Explore vulnerabilities in mobile point of sales systems through a comprehensive conference talk delivered at 44CON 2018. Dive into the security implications of lowering economic barriers for accepting card payments and the risks associated with relying on older card standards like mag-stripe. Witness live demonstrations of new vulnerabilities affecting major mPOS providers, including Square, SumUp, iZettle, and PayPal. Learn about man-in-the-middle attacks, sending arbitrary code via Bluetooth and mobile applications, modifying payment values for mag-stripe transactions, and firmware vulnerabilities leading to denial of service and remote code execution. Discover how to conduct attacks using simple, low-cost hardware and automate the process of sending pre-generated messages to mPOS devices during transactions. Gain insights into integrating testing practices into organizations and research, identifying weaknesses in payment technologies, and evading detection despite anti-fraud and security mechanisms. Read more