Talk Title:

Skimmers, Shimmers, and You: Reverse Engineering Card Skimmers to Retrieve Stolen Payment Information

Abstract:

Join me as I dive into the world of point-of-sale card skimmers and shimmers to explore the inner workings of these malicious devices! I'll show you how I recover stolen cards from real skimmers and share my hardware hacking techniques used to reverse engineer unique criminal devices. You'll learn how digital payments are made and how they are compromised by criminals to steal money from citizens on government benefits. Flaws in the US legislature result in outdated payment methods such as magnetic stripe cards still being supported. As such, the US has seen unprecedented growth of these fraudulent devices on point-of-sale payment terminals since the pandemic. I'll discuss why detecting skimmers is difficult and how I've helped clients reduce their detection time drastically. By the end of this talk, you'll be equipped with the knowledge to spot skimmers and shimmers yourself to ensure your financial security. Get ready to embark on this exciting adventure into the realm of payment card fraud!

Speaker Bio:

Aidan Quimby is a hacker at IBM X-Force Red who focuses on application and hardware hacking. He has been a part of the IBM team for the past four years after starting as a co-op in 2020. Aidan continues to hone his skills in web application penetration testing and unique hardware analysis on card skimmers. He dedicates his time as a consultant to helping organizations protect their systems and sensitive data from the latest threats.