For the Love of Money - Finding and Exploiting Vulnerabilities in Mobile Point of Sales Systems

Explore the security vulnerabilities in mobile point of sales systems in this 41-minute Black Hat conference talk. Delve into the implications of lowering economic barriers for card payment acceptance and the risks associated with outdated card standards like mag-stripe. Gain insights into payment attack vectors, previously limited to specific projects and those with direct access to POS infrastructure. Learn about exploiting Bluetooth vulnerabilities, sending arbitrary commands, and modifying payment comments. Discover recommendations for improving security and understand the role of secondary factors in mobile payment systems. Presented by Leigh-Anne Galloway and Tim Yunusov, this talk offers valuable information for cybersecurity professionals and those interested in payment system security.

Introduction
Background
Outline
Bluetooth
Sending arbitrary commands
Modifying payment comments
Recommendations
Secondary Factors