Announcement

Collapse
No announcement yet.

(Strom Carlson) Hacking FedEx Kinko's: How Not To Implement Stored-Value Card Systems

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • BeaMeR
    replied
    Re: (Strom Carlson) Hacking FedEx Kinko's: How Not To Implement Stored-Value Card Sys

    Originally posted by Strom Carlson
    That Strom guy is such a nub. :)
    He sure is, I didnt even bother to attend his talk.

    Leave a comment:


  • Strom Carlson
    replied
    Re: (Strom Carlson) Hacking FedEx Kinko's: How Not To Implement Stored-Value Card Systems

    That Strom guy is such a nub. :)

    Leave a comment:


  • (Strom Carlson) Hacking FedEx Kinko's: How Not To Implement Stored-Value Card Systems

    Hacking FedEx Kinko's: How Not To Implement Stored-Value Card Systems
    Strom Carlson, Hardware Security, Researcher, Secure Science Corporation

    Abstract:
    ExpressPay is a stored-value cash card system which utilizes the Infineon SLE4442 chip; it was developed by enTrac Technologies of Toronto, Ontario, and its largest application is as the pre-paid cash card system in use at FedEx Kinko's. Analysis of a few dozen cards reveals that the data stored on the card is unencrypted and poorly protected against fraud, and a simple attack can be used to obtain the security code necessary to alter the data on the card. This talk will step the audience through the analysis, research, attack, and subsequent tests performed on the ExpressPay system, and conclude with recommendations on how to implement a more secure stored-value card system.

    Bio:
    Strom Carlson is a hardware security researcher at Secure Science Corporation, the organizer of the Los Angeles area Defcon Groups chapter (DC213), and the co-host of Binary Revolution Radio. He enjoys tinkering with technology, playing with telephones, and having a good time with whatever he happens to be involved in.
Working...
X