January 2008 Chad Young Director, Distribution Channels U.S

January 2008

Chad YoungDirector, Distribution Channels U.S.

2 Wincor Nixdorf US | January 2008

Rich History of Innovation and Customer Commitment

1952 1990 1998 1999 2004

Informationssysteme AG Retail and Banking Systems GmbH

Business foundation by Heinz Nixdorf

Expansion to the fourth largest computer company in Europe

Acquisition of Nixdorf Computer corporation by Siemens corporation

Foundation of Siemens Nixdorf Information Systems corporation

Establishment of Siemens Nixdorf Retail and Banking Systems Inc.

Continuous growth with two-digit expansion rate

Separation from the Siemens group

Independence and new brand:Wincor Nixdorf

Initial public offer as Wincor Nixdorf stock corporation


Wincor NixdorfAt a Glance

Blue chip-customers

Retail Banking Postal service Hospitality Service stations Lottery Products Solutions/ Consulting Services incl.

outsourcing

Global presence in over 90 countries

Main production locations: Germany Singapore China Brazil

Development Center: Germany Switzerland Singapore

Corporate profile (FY 06/07) Customer-oriented culture


Wincor Nixdorf in theUnited States

90 employees and 60 people per shift in the call center

Facilities of 75,000 Sq. Feet include Sales Marketing Engineering and technical support Financials Logistics Warehouse Testing and diagnostics Staging and integration Assembly line Spare part inventory Certified repairs Shipping and receiving

Wincor Nixdorf HQ in the US – Austin, Texas

Staging Center

Material Handling

Repair Center


Worldwide Market Positions

2006

No. 3

No. 3

No. 2

No. 1

No. 1

No. 1

No. 2

No. 1

Automated Teller Safes

Monitoring / Admin

Document/Passbook Printers

ATMs and Cash Dispensers

Point of Sale

Multi-vendor Applications

Customer Information Printers

Transaction Terminals


End-to-End Portfolio

ProCash Analyzer

Multi-vendor Software

Net centered multi-channel

solutions

ProClassic

ProClassic/Enterprise

1-2-1Marketing

Cash Management

Branch Solutions

ProCash/ FOnetdaNCe

ProSales

Solutions

ProductsIntelligent Deposit

Kiosk TerminalsATM / Cash

Recycling

Counter workstations

ATS

Redemption of empty

packaging

Postal teller machines

Self-Checkout

Services


Wincor NixdorfWorld wide shipments of ATMs/CDs

~ 52,800 ATMs/CDs shipped in 2006/07~ 8,300 Intelligent Deposit Systems shipped in 2006/07

61,170

06/07

48,795

05/06

35,005

04/05

32,190

03/04

22,608

02/03

16,803

01/02

22,587

00/0193/94

15,397

8,865

3,111

96/97

7,610

95/96 97/98

4,285

94/95 98/9992/93

3,959

99/00

14,198

2,923


Innovation strongly driven byCustomer Needs and Technical Progress

ProCash 4000xsSlimCash ProCash 1571 ProCash 4100xs

Key Figures

Key Figures

Ongoing Portfolio-Additions, e.g.: SlimCash 200, ProCash 4000xs, ProCash 4100,

FrontOffice/TOP, PCA 3.0

Wincor Nixdorf commitment in FY 06/07 to customer-oriented R&D: R&D Spendings of US$ 138 Mio. (11% growth) 843 Employees in R&D – 10% of total Headcount 75 new Patents – Active Patents up to 1,028


… and continuously winning new customers

(15 years)

(28 years)

(26 years)

(28 years)

(26 years)

Developing customers for decades …

Global Constructed Customer Base

Banking ranked by market cap, Retail ranked by revenue Source: Thomson Financial, Datastream,Lafferty (European Banker), STORES.org, MINTEL.com

Blue chips:

Banking 25 out of the Top 25 Banks in Europe 18 out of the Top 25 Banks in the World

Retail 19 out of the Top 25 Retailers in Europe 17 out of the Top 25 Retailers in the World


Strong company focus onU.S. business development

Broaden No. 1 position in Canada

Expansion of onsite maintenance coverage and enhanced serviceportfolio (Managed Services)

Direct Focus on Top Accounts

Reseller model for small and medium banks

Broaden portfolio incl. Recycling ATMs, Kiosk, Branch Renewal, PC/E

Strong focus on innovation, quality and customer satisfaction

Goals StrategicStrategic Goals

Source: ATM & Debit News Nov. 2007 / Wincor Nixdorf

Wincor Nixdorf is on track to become a leading supplier of banking solutions in North America

WN Customer Non-WN CustomerPilot/Pilot in Prep.

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

1

2

3

4

5

6

7

8 25

Top 25 ATM Deployer in North America


Wincor Nixdorf continues to invest and shows a strong commitment to the U.S. marketplace

Milestones U.S.

