Automated Teller Machines (ATM) are in general believed to be relatively secure devices since they handle consumer financial transactions. However, ATMs are susceptible to malware, viruses, and eavesdropping just like any other device having memory and processor capabilities.
Moreover, an ATM is especially lucrative to any eavesdropper capable of compromising the ATM execution environment. An ATM is not only loaded with currency, but also handles financial account information for consumers. Still further, the ATM has access to a secure financial network that can access many different financial institutions and likely has access to a branch server that interfaces over a separate network connection with the ATM's core banking system. ATMs may also be networked to one another within a bank branch. Thus, a compromised ATM could potentially create security issues for many customers and many financial institutions.
One technique for ensuring security is to decrypt an ATM's hard drive and store the decryption key either on a remote server or on the hard drive itself in a designated hidden area of the hard drive that is not encrypted. On ATM boot the decryption key is obtained either from the server or the designated area on the hard drive and used to decrypt the operating system (OS) from the hard drive. Then, when the OS is loaded the decryption key is passed to the OS and the OS decrypts the hard drive as needed during operation of the ATM.
The issue with storing the decryption key on a remote server is that often ATMs can experience network bandwidth or connectivity issues with the network connection between the remote server holding the decryption key and the ATM, which means either obtaining the key is impossible or too time consuming due to bandwidth issues. But, the ATM may still have good connectivity to its financial switch network and/or local bank branch server, which means that but for the inability to obtain the decryption key from the remote server, the ATM could be operational for customer use.
An issue with storing the decryption key on the hard drive in a designated unencrypted area of the hard drive is that should that key be compromised, the entire ATM hard drive may need re-encrypted with a new encryption key. Encrypted the entire hard drive of an ATM is a time consuming process and usually only done once on initial hard drive install on an ATM. Moreover, multiple ATMs typically share the same location on the hard drive where their decryption/encryption keys reside, such that should a location be compromised on a single ATM, all the ATMs become susceptible to compromise and all ATMs will need their hard drives re-encrypted because of the known shared location for the keys.