2Rich History of Innovation and Customer Commitment Business foundation by Heinz NixdorfExpansion to the fourth largest computer company in EuropeAcquisition of Nixdorf Computer corporation by Siemens corporationFoundation of Siemens Nixdorf Information Systems corporationEstablishment of Siemens Nixdorf Retail and Banking Systems Inc.Continuous growth with two-digit expansion rateSeparation from the Siemens groupIndependence and new brand: Wincor NixdorfInitial public offer as Wincor Nixdorf stock corporationInformationssysteme AGRetail and Banking Systems GmbH19521990199819992004
3Wincor Nixdorf At a Glance Corporate profile (FY 06/07)Customer-oriented cultureGlobal presence in over 90 countriesMain production locations:GermanySingaporeChinaBrazilDevelopment Center:SwitzerlandRetailBankingPostal serviceHospitalityService stationsLotteryProductsSolutions/ ConsultingServices incl. outsourcingBlue chip-customers
4Wincor Nixdorf HQ in the US – Austin, Texas Wincor Nixdorf in the United States90 employees and 60 people per shift in the call centerFacilities of 75,000 Sq. Feet includeSalesMarketingEngineering and technical supportFinancialsLogisticsWarehouseTesting and diagnosticsStaging and integrationAssembly lineSpare part inventoryCertified repairsShipping and receivingWincor Nixdorf HQ in the US – Austin, TexasMaterial HandlingRepair CenterStaging Center
5Worldwide Market Positions 2006No. 3No. 2No. 1ATMs and Cash DispensersPoint of SaleAutomated Teller SafesMulti-vendor ApplicationsMonitoring / AdminCustomer Information PrintersDocument/Passbook PrintersTransaction Terminals
7Wincor Nixdorf World wide shipments of ATMs/CDs 61.170Wincor Nixdorf World wide shipments of ATMs/CDs61,17006/0748,79505/0635,00504/0532,19003/0422,60802/0316,80301/0222,58700/0193/9415,3978,8653,11196/977,61095/9697/984,28594/9598/9992/933,95999/0014,1982,923~ 52,800 ATMs/CDs shipped in 2006/07~ 8,300 Intelligent Deposit Systems shipped in 2006/07
8Innovation strongly driven by Customer Needs and Technical Progress Key FiguresOngoing Portfolio-Additions, e.g.:SlimCash 200, ProCash 4000xs, ProCash 4100, FrontOffice/TOP, PCA 3.0Wincor Nixdorf commitment in FY 06/07 to customer-oriented R&D:R&D Spendings of US$ 138 Mio. (11% growth)843 Employees in R&D – 10% of total Headcount75 new Patents – Active Patents up to 1,028ProCash 4000xsSlimCashProCash 1571ProCash 4100xs
9Global Constructed Customer Base … and continuously winning new customers(15 years)(28 years)(26 years)Developing customers for decades …Blue chips:Banking 25 out of the Top 25 Banks in Europe18 out of the Top 25 Banks in the WorldRetail 19 out of the Top 25 Retailers in Europe17 out of the Top 25 Retailers in the WorldBanking ranked by market cap, Retail ranked byrevenue Source: Thomson Financial, Datastream,Lafferty (European Banker), STORES.org, MINTEL.com
10Top 25 ATM Deployer in North America Wincor Nixdorf is on track to become a leading supplier of banking solutions in North AmericaGoalsStrategicStrategic GoalsWN CustomerNon-WN CustomerPilot/Pilot in Prep.91011121314151617181920212223241234567825Top 25 ATM Deployer in North AmericaStrong company focus on U.S. business developmentBroaden No. 1 position in CanadaExpansion of onsite maintenance coverage and enhanced service portfolio (Managed Services)Direct Focus on Top AccountsReseller model for small and medium banksBroaden portfolio incl. Recycling ATMs, Kiosk, Branch Renewal, PC/EStrong focus on innovation, quality and customer satisfactionSource: ATM & Debit News Nov / Wincor Nixdorf
