wang pos

NewSky Security IoT HaloTM is designed for two types clients in the IoT space: Device Manufacturers (DM), and Service Providers (SP). IoT Device Manufacturers are entities that build IoT devices. IoT Service Providers are those that purchase IoT devices, and use those devices to run their businesses.

IoT HaloTM Use Case for an IoT Device Manufacturer

In this example, the company WeiZhiQuanJing, or WZQJ in short, is a Smart Point of Sales (POS) DM responsible for a product named WangPOS. WangPOS is an Android-based portable POS device that is carried around for point-of-sale services.

The focus of WZQJ is to promote the sales of the WangPOS device, and get as many devices to market as possible. One concern for WZQJ is in acquiring the components such as processors, screens, printers, and magnet heads, and assembling these components as a working system. Another concern is in updating their customized Android system on the device, and in working with app developers so that they develop payment apps for WangPOS. WZQJ understands that security is essential to the success of their product. At the same time, they may not have the bandwidth or staff to build a fully secure system.

IoT HaloTM offers a secure solution. It is not required for WZQJ to write secure software, and they do not need to convince hundreds of app developers for WangPOS to rewrite their apps in a secure way. Instead, they can use IoT HaloTM to secure their system. To secure their system, they would configure each WangPOS device to use IoT HaloTM and each WangPOS device then begins communicating to the cloud using an encrypted network. On the server-side, NewSky Security’s AI monitors the network traffic of each WangPOS device and reports any anomaly or odd behavior. NewSky Security’s AI also performs predefined intervention such as to block certain traffic, or isolate (quarantine) a potentially infected device from the rest of the network.

IoT HaloTM Use Case for an IoT service providers

IoT HaloTM can also be used by IoT service providers. One client, Beijing Culture Equity Exchange, or BCEE, uses WangPOS and other similar smart POS machines in their warehouse to help their customers make purchases. BCEE must ensure each transaction is secure to protect their customers. Instead of constantly monitoring WZQJ on each OS update on WangPOS and monitoring each app update from each individual app developer for WangPOS, BCEE uses IoT HaloTM to monitor the entire process.

Even if a payment app on a WangPOS device is using an insecure network communication to make a payment, the network traffic is protected by a secure connection with IoT HaloTM within the cloud. Furthermore, the transaction is monitored by NewSky Security’s AI, 24x7. If a device is compromised and is used to perform an attack such as a Replay Attack[1], such malicious behavior will be detected by NewSky Security’s AI and promote further investigation.

References:
Relay Attack. An attack which requires minimal knowledge of the transaction. By repeatedly sending the recorded transaction data to the server, an attacker can make the consumer in a transaction pay multiple times during the same transaction, causing monetary loss to the buyer.