Inducing Authentication Failures to Bypass Credit Card PINs
Offered By: USENIX via YouTube
Course Description
Overview
Explore a critical security vulnerability in credit card transactions using the EMV standard in this conference talk from USENIX Security '23. Learn how researchers from ETH Zurich discovered a flaw in the offline data authentication mechanism that allows bypassing PIN verification for high-value Mastercard transactions. Understand the technical details of how integrity checks using RSA signatures and keyed MACs can be exploited, and see a demonstration of an Android app that modifies unprotected card-sourced data to trick real-world terminals. Gain insights into the potential risks of this vulnerability and the researchers' recommendations for addressing this security issue in payment systems.
Syllabus
USENIX Security '23 - Inducing Authentication Failures to Bypass Credit Card PINs
Taught by
USENIX
Related Courses
Creative, Serious and Playful Science of Android AppsUniversity of Illinois at Urbana-Champaign via Coursera Pattern-Oriented Software Architectures: Programming Mobile Services for Android Handheld Systems
Vanderbilt University via Coursera Android. Programación de Aplicaciones
MirÃadax Programming Mobile Applications for Android Handheld Systems: Part 1
University of Maryland, College Park via Coursera Begin Programming: Build Your First Mobile Game
University of Reading via FutureLearn