POSWorld. Should You be Afraid of Hands-On Payment Devices?

Presented at Black Hat Europe 2020 Virtual, Dec. 10, 2020, 11:20 a.m. (40 minutes).

The dark market is full of cloned Point of Sales terminals and offers for fake merchant accounts. But how do they get there if every terminal is built to have anti-tampering mechanisms, segregated memory for private crypto keys, and multiple other layers of protection? In this talk, we follow the life cycle of the most popular PoS terminals of major vendors from their release onto the retail market through to breaking the device and cloning the terminal.

We show you exactly what it takes for hackers to use PoS terminals to cash out.


Presenters:

  • Aleksei Stennikov - Hardware Security Engineer,  
    Aleksei Stennikov is a security engineer, hardware expert, ICS/SCADA, and ATMs researcher, passionate in hardware and low level security. He has conducted numerous ATM, ICS/SCADA systems and hardware audits and researches. He is a speaker and co-author of research presented at numerous conferences including Black Hat USA, Positive Hack Days, and OffZone.
  • Timur Yunusov - Head of Offensive Security Research, Cyber R&D Lab
    Timur Yunusov is a head of offensive security research and security expert in the area of payment security and application security. He regularly speaks at conferences and has previously spoken at CanSecWest, PacSec. DEF CON, Black Hat USA, and Black Hat Europe.

Links:

Similar Presentations: