Booz Allen Hamilton Colloquium: "Designing Defenses for Entrenched Legacy Payment Systems"
Friday, February 15, 2019
3:30 p.m.-4:30 p.m.
1110 Jeong H. Kim Engineering Building
301 405 4471
Title: “Because That’s Where the Money Is: Designing Defenses for Entrenched Legacy Payment Systems"
John and Mary Lou Dasburg Preeminent Chair in Engineering
Computer and Information Science and Engineering
University of Florida
Abstract: Credit, debit, and prepaid cards have dominated the payment landscape for decades, empowering the economy. Unfortunately, these legacy systems were not designed for today’s adversarial environment, and deployment of more secure technologies is slow, expensive, and difficult to adopt. This talk focuses on creating new ways of identifying and protecting against real threats to existing payment systems. First, we explore the types of skimmers and how they acquire sensitive card data. We will then examine a use case, gas pumps, where skimming remains prevalent and how the tools and interfaces available to consumers for detecting these devices also fail. We then use the properties of real skimmers to design the Skim Reaper, the first external skimmer detection system. Finally, I demonstrate that the most common way to clone stolen cards introduces artifacts that can also be detected and used as a means to account for previously undetected attacks. By using adversaries’ own technology against them, these attacks can effectively and inexpensively be reduced.
Bio: Patrick Traynor is the John and Mary Lou Dasburg Preeminent Chair in Engineering and a Professor in the Department of Computer and Information Science and Engineering (CISE) at the University of Florida. His research focuses on the security of mobile systems, with a concentration on telecommunications infrastructure and mobile devices. His research has uncovered critical vulnerabilities in cellular networks, developed techniques to find credit card skimmers that have been adopted by law enforcement and created robust approaches to detecting and combating Caller-ID scams. He is also interested in Internet security and the systems challenges of applied cryptography.
He received a CAREER Award from the National Science Foundation in 2010, was named a Sloan Fellow in 2014, a Fellow of the Center for Financial Inclusion at Accion in 2016 and a Kavli Fellow in 2017. Professor Traynor earned his Ph.D and M.S. in Computer Science and Engineering from the Pennsylvania State University in 2008 and 2004, respectively, and his B.S. in Computer Science from the University of Richmond in 2002. He is also a co-founder of Pindrop Security, CryptoDrop, and Skim Reaper.