Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Contactless Overflow Code Execution Vulnerabilities in Payment Terminals and ATMs

DEFCONConference via YouTube

Overview

Explore groundbreaking security research on NFC payment readers in a 40-minute conference talk from DEF CON 31 that reveals critical code execution vulnerabilities affecting major ATM brands, point-of-sale systems, and payment terminals worldwide. Learn about the technical details of exploitable flaws discovered in application protocol data units (APDU) across multiple vendors including IDtech, Ingenico, Verifone, CPI, BBPOS, Wiseasy, and Nexgo. Witness live demonstrations showing how payment readers can be compromised using a custom Android app through simple NFC tapping, and understand the financial implications of firmware exploitation including card data theft. Dive into advanced attack scenarios involving USB-connected host compromise through SDK vulnerabilities and potential ATM jackpotting methods leveraging IDtech readers. Gain insights from years of ATM security testing experience and learn about the technical feasibility of various attack vectors targeting payment infrastructure.

Syllabus

DEF CON 31 - Contactless Overflow Code Execution in Payment Terminals & ATMs - Josep Rodriguez

Taught by

DEFCONConference

Reviews

Start your review of Contactless Overflow Code Execution Vulnerabilities in Payment Terminals and ATMs

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.