This two part presentation provides a detailed overview many of the issues surrounding Point of Sale system security. The first part of this presentation hi-lights those implementation problems that make point of sale systems so very easy to compromise in the first place. This will be done using multiple real world examples and scenarios involving even supposedly "secure" point of sale and cashless payment systems at large restaurant chains, retail environments, grocery chains, and other environments. Once we have established the ease of compromising these systems, and how these implementation issues can subvert even the best security controls on the PoS systems themselves, the focus will shift to malware commonly used in PoS compromises. Using examples found in the wild, the talk will demo certain malware, and discuss analysis of the same.
Rob Havelt is a director in McGladrey's Security and Privacy services division and the national leader for security testing services. Formerly a bourbon-fueled absurdist, raconteur, and man about town, currently a sardonic workaholic occasionally seeking meaning in the finer things in life. I enjoy lifting, carrying, dragging, and throwing impossibly heavy items, and most of the time, breaking electronic things.