All Your Payment Tokens Are Mine - Vulnerabilities of Mobile Payment Systems
Offered By: Black Hat via YouTube
Course Description
Overview
Explore vulnerabilities in popular mobile payment systems in this 23-minute Black Hat conference talk. Discover how offline payment schemes, designed for smooth user experiences in poor network conditions, can expose security weaknesses. Learn about practical attacks on MST-based mobile payments, sound pay systems, and QR code payments through sniffing and interruption techniques. Examine a critical security flaw and bonus attacks involving token sniffing and protection. Gain insights into potential remedies for these vulnerabilities, enhancing your understanding of mobile payment security challenges and solutions.
Syllabus
Intro
Mobile payment is so popular!
Mobile payment don't use network
Offline payment schemes
Security weak points
Security is not that bad
Practical Attacks
MST based mobile payment
Devices used to attack MST
Attack Sound Pay
Attack QR code payment, sniffing
Attack QR code payment, interrupting
A security flaw
Bonus attack, token sniffing
Bonus attack, token protection
Remedy
Taught by
Black Hat
Related Courses
Blockchain Scalability and its Foundations in Distributed SystemsThe University of Sydney via Coursera Don's Introduction to Ethical Hacking for Beginners
Udemy Hacking und Netzwerkanalyse mit Wireshark - Der Komplettkurs
Udemy Penetration Testing of Identity, Authentication and Authorization Mechanism
Pluralsight ASP.NET MVC 5 Identity: Authentication and Authorization
LinkedIn Learning