Hacking Point of Sale: Payment Application Secrets, Threats, and Solutions

Sold by John Wiley & Sons
4
Free sample

Must-have guide for professionals responsible for securing credit and debit card transactions

As recent breaches like Target and Neiman Marcus show, payment card information is involved in more security breaches than any other data type. In too many places, sensitive card data is simply not protected adequately. Hacking Point of Sale is a compelling book that tackles this enormous problem head-on. Exploring all aspects of the problem in detail - from how attacks are structured to the structure of magnetic strips to point-to-point encryption, and more – it's packed with practical recommendations. This terrific resource goes beyond standard PCI compliance guides to offer real solutions on how to achieve better security at the point of sale.

  • A unique book on credit and debit card security, with an emphasis on point-to-point encryption of payment transactions (P2PE) from standards to design to application
  • Explores all groups of security standards applicable to payment applications, including PCI, FIPS, ANSI, EMV, and ISO
  • Explains how protected areas are hacked and how hackers spot vulnerabilities
  • Proposes defensive maneuvers, such as introducing cryptography to payment applications and better securing application code

Hacking Point of Sale: Payment Application Secrets, Threats, and Solutions is essential reading for security providers, software architects, consultants, and other professionals charged with addressing this serious problem.

Read more
Collapse

About the author

Slava Gomzin, CISSP, PCIP, ECSP, Security+ is the Security and Payments Technologist at Hewlett-Packard. Prior to joining HP, Slava was a security architect and PCI ISA, corporate product security officer, and R&D and application security manager at Retalix, a Division of NCR Retail.

Read more
Collapse
4.5
4 total
Loading...

Additional Information

Publisher
John Wiley & Sons
Read more
Collapse
Published on
Feb 3, 2014
Read more
Collapse
Pages
312
Read more
Collapse
ISBN
9781118810071
Read more
Collapse
Read more
Collapse
Read more
Collapse
Language
English
Read more
Collapse
Genres
Computers / Networking / General
Computers / Security / General
Read more
Collapse
Content Protection
This content is DRM protected.
Read more
Collapse
Read Aloud
Available on Android devices
Read more
Collapse

Reading information

Smartphones and Tablets

Install the Google Play Books app for Android and iPad/iPhone. It syncs automatically with your account and allows you to read online or offline wherever you are.

Laptops and Computers

You can read books purchased on Google Play using your computer's web browser.

eReaders and other devices

To read on e-ink devices like the Sony eReader or Barnes & Noble Nook, you'll need to download a file and transfer it to your device. Please follow the detailed Help center instructions to transfer the files to supported eReaders.
The only security book to be chosen as a Dr. Dobbs Jolt Award Finalist since Bruce Schneier's Secrets and Lies and Applied Cryptography!

Adam Shostack is responsible for security development lifecycle threat modeling at Microsoft and is one of a handful of threat modeling experts in the world. Now, he is sharing his considerable expertise into this unique book. With pages of specific actionable advice, he details how to build better security into the design of systems, software, or services from the outset. You'll explore various threat modeling approaches, find out how to test your designs against threats, and learn effective ways to address threats that have been validated at Microsoft and other top companies.

Systems security managers, you'll find tools and a framework for structured thinking about what can go wrong. Software developers, you'll appreciate the jargon-free and accessible introduction to this essential skill. Security professionals, you'll learn to discern changing threats and discover the easiest ways to adopt a structured approach to threat modeling.

Provides a unique how-to for security and software developers who need to design secure products and systems and test their designs Explains how to threat model and explores various threat modeling approaches, such as asset-centric, attacker-centric and software-centric Provides effective approaches and techniques that have been proven at Microsoft and elsewhere Offers actionable how-to advice not tied to any specific software, operating system, or programming language Authored by a Microsoft professional who is one of the most prominent threat modeling experts in the world

As more software is delivered on the Internet or operates on Internet-connected devices, the design of secure software is absolutely critical. Make sure you're ready with Threat Modeling: Designing for Security.

Learn to hack your own system to protect against malicious attacks from outside

Is hacking something left up to the bad guys? Certainly not! Hacking For Dummies, 5th Edition is a fully updated resource that guides you in hacking your system to better protect your network against malicious attacks. This revised text helps you recognize any vulnerabilities that are lurking in your system, allowing you to fix them before someone else finds them. Penetration testing, vulnerability assessments, security best practices, and other aspects of ethical hacking are covered in this book, including Windows 10 hacks, Linux hacks, web application hacks, database hacks, VoIP hacks, and mobile computing hacks. Additionally, you have access to free testing tools and an appendix detailing valuable tools and resources.

Ethical hacking entails thinking like the bad guys to identify any vulnerabilities that they might find in your system—and fixing them before they do. Also called penetration testing, ethical hacking is essential to keeping your system, and all of its data, secure. Understanding how to perform effective ethical hacking can improve the safety of your network.

Defend your system—and all of the data it holds—against the latest Windows 10 and Linux hacks Develop an effective ethical hacking plan that keeps your system safe Protect your web applications, databases, laptops, and smartphones by going beyond simple hacking strategies Leverage the latest testing tools and techniques when using ethical hacking to keep your system secure

Hacking For Dummies, 5th Edition is a fully updated resource that guides you in hacking your own system to protect it—and it will become your go-to reference when ethical hacking is on your to-do list.

Hackers exploit browser vulnerabilities to attack deep within networks

The Browser Hacker's Handbook gives a practical understanding of hacking the everyday web browser and using it as a beachhead to launch further attacks deep into corporate networks. Written by a team of highly experienced computer security experts, the handbook provides hands-on tutorials exploring a range of current attack methods.

The web browser has become the most popular and widely used computer "program" in the world. As the gateway to the Internet, it is part of the storefront to any business that operates online, but it is also one of the most vulnerable entry points of any system. With attacks on the rise, companies are increasingly employing browser-hardening techniques to protect the unique vulnerabilities inherent in all currently used browsers. The Browser Hacker's Handbook thoroughly covers complex security issues and explores relevant topics such as:

Bypassing the Same Origin Policy ARP spoofing, social engineering, and phishing to access browsers DNS tunneling, attacking web applications, and proxying—all from the browser Exploiting the browser and its ecosystem (plugins and extensions) Cross-origin attacks, including Inter-protocol Communication and Exploitation

The Browser Hacker's Handbook is written with a professional security engagement in mind. Leveraging browsers as pivot points into a target's network should form an integral component into any social engineering or red-team security assessment. This handbook provides a complete methodology to understand and structure your next browser penetration test.

©2019 GoogleSite Terms of ServicePrivacyDevelopersArtistsAbout Google|Location: United StatesLanguage: English (United States)
By purchasing this item, you are transacting with Google Payments and agreeing to the Google Payments Terms of Service and Privacy Notice.