Automated Teller Machines (ATM) are in general believed to be relatively secure devices since the handle consumer financial transactions. However, ATMs are susceptible to malware and viruses just like any other device having memory and processor capabilities.
Moreover, an ATM is very lucrative to any eavesdropper capable of compromising the ATM execution environment. An ATM is not only loaded with currency, but also handles financial account information for consumers. Still further, the ATM has access to a secure financial network that can access many different financial institutions and likely has access to a branch server that interfaces over a separate network connection with the ATM's core banking system. Thus, a compromised ATM could potentially create security issues for many customers and many financial institutions.
Access to the ATM for purposes of compromising its security can come knowingly from ATM maintenance staff (as part of an inside operation to compromise the ATM) or unknowingly from ATM maintenance staff through devices they use to interface with the ATM, where those interface devices are compromised. The threat can also occur remotely from one of the ATM's network connection. Also, the threat may come from a customer that is able to access an ATM interface port without being noticed (or even replace a peripheral device of the ATM by replacing the peripheral device with a compromised one).
In fact, there are a variety of scenarios in which an ATM can be exposed to security vulnerabilities.
Therefore, there is a need to continually validate the authenticity of the software resources of the ATM to ensure that the ATM has not become compromised in some manner.