Abstract: Various embodiments herein each include at least one of systems, methods, and software for SST secure boot device order modification. One such embodiment, in the form of a method performed by a server, includes, receiving a request from a mobile device app to modify a boot order of a computer controlling operation of an SST. The method proceeds by authenticating the request. When the request is authenticated, the server performing the method then sends a command to the SST to modify the boot order of the SST.

Abstract: A system and method for operating a terminal such as an automated teller machine or other type of self-service terminal having a primary partition of a hard disk encrypted with a disk encryption key (DEK). At the initial installation and after every boot, a pre-boot manager encrypts the DEK with a new key encryption key (KEK) and then splits the encrypted DEK into a plurality of encrypted DEK parts. The pre-boot manager next stores the plurality of encrypted DEK parts in randomized storage locations on an unallocated portion of a hard disk and encrypts a list of the randomized storage locations of the plurality of encrypted DEK parts with the KEK and storing the encrypted list in a location on the unallocated portion of the hard disk. Finally, the pre-boot manager stores the KEK, optionally in an obfuscated format, in a location on the unallocated portion of the hard disk.

Abstract: Two-factor authentication is processed on a transaction terminal before access is provided to a secure resource of the transaction terminal. A first factor authentication is performed to authenticate an identifier and a credential of a user. A unique challenge is sent, in response to a successful first factor authentication, to a secure device interfaced to the transaction terminal. A one-time unique signed response is received from the secure device in response to the unique challenge and a user action that depresses a button on the secure device. The one-time unique signed response is compared against what is expected from the secure device. When the comparison is successful, a user identity for the user is set, a security role is set for the user identity, and the user is granted access to the secure resource with the set security role.

Abstract: An address for a protected resource of a device is randomized at configurable intervals of time as a randomized address. The randomized address is pushed to the Operation System (OS) for mapping the randomized address to an OS identifier for the protected resource. Other devices of a network produce a same randomized address for the protected resource based on a time-based synchronization.

Abstract: An input peripheral agent intercepts input commands on a host machine and enforces policy conditions and whitelist conditions before deciding whether to permit the commands to be processed by an operating system of the host or whether to ignore the commands on the host machine. In an embodiment, the policy conditions and whitelist conditions can be dynamically changed by a remote network manager without changing, stopping, and/or restarting the input peripheral agent and/or the host machine.

Abstract: An address for a protected resource of a device is randomized at configurable intervals of time as a randomized address. The randomized address is pushed to the Operation System (OS) for mapping the randomized address to an OS identifier for the protected resource. Other devices of a network produce a same randomized address for the protected resource based on a time-based synchronization.

Abstract: Two-factor authentication is processed on a transaction terminal before access is provided to a secure resource of the transaction terminal. A first factor authentication is performed to authenticate an identifier and a credential of a user. A unique challenge is sent, in response to a successful first factor authentication, to a secure device interfaced to the transaction terminal. A one-time unique signed response is received from the secure device in response to the unique challenge and a user action that depresses a button on the secure device. The one-time unique signed response is compared against what is expected from the secure device. When the comparison is successful, a user identity for the user is set, a security role is set for the user identity, and the user is granted access to the secure resource with the set security role.

Abstract: A whitelist of hash values for applications is signed and encrypted by a remote device and the encrypted whitelist is securely delivered over a network connection to a second device as an encrypted whitelist. The second device decrypts the whitelist and validates the signature of the remote device for the decrypted whitelist. Hash values in the decrypted version of the encrypted whitelist are compared against dynamically computed hash values for the applications. Applications with matching hash values are permitted to execute on the second device.

Abstract: An input peripheral agent intercepts input commands on a host machine and enforces policy conditions and whitelist conditions before deciding whether to permit the commands to be processed by an operating system of the host or whether to ignore the commands on the host machine. In an embodiment, the policy conditions and whitelist conditions can be dynamically changed by a remote network manager without changing, stopping, and/or restarting the input peripheral agent and/or the host machine.

Abstract: Various embodiments herein each include at least one of systems, methods, and software for SST secure boot device order modification. One such embodiment, in the form of a method performed by a server, includes, receiving a request from a mobile device app to modify a boot order of a computer controlling operation of an SST. The method proceeds by authenticating the request. When the request is authenticated, the server performing the method then sends a command to the SST to modify the boot order of the SST.

Abstract: A whitelist of hash values for applications is signed and encrypted by a remote device and the encrypted whitelist is securely delivered over a network connection to a second device as an encrypted whitelist. The second device decrypts the whitelist and validates the signature of the remote device for the decrypted whitelist. Hash values in the decrypted version of the encrypted whitelist are compared against dynamically computed hash values for the applications. Applications with matching hash values are permitted to execute on the second device.