I made a presentation at HITCON 2014 in Taiwan, the title is “Make a secure mobile payment”.
Recently, many kinds of mobile payment have launched, and it has got a large share of payment transactions in the world. As we know that, a breach of payment is highly dangerous because it could be exploited to steal real money, directly.
I have found diverse flows and vulnerabilities during security testing. Some of them could be used to acquire payment data and to change transactions. I will talk about threats of mobile payment and cases of vulnerability. Also, I am going to share how to test the security of mobile payment.