back

Shopshifting

The potential for payment system abuse

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
00:58:00
Language
English
Abstract
Payment systems are old and have – unlike card protocols – seen little scrutiny so far. This talk enumerates design and implementation flaws in payment processing systems, which can defraud consumers and merchants.

Like most embedded devices, payment system elements are potentially vulnerable to a range of attacks. This has not changed in years. What did change, though, is the exposure of these vulnerabilities: Serial interfaces are now exposed via ethernet; proprietary backend protocols are reachable over the Internet TCP, and flaws in real time operating systems are widely known.

This talk provides an overview of design issues and implementation vulnerabilities in current payment processing systems, including un-authenticated protocols and insecure hardware implementations, which enable fraud vectors against merchants who operate payment terminals and consumers who use them. Some of them remote and pre-auth ...

Talk ID
7368
Event:
32c3
Day
1
Room
Hall 2
Start
9:45 p.m.
Duration
01:00:00
Track
Security
Type of
lecture
Speaker
Karsten Nohl
Fabian Bräunlein
dexter
Talk Slug & media link
32c3-7368-shopshifting

Talk & Speaker speed statistics

Very rough underestimation:
135.4 wpm
772.1 spm
While speaker(s) speak(s):
141.2 wpm
808.2 spm
130.1 wpm
728.9 spm
133.4 wpm
738.9 spm
150.4 wpm
877.9 spm
100.0% Checking done100.0%
0.0% Syncing done0.0%
0.0% Transcribing done0.0%
0.0% Nothing done yet0.0%
  

Work on this video on Amara!

Talk & Speaker speed statistics with word clouds

Whole talk:
135.4 wpm
772.1 spm
terminalpaymentpinhsmterminalslaughterkeynohltransactionapplausekeysmessageprotocolscardbräunleinprotocolmerchantcasezvtprocessornumbermaccashiergermanyposeidonattackworksendaccounttimebackendsecondattackeractualnetworkmoneysecuremessagessimplycoursesecurityfindconnectedbankthingsstoredextergoodcountriesalright
While speakers speak:
141.2 wpm
808.2 spm
terminalpaymentpinhsmkeyterminalsmessagetransactioncaseprotocolszvtmerchantprotocolcashierkeysmaccardnumberlaughterprocessorattackersendgermanyposeidonaccountbackendnetworkattackworksecuresecondsimplytimesecurityfindactualmoneyconnectedapplausenohlcoursemessagescountriesmoduleprotectionthingscorrectthingbräunleinalright
Fabian Bräunlein:
130.1 wpm
728.9 spm
terminalpaymentsimplybackendhsmpinbräunleinprocessorlaughtermessagebytemacalrightsecondportcorrectkeythingsetresetissuetransactioncashierregistercaseapplausemerchantnetworkmanmiddlemessagesconfigurationbankaccountmatchsendgoodterminalsactualpasswordreceiptbannermoneyprepaidbitsoftwaretimeattackerconnectedwork
dexter:
133.4 wpm
738.9 spm
hsmprotectionmodulemeshcaptamperconnectedcourseramsramcasejtagmacstuffbatteryproblemunderneathpicturebasicallyterminalcouplesecretkeysbacked-uppowerswitchesattackerdefeatmeasurecutcornerspcbcontinuousmonitoringsidesgluepushflashscreentextsignedsendwrong41applausedextertalkmagicgreybox
Karsten Nohl:
150.4 wpm
877.9 spm
terminalpaymentpinprotocolskeyprotocolterminalsgermanyzvtnumberkeyssecuremerchanttransactionnohlcardposeidonattackmessagesecurityaccountcountriescashierfindnetworksupposedmoneysendlongbanksstorecaseactualworkstationcustomerattackerhsmfunctionalitylaughterthingsthousandstimesigntodayhackingcasesrequiremagstripesecond