Case Study: Multinational Technology Corporation strengthens payment device security with Sternum

Closing Memory Leaks 
 in a New Personal Payment RTOS Device

Multinational Technology Corporation, a financial services company developing a new personal payment RTOS device, needed to secure sensitive information in ARM TrustZone while meeting strict regulatory demands. The team also wanted strong 0-day protection, remote device visibility, and minimal performance impact on Zephyr-based devices, so it turned to Sternum’s Embedded Integrity Verification (EIV™) security technology and Remote Observability Platform.

Sternum’s EIV™ identified a memory integrity flaw within hours of deployment, flagged the issue with precise code and memory-location details, and helped engineers quickly fix a non-null-terminated string bug that could have led to buffer overflow, data corruption, or remote code execution. Sternum also demonstrated protection against heap buffer overflow, double-free, use-after-free, and ROP attacks, and the solution passed third-party regulatory testing for the payment device, delivering strong memory protection and control flow integrity with near-zero overhead.