11Wincor Nixdorf continues to invest and shows a strong commitment to the U.S. marketplace MilestonesU.S.Banking business unit established in the U.S.2000200120022003200420052006Wincor Nixdorf US Headquarters established in Austin, TXAcquisition of AUTOTELL – Setup of regional SW competence center in Boston for the AmericasRollout of 1,200 ATMs at ValeroFirst Multivendor SW project at JPMC (eATM)2007Alliance Agreement with IBMLaunch of integration and staging centerCall Center setupRollout of 2,500 APC Terminals for USPSSetup of service Infrastructure Platform (eServices)Introduction of direct sales modelFirst envelope free pilot at Wells FargoBuilding up onsite maintenanceNationwide depot concept (FEDEX)BTN Innovator AwardBanking business growth of 98%Continues investments into sales, support and servicesNew HQ in Austin
12EXPERIENCE MEETS VISION. Aus unserer langjährigen Branchenerfahrung heraus bieten wir Zugang zu neuesten Technologien. Lösungen, die auf hochwertiger Hard- und Software basieren, integrieren wir nahtlos in die Systemlandschaften unserer Kunden. Umfassende Service- und Beratungsleistungen runden unser Angebotsprofil ab.Wir helfen beim Auf- und Ausbau von Informationstechnologie für traditionelle und neue Vertriebswege, integrieren Selbstbedienungs-Techniken, binden E- und M-Commerce in bestehende Vertriebsstrukturen ein und denken dabei schon heute an die Kanäle von morgen.Auf der ganzen Welt setzen Kunden aus den Bereichen Handel und Banken auf effiziente Prozesse, Investitionsschutz und niedrige Kosten über den gesamten Produktlebenszyklus - auf der ganzen Welt setzten Kunden auf Wincor Nixdorf.Know-how, das wir in den Zielbranchen Handel und Banken erworben haben, transferieren wir zunehmend auf andere Bereiche und erweitern so ständig unseren Kundenkreis.EXPERIENCE MEETS VISION.Securing your ATM Network
13Potential ATM Attacks Intrusion and Fraud/ Tampering theft Cyber Physical/DestructiveAttacks
14Potential ATM AttacksIntrusion and theftPhysical & Destructive AttacksFraud/TamperingCyber Attacks
15Security Housing Conventional safes Security levelsStrongboxWall thickness 2 or 3 mmUL 291 Level 1Wall thickness 12,5 mmCEN LRU* 30/50 (total breach)CEN IIIWall thickness 40 mmRU* 120 (total breach)CEN IVCEN VIWall thickness 80 mmRU* 400 (total breach)*RU: Resistance Unit Total time x BV of strongest tool + total BV of all toolse.g. BV (basic value): chisel= oxygen lance=32CEN V
16Safe Locks Functions Open Safe Change code Connection to Alarm System (Distress Alarming)Delayed openingAdministration system with Audit Trail (record opening activities)Single-use opening codes, Soft-Key (eg. Mas Hamilton Lock)
17Cassette – Note Staining Systems FunctionsThe ink from the security module integrated in the cassette degrades the cash within a fraction of a second.Can be switched to ATM or transport modeContacts protect the cassette if criminals attempt to break the cover open.Integrated sensors (detect non horizontal position and physical blows)Solution can be upgraded on machines in the field by replacing cassettes at a later date
18Cassette – Note Staining Systems AdvantageWincor Nixdorf’s solution assures an average banknote ink penetration of more than 35% when the cassette is full.The minimum guaranteed ink penetration is 20%.These ink penetration values are high when compared to competitor products.
23Explosion of ATMAn explosive gas mixture of oxygen and acetylene will be pumped in the ATM. With an electric cable, which is inserted in the ATM the explosive gas mixture will be ignited from a secure distance.
28Alarm Package: Machine Removal Sensor Fig.: A94_04.140Min. 6527.5190FunctionsMechanical sensorProtection against forceful removal of the entire ATMAlarm triggered as soon as attempt at removal startsNo false alarmsProtection against tampering
31Potential ATM AttacksIntrusion and theftPhysical & Destructive AttacksFraud/TamperingCyber Attacks
32Crimes Committed at ATMs Crimes most commonly committed at ATMsSkimmingSpecial intrusion mechanisms mounted in front of the card reader are used to copy (fish for) card data.Lebanese LoopSpecial intrusion mechanisms mounted in front of the card reader are used to steal the card.Not noticed by customer!Customer loses card!
