Deliver to your Kindle or other device

Enter a promotion code
or gift card

Try it free

Sample the beginning of this book for free

Deliver to your Kindle or other device

Sorry, this item is not available in
Image not available for
Image not available

Hacking Point of Sale: Payment Application Secrets, Threats, and Solutions [Kindle Edition]

Slava Gomzin
4.3 out of 5 stars  See all reviews (19 customer reviews)

Digital List Price: $60.00 What's this?
Print List Price: $60.00
Kindle Price: $34.49
You Save: $25.51 (43%)

Free Kindle Reading App Anybody can read Kindle books—even without a Kindle device—with the FREE Kindle app for smartphones, tablets and computers.

To get the free app, enter your email address or mobile phone number.


Amazon Price New from Used from
Kindle Edition $34.49  
Paperback $56.44  
Hero Quick Promo
Gold Box Deal of the Day: Up to 80% Off Fiction Favorites
Today only, more than 15 fiction favorites are up to 80% off on Kindle. Learn more

Book Description

Must-have guide for professionals responsible for securingcredit and debit card transactions

As recent breaches like Target and Neiman Marcus show, paymentcard information is involved in more security breaches than anyother data type. In too many places, sensitive card data is simplynot protected adequately. Hacking Point of Sale is acompelling book that tackles this enormous problem head-on.Exploring all aspects of the problem in detail - from how attacksare structured to the structure of magnetic strips topoint-to-point encryption, and more – it's packed withpractical recommendations. This terrific resource goes beyondstandard PCI compliance guides to offer real solutions on how toachieve better security at the point of sale.

  • A unique book on credit and debit card security, with anemphasis on point-to-point encryption of payment transactions(P2PE) from standards to design to application
  • Explores all groups of security standards applicable to paymentapplications, including PCI, FIPS, ANSI, EMV, and ISO
  • Explains how protected areas are hacked and how hackers spotvulnerabilities
  • Proposes defensive maneuvers, such as introducing cryptographyto payment applications and better securing application code

Hacking Point of Sale: Payment Application Secrets, Threats,and Solutions is essential reading for security providers,software architects, consultants, and other professionals chargedwith addressing this serious problem.

Editorial Reviews

From the Back Cover

Implement bulletproof point of sale security for your payment transactions

Hacking Point of Sale takes a unique look at point of sale security from the viewpoint of your business, not a credit card company. The book provides proven techniques that are designed to help brick-and-mortar merchants properly protect their entire in-store payment infrastructure. The book also includes a POS vulnerability rank calculator to help you perform a risk assessment and security control evaluation as you implement recommendations to improve your existing infrastructure.

  • Eliminate breaches in security related to design flaws and physical vulnerabilities
  • Use point-to-point encryption to protect your front-end and back-end payment systems
  • Close gaps in protection provided by PCI security standards
  • Understand the anatomy of a credit card and how payment cards can be compromised
  • Explore the most relevant standards for payment application security, including PCI, FIPS, ANSI, EMV, and ISO
  • Get practical recommendations on powerful payment application security controls designed to protect against a wide array of common breach attempts

About the Author

Slava Gomzin, CISSP, PCIP, ECSP, Security+ is the Security and Payments Technologist at Hewlett-Packard. Prior to joining HP, