Various types of transaction terminals, including point-of-sale (POS) terminals, are attractive targets for cybercriminals wishing to steal financial and/or identification information from cards such as payment cards. Many transaction terminals are simply commodity personal computers running an operating system such as MICROSOFT WINDOWS, and as such, they offer a familiar software development environment for malicious software (malware) as well as the security software intended to defeat it.
Traditional security software can protect against a given species of malware only after it has been updated to include a signature positively identifying that species. This arrangement necessarily creates a window of time from when the malware is used until such time that the malware is identified by researchers and a signature is created and deployed. In the case of malware targeting transaction terminals, cybercriminals using the malware can steal significant amounts of financial and identification information before a security software vendor becomes aware of the malware and publishes a signature to protect against it.