A new technology from Intel will secure transaction data in point of sale endpoint devices from malicious software running on the device itself.
The retail industry has been hit by a plague of retail point of sale breaches involving malware running on the POS terminals themselves. Such terminals are generally Windows PCs with specialized hardware running point of sale software.
Intel's Data Protection Technology for Transactions utilizes the Dynamic Application Loader (DAL) technology available on second and third generation Core and some Atom processors. DAL accesses a protected execution area of the CPU, with all communications to and from it cryptographically protected.
The new technology protects even the communications from the point of card swipe or other payment device attached to the POS. As a result, the conventional POS software running in the conventional Windows environment never sees sensitive transaction data, and neither can malware on the terminal. Intel partnered with NCR in the development of the Data Protection Technology for Transactions, which will be available to retailers in 2015.
Especially when combined with other defensive technologies, such as software whitelisting, the new approach should block many of the attack techniques that have hit Target, Home Depot, KMart and others recently.
Intel states that the technology "...supports all modern forms of credit/debit payment including EMV, Magnetic Stripe and Near Field Communication (NFC) readers, including Apple Pay." It also supports all POS form factors, including tables, as long as they have a CPU that supports it.
The technology is extensible to markets other than point of sale. As an example, Intel describes airport handling of drivers license or passport data.