POS keys
Chhil
Not too familiar with POS device setup so I am redirecting your
question to the jpos mailing list. People on the list have great
knowledge and you should get an appropriate response. Please subscribe
to the mailing list and post questions there.
You should have a device manual that should guide you through the setup.
-chhil
On Oct 25, 2009, at 9:08 AM, Tod Myer <knoctur...@gmail.com> wrote:
> hello i seen your post on groups good i was doing some research on ZMK
> and TMK for POS terminals you seem to have knowledge. i was wondering
> for the terminals on the POS im going to be doing a demenstration and
> i wanted to know where and how the ZMK and or TMK could be found on
> the terminal.
Mark Salter
>
> i was wondering
> for the terminals on the POS im going to be doing a demenstration and
> i wanted to know where and how the ZMK and or TMK could be found on
> the terminal.
All keys used to protect transactions will not - I would hope - be
'found' on the terminal.
I would think keys would be kept in memory, not persisted anywhere and
out of 'reach' of an api the terminal would provide.
If the keys were available, then the benefit of the cryptography would
be eliminated.
What are you trying demonstrate?
--
Mark
Chhil
-chhil
Mark Salter
>
> i want to show how insecure terminal are really with getting
> this kind of info some criminals can steal information'
Here lies the key...
Having to ask how to demonstrate such weaknesses, does - I think -
highlight where some weakness lies.
There are papers indexed by google covering the problems with POS
devices, one such paper:-
http://www.hackerfactor.com/papers/cc-pos-20.pdf
...made an interesting skim, including 'magic' key combinations for some
terminals to reset passwords. Primarily to gain access to the stored
transactions - only brief mentions of POS storage medium and protection.
--
Mark