Point of Sale System Architecture and Security
By Lucas Zaichkowsky
To most people, Point of Sale (POS) systems with integrated payment processing are a black box where magic happens. Financial criminals breach hundreds of merchants each year, displaying a better understanding of how these systems operate than the dealer technicians that install and maintain them. With an understanding of POS architecture, integrated payment processing, and weaknesses in the technology, security professionals can better protect local businesses, major retailers, and developers handling payment card information. In this session, attendees will learn and see how POS components operate, their integration points, and the flow of payment data including where it's most vulnerable. A live demonstration will show exactly what sensitive data is passed in the clear by both magstripe and EMV chip readers, mapping it from peripheral all the way through the electronic payments infrastructure. Common attack vectors will then be presented, building on that architectural knowledge. Finally, top attack mitigations will be provided to save businesses from being breached and the disastrous losses that result.
Видео Point of Sale System Architecture and Security канала Black Hat
To most people, Point of Sale (POS) systems with integrated payment processing are a black box where magic happens. Financial criminals breach hundreds of merchants each year, displaying a better understanding of how these systems operate than the dealer technicians that install and maintain them. With an understanding of POS architecture, integrated payment processing, and weaknesses in the technology, security professionals can better protect local businesses, major retailers, and developers handling payment card information. In this session, attendees will learn and see how POS components operate, their integration points, and the flow of payment data including where it's most vulnerable. A live demonstration will show exactly what sensitive data is passed in the clear by both magstripe and EMV chip readers, mapping it from peripheral all the way through the electronic payments infrastructure. Common attack vectors will then be presented, building on that architectural knowledge. Finally, top attack mitigations will be provided to save businesses from being breached and the disastrous losses that result.
Видео Point of Sale System Architecture and Security канала Black Hat
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![How Smartcard Payment Systems Fail](https://i.ytimg.com/vi/ET0MFkRorbo/default.jpg)
![Retail POS Testing - Aspire Systems](https://i.ytimg.com/vi/J1s9_cKoUds/default.jpg)
![System Design Mock Interview: Design Facebook Messenger](https://i.ytimg.com/vi/uzeJb7ZjoQ4/default.jpg)
![](https://i.ytimg.com/vi/WdCbaWzE7fA/default.jpg)
![Online games system design frontend PART 1 | online game software architecture](https://i.ytimg.com/vi/EU81tjgoKoI/default.jpg)
![What to Do When Clients Already Have POS. Get the Secret for Selling POS Clients.](https://i.ytimg.com/vi/Jx9hCzZ_Lrw/default.jpg)
![34C3 - DPRK Consumer Technology](https://i.ytimg.com/vi/5A2nPp-WVZo/default.jpg)
![Lesson 7.1: Online PIN General concept](https://i.ytimg.com/vi/b_wPrSrJTHs/default.jpg)
![Crash & Pay: How To Own And Clone Contactless Payment Devices](https://i.ytimg.com/vi/SLGl9X9LBv4/default.jpg)
![Hack JWT using JSON Web Tokens Attacker BurpSuite extensions](https://i.ytimg.com/vi/SuDN35-aefY/default.jpg)
![DEF CON 24 - Weston Hecker - Hacking Hotel Keys and POS systems](https://i.ytimg.com/vi/_Q3HuQnRtbU/default.jpg)
![Following APT OpSec failures](https://i.ytimg.com/vi/NFJqD-LcpIg/default.jpg)
![Understand Database Security Concepts](https://i.ytimg.com/vi/3Nxmv9NmMrQ/default.jpg)
![Architecture Deep Dive in Spring Security - Joe Grandja @ Spring I/O 2017](https://i.ytimg.com/vi/8rnOsF3RVQc/default.jpg)
!["Buy now, pay later": Consumer watchdogs warn of point-of-sale lending](https://i.ytimg.com/vi/W53kl4PChUU/default.jpg)
![10 Data Science Projects in the Retail Industry](https://i.ytimg.com/vi/yc6VvRVzSJI/default.jpg)
![KBE - Spring Boot Microservices on Kubernetes](https://i.ytimg.com/vi/zEEyg6JezEI/default.jpg)
![Famed software engineer, hacker Moxie Marlinspike and Lance Ulanoff on Cyber Security](https://i.ytimg.com/vi/rzWsgV33h1w/default.jpg)
![Anatomy of memory scraping credit card stealing POS malware - OWASP AppSecUSA 2014](https://i.ytimg.com/vi/r0YRcWoN6-c/default.jpg)
![How to 3D Photoscan Easy and Free!](https://i.ytimg.com/vi/k4NTf0hMjtY/default.jpg)