35Skimming device on a ProCash 2xxx ATM CameraSkimming device
36Rash of ATM-skimming attacks hits Irish banks Wednesday FebruaryHUNDREDS of thousands of euro has been stolen from bank accounts of unsuspecting customers over the past two weeks, it emerged last night.The scam has hit bank customers in Limerick, Clare, Tipperary and Kerry, after skimming devices were installed on ATM machines across Munster.Gardai say that €160,000 has been stolen from bank accounts in Clare alone over the past fortnight.The revelation comes as Bank of Ireland refunded thousands of euro to 90 customers at its branch in Ennis who fell victim to a skimming operation.Source: Independent.ie News
37Fast processing of the skimmed data The data copied from the magnetic stripe is transmitted via radio waves and stored on a notebook computer.The skimmed data are passed on immediately and as soon as two hours later, fake cards can be used to make purchases
39New generation of skimming devices On the left you see a typical skimming device with conventional technology beside a new skimming device with modern technologyDimensionsWidth mmHeight mmDepth 3.89 mm
40New generation of skimming devices The police obtained a card skimmer and a fake PIN pad which was bonded to the ATM. Both items hardly distinguishable from the original components
41New generation of skimming devices Six small batteries connected to micro switchesTransmitter circuitMicro switchesMagnetic read headTransmitter antenna
42Video Surveillance Portrait camera ATM-specific installation ATM-specific camera moduleRetrofittableVersions:Black/white or color(Color for XE systems only)PAL or NTSC
43Anti-skimming Card Reader Throat With the anti-skimming card reader throat, easy mounting of a skimming device is preventedAnti-skimming card reader throat is securely screwed-on. Sensor is activated if card reader throat is removedElement for card readerthroat
44Card reader throat of Wincor Nixdorf ATMs It is important to know how far the card juts out of the card reader module in the eject position. In WN systems, it is approx. 30 mm.30 mmInsertion directionThis is the area accessible to the system user or the thief with our standard card reader throatThe installation of an anti-fraud card reader throat eliminates the space required for the installation of a skimming device.A skimming device cannot be attached in front of our card reader.
45Anti-skimming Sensor Anti-Skimming Sensor Mounted inside ATM fascia Can not be seen or removed from outside the ATMSenses change in magnetic field associated with installation of skimming deviceSensor communicates with ATM software if device detectedAlarm triggeredATM shutdownAutomated action(s)
46Potential ATM AttacksIntrusion and theftPhysical & Destructive AttacksFraud/TamperingCyber Attacks
47Payment Card Industry PCI Data Security Standard: PCI DSS For the first time in Sept. 2006, the five brands agreed on a single, common framework for creation of an organization to develop and maintain security standards for credit and debit card payments.The newly formed Payment Card International Security Standards Council will manage the PCI Data Security Standard for merchants, payment processors, point-of-sale vendors, financial institutions and more than a billion cardholders worldwide.
48Payment Card Industry 3 different standards There are 3 standards relevant to banking…..Encrypting Pad (EPP) Security: PED (Visa)Encrypting PIN Security (RKL, Key management)Data Security (operations, infrastructure and processes)
49Encrypting PIN Pad (EPP) FunctionsPCI PED 1.0 or higher (for all ATMs purchased after 1/1/2008)Securing the network keys (attack-proof memory area)Remote key managementCryptographic functionsSecurity housing (tamper-responsive)Secure software update (direct or remote)
51Key Loading….today vs. tomorrow Typical process today for master key inputThe master key is generated by the KMS/HSM, then printed out and distributed as two key halvesTwo employees each input one half of the key on the local ATMDisadvantages:Cost-intensive processLabor-intensive processSecurity: Key cracking / misuse / loss of keyMaster keyKMS/HSM(Key generation)Manualkey loadingKMS: Key Management SystemsHSM: Hardware Security ModuleTMK: Terminal Master Key
52Remote Key Loading Master Key The Master Key must be encrypted, with a unique Transport key per ATM (Terminal).Each ATM must have a unique identifier !During the initial master key loading process,the host must be able to verify the data from the ATMand the ATM (EPP) must be able to verify the host dataThe first initial transport key must be injected in the ATM (EPP) in a secure way or secure environment
53Payment Card Industry Data Security Standard (DSS) - Requirements Build and Maintain a Secure NetworkInstall and maintain a firewall configuration to protect cardholder dataDo not use vendor-supplied defaults for system passwords and other security parametersProtect Cardholder DataProtect stored cardholder dataEncrypt transmission of cardholder data across open, public networksMaintain a Vulnerability Management ProgramUse and regularly update anti-virus softwareDevelop and maintain secure systems and applications
54Payment Card Industry Impact for Wincor Nixdorf Encrypting Pad (EPP) SecurityHardwareFirmwareEncrypting PIN Security (Remote Key Load - RKL, Key Management)PCI Compliant FirmwarePCI Compliant ATM Software: ProClassic (NDC/DDC/IFX)RKL Solutions: ProRKL & PT/E-RKLData Security (operations, infrastructure and processes)Platform Security Agent (PSA)ProTect/OnePT/E- HVPN