PLEASE JOIN US FOR THE NEXT INSTALLMENT IN THE BLACK HAT WEBCAST SERIES

First Contact - Vulnerabilities in Contactless Payments

Thursday, August 20, 2020

11:00AM - 12:00PM PDT // 60 MINUTES, INCLUDING Q&A

Sponsored By:

ServiceNow

Contactless payments are fast replacing cash and chip inserted transactions. Now Accounting for a staggering 40% of transactions globally. Yet, contactless makes use of protocols much older than the technology itself. With this in mind, just how safe and secure are contactless payments?

In this talk, we discuss the intricacies of the EMV protocols. Our findings show that contactless payments are not as safe and secure as first thought. Their reliance on older technology has introduced several flaws into their protocols.

We detail new vulnerabilities; how to bypass limits for contactless payments made using cards and how to circumvent limits for mobile wallets, even on locked devices. We also cover flaws in the generation keys values, the unpredictable number (UN) and application transaction counter (ATC).

We close the session by discussing how existing implementations of card authorization processes differ from each other. Finally, we talk about the best practices that should be implemented to create a secure environment for payments.

Webcast Presenters

Leigh-Anne Galloway

Leigh-Anne Galloway is Head of Commercial Research at Cyber R&D Lab. She specializes in application and payment security. Leigh-Anne started her career in incident response, leading investigations into payment card data breaches. Which is where she discovered her passion for payment technologies. She has presented and authored research on ATM security, application security and payment technology vulnerabilities. Having previously spoken at DevSecCon, BSides, Hacktivity, 8dot8, OWASP, Troopers, Black Hat USA, and Black Hat Europe.

Timur Yunusov

Timur Yunusov is a Head of Offensive Security Research and a Security Expert in the area of banking security and application security. He regularly speaks at conferences and has previously spoken at CanSecWest, PacSec. DEF CON, Black Hat USA, Black Hat Europe.

Sponsor Speaker: Karl Klaessig

Karl is ServiceNow’s Director of Product Marketing, Security Operations and has over 15 years of experience in product positioning and marketing of enterprise security platforms, including SIEM, SOAR and endpoint technologies, most recently from Product Marketing roles at RSA and McAfee, where he was responsible for the positioning of their security operations and automation platforms. When not focusing on enterprise security, he can be found hiking and kayaking with his wife Rachel and their six children, yes six – it’s not a misprint!

Upcoming Black Hat Events

BLACK HAT ASIA

September 29 - October 2, 2020 | Virtual Event

Black Hat c/o Informa Tech

Informa Tech Holdings LLC registered in England & Wales with number 8860726,
registered office and head office 5 Howick Place, London, SW1P 1WG, UK.

This email was sent to newsletter@newslettercollector.com.