Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

PinPadPwn

44CON Information Security Conference via YouTube

Overview

Explore the vulnerabilities of pin pads and payment terminals in this 57-minute conference talk from the 44CON Information Security Conference. Delve into the complexities of Chip and Pin technology, EMV protocols, and the expanding attack surface of payment devices. Learn about memory corruption vulnerabilities and their potential for code execution on terminals. Examine case studies, witness demonstrations of exploits, and understand the implications for payment security. Gain insights into vendor fixes, device administration, and future security considerations for payment systems.

Syllabus

Intro
Rafael
Payment terminals
Previous attacks
Attack Surface
Research Approach
Common setups
Payment ecosystem
Chippin payments
Chipandpin payments
Smart cards
EMV Lab Doc
First Attempt
Smart Card
Case Studies
Payment Terminal
Network Interface
Memory Dump
Password Check
EMV Buffer Overflow
Demo
Demo Summary
Vendor Fix
Device Overview
Payment Application
Remote Administration
Demonstration
Payment
CashInHide
Future Work
More Updates
Conclusion
Security
Security questions

Taught by

44CON Information Security Conference

Reviews

Start your review of PinPadPwn

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.