2011 Talks

Mobile and Contactless Payment Security

Contactless and mobile payments are set to become the next big thing – from payment cards which allow for ‘tap and go’ transactions, to add-on hardware for iPhones and iPads. This talk aims to educate about how contactless cards work from the protocol layer up, what data is on them and how it's protected. It will also provide practical information on the methods which can be used to ‘eavesdrop’ on contactless transactions, and if this is something you should be worried about next time you go shopping.

Technical detail will be provided on the cloning of contactless cards, and the acronym soup of SDA, DDA, CDA, CVC3, iCVV, AC, ARCQ, SAD will be sifted to separate out the juicy noodles of information. Recent advances in mobile payments will be discussed, along with details on what plans are in place to secure this method of payment.

Speaker: Peter Fillmore

 Peter Fillmore is a Security Engineer working at Witham Laboratories in Melbourne, Australia, where he performs physical and logical security evaluations to various standards such as PCI PTS. In this capacity, Peter has worked with contact and contactless payments systems developed by some of the largest payment systems companies in the world.

Peter has helped to develop some of the emissions analysis methods used by Witham on a day to day basis, and when he is not elbow deep in circuits, code, or cryptography, he moonlights with his iPhone Developer Account and complains about his football team to anyone who will listen.

Practical demonstrations performed during the presentation will involve another member of Witham Laboratories staff, who will otherwise remain incognito during the presentation beyond the odd heckle about the presentation in general.


SSL Traffic Analysis Attacks SSL Traffic Analysis Attacks
The Security Of 3D Web Extensions SSL Traffic Analysis Attacks