an age (instead of releasing the entire record). By providing the POS with only the minimum information needed to maintain legacy processes (e.g., the last four digits of the credit card and the cardholder s name), Intel Data Protection Technology for Transactions maintains the utility of the POS while blocking memory scraping malware attacks. Whitelisting and authentication of secure devices. Confirming with whitelists provided by the retailer, the technology simplifies the deployment of authentication credentials at the fleet level across all deployed transaction assets. This is an effective protection against attacks whereby store assets are covertly replaced with compromised devices.
KEY CAPABILITIES FEATURE HOW IT WORKS BENEFIT Hardware Isolation Transactions uses a physically and logically isolated execution environment in the compute platform. Peripheral Whitelisting Server Connectivity Software-Enabled Hardware Security Common Ingredients Watchdog Timers Modular Flexibility Peripherals must authenticate and pass a whitelisting check with the POS before becoming part of the secure connection. Secure management channels are utilized to download configuration updates, modify policies, and share status data with the server. Using roots of trust in the Intel platform, the initial activation and provisioning can be securely performed with a remote server. Ingredients will function similarly on POS platforms from multiple vendors. Ingredients of managed assets will disable themselves if they haven t been able to reach a management server after a configured period of time. Transactions supports multiple peripherals and devices communicating with the platform, regardless of how they are connected (e.g., via USB, WiFi, Bluetooth low energy (BLE), etc.). Unintentional plaintext data is never exposed to the host CPU, operating system, or POS applications Data is better protected from memory-scraping malware attacks Peripherals introduced by attackers or from unknown origins cannot participate or process transactions Transactions-based POS devices won t accept data from unknown sources Reduces chances of social-engineering attacks Devices can be managed at the fleet level Can push changes based on changing security threats The technology can be easily activated on previously deployed POS assets, and shouldn t require hardware touches to the POS Investing in Transactions-capable and compatible devices ensures that the same tools can be used to manage the assets over time, regardless of vendor POS assets removed from the store or merchant network will disable their Intel Data Protection Technology for Transactions functionality, reducing the value of an attack Complex data flows can be easily enabled, allowing peripherals to interoperate McAfee Adds a New Layer of Data Protection McAfee Integrity Control blocks unauthorized applications and change on fixed-function POS systems. Combining industry-leading whitelisting with change-control technology, McAfee Integrity Control: Prevents out-of-policy changes while still allowing updates from authorized sources. Boosts control over change policies and effectively secures devices, even in standalone mode without network access. Is centrally-managed and efficient, eliminating the need to manage data in separate systems. Runs transparently and enables the entire POS infrastructure to be monitored without impact. Dynamically manages whitelists and supports multiple configurations for different business needs and devices. Is flexible, affordable, and secure. Intel Data Protection Technology for Transactions Retail Sector 4
Simply Secure and Complementary Keeping consumer data secure is absolutely critical for retailers; the consequences of not providing modern payment tools or neglecting sources of potential security breaches are too great to ignore. Transactions is a powerful new addition to retail s defenses against malicious attacks. Built to work with available transactionprocessing technologies including EMV, magnetic stripe, and near-field communication (NFC), Intel Data Protection Technology for Transactions complements protections retailers already have in place while simultaneously fortifying the entire transaction-security system. With Transactions, retailers are better able to meet consumer requirements for transaction security, and also meet their own requirements for POS manageability and adaptability that today s business demands. For more information, visit intel.com/transactiondataprotection or contact your Intel representative. 1. Demystifying Point-of-Sale Malware Attacks, Symanec Security Response Blog, Feb 2014 (http://www.symantec.com/connect/blogs/demystifying-point-sale-malware-and-attacks) 2 2013 SERT Global Threat Intelligence Report, Solutionary, https://go.solutionary.com/gtir.html 3 43% of companies had a data breach in the past year, USA Today Tech, Sept 24, 2014 (http://www.usatoday.com/videos/tech/2014/09/24/16123023/) No computer system can provide absolute security. Requires an enabled Intel processor and software optimized for use of the technology. Consult your system manufacturer and/or software vendor for more information. INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY RIGHTS IS GRANTED BY THIS DOCUMENT. EXCEPT AS PROVIDED IN INTEL S TERMS AND CONDITIONS OF SALE FOR SUCH PRODUCTS, INTEL ASSUMES NO LIABILITY WHATSOEVER, AND INTEL DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY, RELATING TO SALE AND/OR USE OF INTEL PRODUCTS INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY PATENT, COPYRIGHT OR OTHER INTELLECTUAL PROPERTY RIGHT. UNLESS OTHERWISE AGREED IN WRITING BY INTEL, THE INTEL PRODUCTS ARE NOT DESIGNED NOR INTENDED FOR ANY APPLICATION IN WHICH THE FAILURE OF THE INTEL PRODUCT COULD CREATE A SITUATION WHERE PERSONAL INJURY OR DEATH MAY OCCUR. Intel may make changes to specifications and product descriptions at any time, without notice. Designers must not rely on the absence or characteristics of any features or instructions marked reserved or undefined. Intel reserves these for future definition and shall have no responsibility whatsoever for conflicts or incompatibilities arising from future changes to them. The information here is subject to change without notice. Do not finalize a design with this information. The products described in this document may contain design defects or errors known as errata which may cause the product to deviate from published specifications. Current characterized errata are available on request. Contact your local Intel sales office or your distributor to obtain the latest specifications and before placing your product order. Copies of documents which have an order number and are referenced in this document, or other Intel literature, may be obtained by calling 1-800-548-4725, or byvisiting Intel s Web site at www.intel.com. Copyright 2014 Intel Corporation. All rights reserved. Intel and the Intel logo are trademarks of Intel Corporation in the U.S. and/or other countries. * Other names and brands may be claimed as the property of others. Printed in USA 1014/MB/ICMCRC/PDF Please Recycle 331357-001US