No announcement yet.

CANCELED Salvador Mendoza - Payment Systems: The Art of Analyzing Mag-stripe, Tokenization, NFC...

  • Filter
  • Time
  • Show
Clear All
new posts

  • CANCELED Salvador Mendoza - Payment Systems: The Art of Analyzing Mag-stripe, Tokenization, NFC...

    Salvador Mendoza - Payment Systems: The Art of Analyzing Mag-stripe, Tokenization, NFC and EMV Technologies
    Latest details, requirements, description, cost:

    Training description:

    Students will learn since the first day by practicing, analyzing and testing with different tools. banking cards and equipment such as ACR122, PN532, PN7150, ELMA, contact EMV reader, Android applications and some other mechanisms.

    This training is divided by technologies and communication protocols to have a better and easy understanding to conceptualize techniques. The intensive hand-on training will give the students the opportunity to learn, practice and interact with real attack scenarios. Understanding how malicious individuals can bypass, find or exploit security mechanisms in payment systems, and what are the applied countermeasures in each technology.

    There are many questions that this training will try to solve, such as, how difficult is to make a contact or NFC replay attack? Is it possible? What type of hardware is involved in attack surface? What are the limitations in a relay approach and its characteristics? Is it possible to replay a tokenized number from a third-party technology? Or to downgrade an EMV transaction in the actual payment systems? Can we relay contact EMV data over internet?

    We will be practicing with real NFC/Magstripe/Tokenization/EMV banking cards starting right away from the first day. Demonstrations and real scenarios will be presented with physical and digital payment systems and their possible exploitation. Furthermore, we will discuss new type of attacks or data extraction that is not very well documented.

    Course overview:

    Introduction to the training dynamics - ½ hour

    Objective: Explaining how the training sessions are divided. Adding that we will analyze goals and perspectives about the training. Also detailing how the training is organized and a short introduction from each member of the session.

    Module 1 - Payment systems and Security – 1 hour
    Objective: Understanding the base fundamentals in the payment system environments. The trainees will be on the same page about payment system security, and how to approach the payment system analysis. Learning about how the transactions are verified and processed in the communication with the terminal. Answering important questions, such as, why the communication APDU protocol is not encrypted, and what are the other mechanisms that protects the transactions?

    Module 2 - Toolset Environments – 2 hours
    Objective: Analyzing specialized payment system scenarios, we must follow adequate procedures. Knowledge is important, but also the tools and methodologies that we will implement in this session. Those tools should be specialized for each payment system technology to help us in the training learning process. We will talk about the lab environment, its organization and how to navigate through it.

    Module 3 - Magnetic Stripe Data – 1 hour
    Objective: Learning Magstripe data is important to understand actual concepts and technologies. To learn more complex payment system scenarios, we should understand the past ideas of security and encoding.

    Module 4 - Communication Process for EMV Transactions – 2 ½ hours
    Objective: Jumping into the APDU protocol to understand the communication between the terminal/PoS and other technologies such as NFC or EMV contact transactions. Understanding the packet generation, commands, and responses to know the structure and the transactions core. We will finish this module knowing how to handle NFC and EMV communication transactions.

    Module 5 - EMV Technology – 2 hours
    Objective: Relating tendencies with Magstripe and APDU communication process, we will be ready to analyze contacted transactions. Analyzing advanced APDU commands and responses mechanisms to see how the security approach is in this payment method. In this process, we will implement a special hardware tool to emulate EMV data.

    Module 6 - Near Field Communication – 2 hours
    Objective: Applying concepts from Module 5 and Module 6, the trainees will be able to relate security procedures in the NFC protocol. Previous knowledge will be used to understand and detail NFC transactions, APDU communications, cryptogram analysis and cardholder verification methods.

    Module 7 - Tokenization Process – 1 hour
    Objective: Following Modules 3, 4 y 6, the tokenization process will take us to the opposite side of the static Magstripe data. Analyzing the art of seeding in the encryption process for token generation; adding that we should understand what and how the current technologies implement the tokenization process including digital wallets.

    Module 8 - Cloning, Replay and Downgrade Attacks – 2 hours
    Objective: Reversing and analyzing transactions to understand wild attacks in the payment systems. Knowing how to perform and generate PoCs implementing our advanced toolset environment. Adding that the trainees will participate in real hand-on exercises to run specific attacks.

    Module 9 - Relay Magstripe, NFC and EMV Technologies – 2 hours
    Objective: Giving all the previous methodologies and attack scenarios, we will integrate them into a new level of attacks. To learn how to generate relays in the payment systems is important, and how to analyze time-bounding countermeasure mechanisms. The participants will use our laboratory to relay APDU data locally to understand the timing and the transaction countermeasures limitations in all the technologies.

    Student skill level:

    Difficulty: Beginner

    Experience or skills needed: Python, Linux environment experience but not required

    What should students bring to the Training?:

    We will provide the hardware tools for each student. Also, a Virtual Machine for the lab environment. These tools are not included in the training price. Some of the tools might be available for purchase after the training.

    Students are required to bring a laptop with VMWare Fusion or VMWare Player with at least 20 GB in hard drive space and 4GB in RAM memory. Students can bring their own NFC cards that are expired or canceled to test them in the training.


    Salvador Mendoza is director of research and development at Metabase Q and member of the Ocelot Offensive Security Team.

    Salvador focuses on tokenization processes, payment systems and embedded prototypes. He has presented on tokenization flaws and payment methods in different conferences such as Black Hat USA, DEF CON, HITB, Troopers and many others. Also, Salvador designed different tools to research about payment systems, Bluetooth, and tokenization processes.

    Author of “Show me the (e-) money Hacking a sistemas de pagos digitales: NFC. RFID, MST y Chips EMV“. A Spanish-written book with a collection of different attacks against payment systems.

    Trainer(s) social media links:

    Previous Trainings:

    Black Hat USA 2016 | Briefings

    DATE:Aug 15th to 16th 2022
    TIME:9am to 5pm PDT
    VENUE:Caesars Forum Ballroom
    TRAINER:Salvador Mendoza

    - 16 hours of training with a certificate of completion for some classes
    - COVID safety: Masks required for indoor training
    - Note: Classes that do not meet their minimum class size by July 15 will be canceled, please register early
    - Note: Food is NOT included
    Last edited by number6; July 30, 2022, 20:44.