Banking business unit established in the U.S.2000

2001

2002

2003

2004

2005

2006

Wincor Nixdorf US Headquarters established in Austin, TX

Acquisition of AUTOTELL – Setup of regional SW competence center in Boston for the Americas

Rollout of 1,200 ATMs at Valero First Multivendor SW project at JPMC (eATM)

2007

Alliance Agreement with IBM Launch of integration and staging center Call Center setup

Rollout of 2,500 APC Terminals for USPS Setup of service Infrastructure Platform (eServices)

Introduction of direct sales model First envelope free pilot at Wells Fargo

Building up onsite maintenance Nationwide depot concept (FEDEX)

BTN Innovator Award Banking business growth of 98% Continues investments into sales,

support and services New HQ in Austin


Securing your ATM Network

EXPERIENCE MEETS VISION.


Potential ATM Attacks

Intrusion andtheft

Physical/Destructive

Attacks

Fraud/ Tampering

CyberAttacks


Intrusion and theft

Physical & Destructive Attacks

Fraud/Tampering

Cyber Attacks



Security HousingConventional safes

Strongbox Wall thickness 2 or 3 mm

UL 291 Level 1 Wall thickness 12,5 mm

CEN L Wall thickness 12,5 mm RU* 30/50 (total breach)

CEN III Wall thickness 40 mm RU* 120 (total breach)

CEN IV Wall thickness 40 mm RU* 120 (total breach)

CEN VI Wall thickness 80 mm RU* 400 (total breach)

CEN V

*RU: Resistance UnitTotal time x BV of strongest tool + total BV of all tools

e.g. BV (basic value): chisel=1 oxygen lance=32

Security levels


Safe Locks

Functions

Open Safe

Change code

Connection to Alarm System(Distress Alarming)

Delayed opening

Administration systemwith Audit Trail (record opening activities)

Single-use opening codes, Soft-Key (eg. Mas Hamilton Lock)


Cassette – Note Staining Systems

The ink from the security module integrated in the cassette degrades the cash within a fraction of a second.

Can be switched to ATM or transport mode

Contacts protect the cassette if criminals attempt to break the cover open.

Integrated sensors (detect non horizontal position and physical blows)

Solution can be upgraded on machines in the field by replacing cassettes at a later date

Functions


Cassette – Note Staining Systems

Wincor Nixdorf’s solution assures an average banknote ink penetration of more than 35% when the cassette is full.

The minimum guaranteed ink penetration is 20%.

These ink penetration values are high when compared to competitor products.

Advantage


Intrusion and theft


Fraud/Tampering

Cyber Attacks



Anatomy of an ATM Theft


Anatomy of an ATM Theft


…and when finally found….


Explosion of ATM

An explosive gas mixture of oxygen and acetylene will be pumped in the ATM. With an electric cable, which is inserted in the ATM the explosive gas mixture will be ignited from a secure distance.


Explosion of ATM


Explosion of ATM


Result…theft of cash cassettes


Anchored ATM Installation


Functions

Alarm Package: Machine Removal Sensor

Fig.: A94_04.1

40

Min

. 65

27.5

190

Mechanical sensor

Protection against forceful removal of the entire ATM

Alarm triggered as soon as attempt at removal starts

No false alarms

Protection against tampering


Alarm Package: Structure-borne Noise Sensors

Thermal intrusion (heat sensors)

Mechanical intrusion (acoustic

sensors)

Explosives (seismic sensors)


ATM secured with GPS positioning technology

Alarmplan wird ausgelöst

Internet

Security operations control center

location-finding server

GPS location module

Database network provider

) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) ) )

) ) ) ) ) ) ) ) ALARM

D1D2O2

NeigungsmelderNeigungsmelderTilt sensor

----------------

-------


Intrusion and theft


Fraud/Tampering

Cyber Attacks



Crimes Committed at ATMs

Crimes most commonly committed at ATMs

Skimming

Special intrusion mechanisms mounted in front of the card reader are used to copy (fish for) card data.

Lebanese Loop

Special intrusion mechanisms mounted in front of the card reader are used to steal the card.

Not noticed by customer! Customer loses card!


Lebanese Loop


Anti Lebanese Loop Card Reader

3


Skimming device on a ProCash 2xxx ATM

CameraCamera Skimming deviceSkimming device


Rash of ATM-skimming attacks hits Irish banks

Wednesday February 27 2008

HUNDREDS of thousands of euro has been stolen from bank accounts of unsuspecting customers over the past two weeks, it emerged last night.

The scam has hit bank customers in Limerick, Clare, Tipperary and Kerry, after skimming devices were installed on ATM machines across Munster.

Gardai say that €160,000 has been stolen from bank accounts in Clare alone over the past fortnight.

The revelation comes as Bank of Ireland refunded thousands of euro to 90 customers at its branch in Ennis who fell victim to a skimming operation.

Source: Independent.ie News


Fast processing of the skimmed data

The data copied from the magnetic stripe is transmitted via radio waves and stored on a notebook computer.

