#BHUSA: How Public Standards Help to Enable Financial Fraud

Aug 6, 2020 02:00 pm Cyber Security 206

#BHUSA: How Public Standards Help to Enable Financial Fraud

In a session at the Black Hat USA 2020 virtual conference on August 5, Kevin Perlow, technical intelligence team lead for one of the largest banks in the US, explained how cyber-attackers are using public standards for financial transactions to enable multiple forms of fraud.





One of the key standards used every day by all financial institutions around the world is ISO 8583, which defines how credit card transaction messages are sent and received. Perlow explained that anytime an individual goes to a bank machine or uses a point of sale device at a grocery store to do a self-checkout, ISO 8583 messages are created as part of the transaction.





“ISO 8583 is a standardized set of fields for transmitting the data from your card and for sending your transaction over to a payment switch and then from that payment switch to a bank to approve or reject the transaction that’s happening,” Perlow said.





The payment switch is a device that handles incoming messages from different types of payment devices, such as ATMs and POS devices, like those at a grocery store. The payment switch processes the messages and decides what to do with them. The payment switch is also a key target for attackers, as they look to take advantage of ISO 8583 with ‘FASTcash’ as well as other forms of malware.





How FASTCash Uses ISO 8583



The so-called FASTCash malware was first publicly disclosed back in 2018 and has remained active in the years ..

Support the originator by clicking the read the rest link below.

bhusa public standards enable financial fraud
Read The Rest from the original source
infosecurity-magazine.com

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!