Attacking NFC Mobile Wallets: Why I’d Rather Swipe Your Credit Card

BSidesROC 2013

Presented by: Max Sobell
Date: Saturday April 06, 2013
Time: 11:00 - 11:50
Location: Cathedral hall

This talk covers the attack surface of NFC Mobile Wallets (including Google Wallet) and details attacks to date. As more and more Mobile Wallet rollouts are deployed, it is important to understand Wallets’ inherent strenghts and limitations. This talk details communication with the Secure Element, the EMV payment standard, and Android, iOS, and BlackBerry NFC APIs.

Max Sobell

Max is a senior consultant at Intrepidus Group. Along with traditional security assessments, Max frequently reviews pre-release embedded devices to ensure both hardware and software meet industry best practices. He has done extensive hardware security research, notably in the fields of RFID, NFC, and Bluetooth. He has spoken at security events including local conferences, CanSecWest, ShmooCon, SecTor, and OWASP. Max is a licensed HAM operator and contributes chapters to several best-selling Linux reference books.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats