Explore the world of NFC payment security in this comprehensive conference talk from HITB GSEC 2018. Delve into the intricacies of relay and replay attacks, examining their increasing sophistication and prevalence in the payment industry. Learn about the combination of technologies involved, including SDR, NFC, APDU, hardware emulation, specialized software, tokenization protocols, and social engineering. Discover how common hardware can be used for these attacks, or how a device can be created for just $35. Witness real-world scenarios demonstrating the exploitation of NFC transactions using RFID emulation. Gain insights into potential vulnerabilities in future NFC implementations. Experience live demonstrations featuring SDR communication, RFID emulation, APDU communication, and data extraction from physical and digital cards. Presented by Salvador Mendoza, a renowned security researcher specializing in tokenization processes, mag-stripe information, and embedded prototypes.
Overview
Syllabus
#HITBGSEC 2018 D2: NFC Payments: The Art Of Relay And Replay Attacks - Salvador Mendoza
Taught by
Hack In The Box Security Conference