ATMIA Consultant - Costin Enache
Education
Education
  1. Home
  2. Education
  3. ATM Consulting

Costin Enache

DETACK GmbH Costin Enache

Costin Enache

DETACK GmbH

Consultant

Download Resume/CV

Contact Consultant

Costin has over ten years of experience in IT security auditing and vulnerability assessment of financial institutions, state organizations and industrial enterprises. He has been working as a senior security consultant and auditor on the international scene by providing consulting for securing banking, cash processing centres and networks for the past decade.

Expertise:

Expertise / areas of competence –software and computer related hardware, such as ATM / POS devices, CDM/CRM, EPP, CRW, etc., but not physical security:

  • ATM security auditing and testing: performing security audits and testing against the entire landscape (device, network, and host), simulating real attacks, looking for both standard (O/S, vendor API, network), but also application layer security vulnerabilities in the ATM operational and management applications and frameworks. The typical devices under scrutiny are NCR, Wincor, KEBA, with a vast range of application and controlling software solutions and platforms.
  • ATM security consulting: provide consulting in respect to improving the ATM device, network and host safety, define evaluation criteria for cryptographic requirements, develop measures and devices (hardware and software) for prevention of logical ATM attacks, assisting banks and ATM/POS operators in defining trust zones and improving the safety of ATM operations by protecting key areas – dispenser unit, EPP, and card data. Typical projects are ATM network hardening, local ATM security implementation, full disk encryption / IPS for ATMs, cash operations signing, cached customer data protection.
  • ATM security development: development of hardware / software solutions for preventing logical attacks and compensating for the lack of a trusted environment in the typical ATM computer unit; solutions for prevention of offline attacks by full disk encryption and signed boot-loader, with ATM integrity verification.

 

Professional Qualifications:

  • Consulted clients which include operators of 40.000+ ATMs, self-service terminals and POS systems
  • Clients serving 2.000+ individual banks ? cooperative, savings, private banks ? for core banking, online banking, automated cash processing terminals
  • Clients serving 150+ banks for online brokerage, investment and foreign exchange
  • Consulted hardware and software manufacturers for product security improvement
  • Non-financial clients include national telco, 15+ insurance companies, air transport, government

 

Bio:

  • Co-Founder, Detack GmbH
  • Member of ISACA, DSAG, ATMIA
  • CRISC Certified (ISACA)

Costin Enache - Download Resume/CV


Global Sponsor - PAI
Global Sponsor - Auriga
Global Sponsor - Euronet Worldwide
Global Sponsor - FIS
Global Sponsor - Diebold Nixdorf
Global Sponsor - Prosegur
Global Sponsor - DPL
Global Sponsor - KAL
Become a Global Sponsor
Special Offer Image ATM Security Association Image Special Offer Image
Global Sponsors

Sponsorship Information