Overview
Explore a security-focused conference talk that delves into vulnerabilities within public transportation payment systems, particularly mobile payment solutions. Learn about the evolution of transit payment methods and their security implications through a detailed case study of Moovit, a transportation app used across 5000+ cities in over 100 countries. Discover how API vulnerabilities were identified through SSL-encrypted data analysis, including methods to obtain unauthorized free tickets and access personal user information. Gain practical insights into security risks associated with transportation applications and understand recommended measures for enhancing the security of these systems.
Syllabus
DEF CON 31 - How Vulns in Global Transportation Payment Systems Cost You - Omer Attias
Taught by
DEFCONConference