Software side of kiosk security
When it comes to kiosk security, it is important to pay attention to both hardware and software side. In this article we will present some considerations regarding hardware side of kiosk security which are important for many uses kiosks are put to.
Use software designed for kiosks
Kiosks can be attacked through browsers and other consumer applications because they are not designed with security in mind. For example, notepad is also an application that can be used by attackers, even though browsers are more common vector.
Some software has features such as kiosk mode which will prevent users from putting application in the background which could allow them to execute their attacks.
Dedicated kiosk software will also have features such as secure data transfers using encryption to secure databases.
Network security
Ideally, the kiosk network will be a seperate network. If that is not practical to implement then network administrator should implement restrictions on the permissions to access the network.
Wi-Fi connection is one obvious target for attackers and data can flow through the network without being encrypted. Using 4G cellular modem instead of Wi-Fi connectivity is one option. Using it will reduce internet billing, give reliable and steady connectivity and result in better kiosk security due to better implemented encryption.
Operating system considerations
There are many keyboard shortcuts that will present attacker with way to exploit that. That’s why its important to restrict keyboard input. You could also use keyboard filter driver to filter out system hotkeys.
Removing the option from user to use mouse right-click will also reduce the attack surface. For example, right click option in browser can be especially dangerous.
It is also good idea to prevent users from accessing just any external website. You could use a whitelist to have a list of acceptable websites.
One more important considerations is to have versions of your applications and security patches of your operating system kept up to date.
Outside software
Sometimes there are errors in security outside the kiosk. For example, the bank might have some security issues in its own software. You can’t directly fix them, but you can notice them and report them so they can be fixed.