For the Love of Money - Finding and Exploiting Vulnerabilities in Mobile Point of Sales Systems

For the Love of Money - Finding and Exploiting Vulnerabilities in Mobile Point of Sales Systems

44CON Information Security Conference via YouTube Direct link

Intro

1 of 48

1 of 48

Intro

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

For the Love of Money - Finding and Exploiting Vulnerabilities in Mobile Point of Sales Systems

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Point of Sale terminals
  3. 3 Bar in 44CON
  4. 4 Mobile pointofsale terminals
  5. 5 Previous research
  6. 6 Project overview
  7. 7 Security assessment
  8. 8 How payments work
  9. 9 Payment aggregators
  10. 10 Payment methods
  11. 11 EMV adoption
  12. 12 Schematic overview
  13. 13 Findings
  14. 14 Bluetooth
  15. 15 Bluetooth Protocol
  16. 16 Bluetooth Classic
  17. 17 Bluetooth Device Address
  18. 18 Bluetooth Attack Vectors
  19. 19 Maninthemiddle attacks
  20. 20 Enhanced data rates
  21. 21 Sending arbitrary commands
  22. 22 Prerequisites
  23. 23 Wireshark
  24. 24 In practice
  25. 25 In detail
  26. 26 What is fuzzing
  27. 27 The ESP32
  28. 28 Output
  29. 29 Sending
  30. 30 External Devices
  31. 31 Demo
  32. 32 Mac Stripe
  33. 33 Recommendations
  34. 34 Mobile POS
  35. 35 Reverse Engineering
  36. 36 Updating Process
  37. 37 Open Account
  38. 38 Un unencrypted firmware
  39. 39 Remote code execution
  40. 40 Why its important to have full access
  41. 41 Two potential problems
  42. 42 Scenario
  43. 43 Hardware Protection
  44. 44 Secondary Factors
  45. 45 Assessing risk
  46. 46 Conclusions
  47. 47 Vendors
  48. 48 Merchants

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.