Web Images Videos Maps News Shopping Gmail more »
Recently Visited Groups | Help | Sign in
Google Groups Home
jPOS Users
Home
+ new post
Pages
Files
About this group
Join this group
POS keys
Options
There are currently too many topics in this group that display first. To make this topic appear first, remove this option from another topic.
There was an error processing your request. Please try again.
flag
   4 messages - Collapse all  -  Translate all to Translated (View all originals)
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Chhil  
View profile  
 More options Oct 25, 12:57 am
From: Chhil <chil...@gmail.com>
Date: Sun, 25 Oct 2009 10:27:11 +0530
Local: Sun, Oct 25 2009 12:57 am
Subject: POS keys
Reply | Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
Hello Tod,

Not too familiar with POS device setup so I am redirecting your  
question to the jpos mailing list. People on the list have great  
knowledge and you should get an appropriate response. Please subscribe  
to the mailing list and post questions there.

You should have a device manual that should guide you through the setup.

-chhil

On Oct 25, 2009, at 9:08 AM, Tod Myer <knocturnal4l...@gmail.com> wrote:


    Reply    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Mark Salter  
View profile  
 More options Oct 25, 6:58 am
From: Mark Salter <marksal...@talktalk.net>
Date: Sun, 25 Oct 2009 10:58:22 +0000
Local: Sun, Oct 25 2009 6:58 am
Subject: Re: [jpos-users] POS keys
Reply | Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author

> On Oct 25, 2009, at 9:08 AM, Tod Myer <knocturnal4l...@gmail.com> wrote:

> i was wondering
> for the terminals on the POS im going to be doing a demenstration and
> i wanted to know where and how the ZMK and or TMK could be found on
> the terminal.

All keys used to protect transactions will not - I would hope - be
'found' on the terminal.

I would think keys would be kept in memory, not persisted anywhere and
out of 'reach' of an api the terminal would provide.

If the keys were available, then the benefit of the cryptography would
be eliminated.

What are you trying demonstrate?

--
Mark


    Reply    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Chhil  
View profile  
 More options Oct 25, 7:48 am
From: Chhil <chil...@gmail.com>
Date: Sun, 25 Oct 2009 17:18:50 +0530
Local: Sun, Oct 25 2009 7:48 am
Subject: Re: [jpos-users] Re: POS keys
Reply | Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author

Here is additional info that was emailed to me by Tod.

'the device manual wil never post this kind of info to find the ZMK  
for protection but im doing something in fornt of audience in few  
weeks and i want to show how insecure terminal are really with getting  
this kind of info some criminals can steal information'
-chhil

On Oct 25, 2009, at 4:28 PM, Mark Salter <marksal...@talktalk.net>  
wrote:


    Reply    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Mark Salter  
View profile  
 More options Oct 25, 4:30 pm
From: Mark Salter <marksal...@talktalk.net>
Date: Sun, 25 Oct 2009 20:30:44 +0000
Local: Sun, Oct 25 2009 4:30 pm
Subject: Re: [jpos-users] Re: POS keys
Reply | Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
Tod Myer <knocturnal4l...@gmail.com> wrote to Chhil:-

> i want to show how insecure terminal are really with getting  
> this kind of info some criminals can steal information'

Here lies the key...

Having to ask how to demonstrate such weaknesses, does - I think -
highlight where some weakness lies.

There are papers indexed by google covering the problems with POS
devices, one such paper:-

   http://www.hackerfactor.com/papers/cc-pos-20.pdf

...made an interesting skim, including 'magic' key combinations for some
terminals to reset passwords.  Primarily to gain access to the stored
transactions - only brief mentions of POS storage medium and protection.

--
Mark


    Reply    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
End of messages
« Back to Discussions « Newer topic     Older topic »

Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2009 Google