The skimmed data are passed on immediately and as soon as two hours later, fake cards can be used to make purchases


New generation of skimming devices



On the left you see a typical skimming device with conventional technology beside a new skimming device with modern technology

Dimensions

Width 70.31 mm Height 18.04 mm Depth 3.89 mm



The police obtained a card skimmer and a fake PIN pad which was bonded to the ATM. Both items hardly distinguishable from the original components



Six small batteries connected to micro switches

Micro switches Magnetic read head

Transmitter circuit

Transmitter antenna


Video Surveillance

ATM-specific installation ATM-specific camera module Retrofittable Versions:

Black/white or color (Color for XE systems only)PAL or NTSC

Portrait camera


Anti-skimming Card Reader Throat

Element for card readerthroat

With the anti-skimming card reader throat, easy mounting of a skimming device is prevented

Anti-skimming card reader throat is securely screwed-on. Sensor is activated if card reader throat is removed


Card reader throat of Wincor Nixdorf ATMs

30 mm

It is important to know how far the card juts out of the card reader module in the eject position. In WN systems, it is approx. 30 mm.

This is the area accessible to the system user or the thief with our standard card reader throat

Insertion direction

The installation of an anti-fraud card reader throat eliminates the space required for the installation of a skimming device.

A skimming device cannot be attached in front of our card reader.


Anti-skimming Sensor

Mounted inside ATM fascia

Can not be seen or removed from outside the ATM

Senses change in magnetic field associated with installation of skimming device

Sensor communicates with ATM software if device detected

Alarm triggered

ATM shutdown

Automated action(s)

Anti-Skimming Sensor


Intrusion and theft


Fraud/Tampering

Cyber Attacks



Payment Card IndustryPCI Data Security Standard: PCI DSS

For the first time in Sept. 2006, the five brands agreed on a single, common framework for creation of an organization to develop and maintain security standards for credit and debit card payments.

The newly formed Payment Card International Security Standards Council will manage the PCI Data Security Standard for merchants, payment processors, point-of-sale vendors, financial institutions and more than a billion cardholders worldwide.


Payment Card Industry3 different standards

There are 3 standards relevant to banking…..

Encrypting Pad (EPP) Security: PED (Visa)

Encrypting PIN Security (RKL, Key management)

Data Security (operations, infrastructure and processes)

www.pcisecuritystandards.org


Encrypting PIN Pad (EPP)

PCI PED 1.0 or higher (for all ATMs purchased after 1/1/2008)

Securing the network keys(attack-proof memory area)

Remote key management

Cryptographic functions

Security housing (tamper-responsive)

Secure software update (direct or remote)

Functions


Remote Key Loading (RKL)

ATM

ATM

ATM

ATM

ATM

ATM


Key Loading….today vs. tomorrow

Typical process today for master key input The master key is generated by the KMS/HSM, then printed out and

distributed as two key halves Two employees each input one half of the key on the local ATM

Disadvantages: Cost-intensive process Labor-intensive process Security: Key cracking / misuse / loss of key

Manual

key loading

KMS/HSM(Key generation)

Master key

KMS: Key Management Systems

HSM: Hardware Security Module

TMK: Terminal Master Key


Remote Key Loading

The Master Key must be encrypted, with a unique Transport key per ATM (Terminal).

Each ATM must have a unique identifier !

During the initial master key loading process,

the host must be able to verify the data from the ATM

and the ATM (EPP) must be able to verify the host data

The first initial transport key must be injected in the ATM (EPP) in a secure way or secure environment

Master Key


Payment Card Industry Data Security Standard (DSS) - Requirements

Build and Maintain a Secure Network

1. Install and maintain a firewall configuration to protect cardholder data

2. Do not use vendor-supplied defaults for system passwords and other security parameters

Protect Cardholder Data

3. Protect stored cardholder data

4. Encrypt transmission of cardholder data across open, public networks

Maintain a Vulnerability Management Program

5. Use and regularly update anti-virus software

6. Develop and maintain secure systems and applications

www.pcisecuritystandards.org


Payment Card Industry Impact for Wincor Nixdorf

Encrypting Pad (EPP) Security Hardware Firmware

Encrypting PIN Security (Remote Key Load - RKL, Key Management)

PCI Compliant Firmware PCI Compliant ATM Software:

ProClassic (NDC/DDC/IFX) RKL Solutions: ProRKL & PT/E-RKL

Data Security (operations, infrastructure and processes)

Platform Security Agent (PSA) ProTect/One PT/E- HVPN


Wincor NixdorfComprehensive Security Suite

ProTect/One

Plattform Security Agent ( PSA)

Remote Key Loading Solutions

TCP/IP

HVPN

Hardware Virtual Private Network

Plattform

Anwendung

PSA


Questions ?


Thank You!

Documents

January 2008 Chad Young Director, Distribution Channels U.S