Get to the Money: Hacking POS and POP Systems



It’s no secret that where’s money, there are attackers as well. That is why Retail is the field with most security incidents related to credit card stealing. In this presentation, we will describe ways an attacker may use to get access to Point of Sale (POS) or Point of Purchase (POP) systems. Moreover, we will demonstrate some critical SAP POS vulnerabilities and discuss security level of modern POS systems.

To demonstrate them we will use SAP POS developed by SAP (a major enterprise system developer). Demonstration of a fully operational attack vector, starting at beginning of an attack and ending with accessing critical data. Although POS security has been widely covered, we’ll use practical examples instead of common truth and blanket statements.

Caution! After the presentation, you won’t be able to swipe your credit card at stores as carelessly as you used to.

Location: BALLROOM 1 Date: August 24, 2017 Time: 2:00 pm - 3:00 pm Dmitry Chastuhin Vladimir Egorov