How Secure is Your Kiosk?

  • Type: Article
  • Author: Stephanie Kropkowski
  • Date: November 2006
  • Download PDF
Enlarge image

Planned Parenthood of Metropolitan Washington utilizes KioWare Kiosk Software’s virtual keyboard feature along with hardware provider 5point’s privacy panels.

Enlarge image

IKEA Gateshead uses KioWare Kiosk Software to ensure users can only access the application.

Is your banking kiosk truly safe and secure? While the image of cartoon character running off with your kiosk may not be feasible (although it is humorous), it does not mean your kiosk is necessarily secure.

The physical security of a kiosk is usually a concern of the kiosk hardware provider. Kiosk vendors address security by securing the kiosk in a locked durable enclosure, utilizing a trackball instead of a mouse and replacing a regular keyboard with a kiosk keyboard that removes specialty keys that normally allow access to the complete system. Even with kiosk hardware security measures, the kiosk is still at risk for security threats at the kiosk system level.

Without a safeguard at the kiosk system level, users can easily access your entire system and change any settings they wish. Kiosk system software, such as KioWare kiosk software, prevents security threats by locking down the system OS and desktop. The software wraps around existing applications so that users can access only your application and nothing else. This prevents the user from accessing any Internet Explorer menus and the Windows Desktop by removing all menu and window functions from Internet Explorer. All that is displayed to the user is the content window.

Additional security measures are important for applications that have a keyboard available to the user. Certain keystrokes are critical to lock out, particularly, Ctrl-Alt-Del. Kiosk system software should also have the ability to lock down other Function keys such as Esc, Alt, Ctrl, Start Menu, Windows, Del, Ins, Arrows, PgUp, PgDn and Print Screen. To avoid the need for a keyboard, and the misuse of it, KioWare ships with an optional virtual onscreen keyboard.

Privacy is another significant issue in banking applications as confidential and private information is often displayed. It is critical for a user’s session to be terminated, cookies and cache be cleared, and the application reset to the start page immediately upon leaving the kiosk. Where user privacy is most crucial, KioWare can easily be configured to use a security mat or proximity switch to initiate the user session and more importantly to end a user session. When a user trips the security mat or proximity switch, KioWare exits attract screen mode, and when the user leaves the security mat or proximity switch, then KioWare can run a logoff script, clear cookies and cache, and enter attract screen mode. If the kiosk does not utilize a security mat or proximity switch, but still requires a user to log off when the session ends, KioWare will run a logoff script to ensure the prior user was properly logged off.

Additionally, in banking applications that utilize a printer, it is important that unclaimed printed material be retracted back into the kiosk as the information is likely highly sensitive. Whereas many printers have a timer that will retract unclaimed paper, if you use a printer that supports programmatic retraction, then KioWare will immediately retract the paper as soon as the user leaves the kiosk rather than wait for the timer to timeout.

Finally, if the kiosk is connected to the Internet, it is important to prevent the user from accessing URLs not applicable to the function of the kiosk. Hiding the address bar and incorporating domain and page checking into the kiosk system software can accomplish this. KioWare does this by blocking or allowing domain navigation from an unlimited list of domains. And for any given domain, KioWare can also allow or deny access to an unlimited number of individual pages. Additionally, when Internet Explorer does not recognize a file, it would normally present a dialog box to the user asking whether to download and either open or save the file. KioWare can prevent the dialog box from being presented and also prevent the file from being downloaded.

Overall, kiosk system software can provide the security and privacy your application may not be able to provide. As an added bonus, utilizing kiosk system software separate from your kiosk application will make updating and changing your application easier. Your application should focus on usability, let KioWare kiosk system software worry about security.

Want more? Here are some related posts:
Kiosk System Software – Necessary Security for Your Kiosk Project
Protect from Security Breaches
Kiosk Software Prevents Hacking
Kiosk Software: Security Features
Kiosk Security and Privacy