Hand in Your Pocket Without You Noticing - Current State of Mobile Wallet Security
Offered By: Black Hat via YouTube
Course Description
Overview
Explore the vulnerabilities in popular mobile payment services like Apple Pay, Google Pay, and Samsung Pay in this 37-minute Black Hat conference talk. Discover how these seemingly secure systems can be exploited for fraud, particularly in public transport schemes. Learn about inconsistencies in contactless payments that allow malicious actors to defraud victims without physical access to their phones. Delve into the technical aspects of mobile wallet operations, including cryptogram requests and card mixup attacks. Examine specific vulnerabilities in Visa cards and transport modes, with a focus on Apple Pay and Mastercard. Gain insights into the current state of mobile wallet security and understand why these services may not adequately protect users against potential threats.
Syllabus
Introduction
Fraud against mobile wallets
How mobile wallets work
Background
Cryptogram Request
Can I use this data to make a purchase
Card mixup attack
Visa card attack
Transport mode
Apple Pay
Mastercard
Detective Story
Conclusion
Taught by
Black Hat
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network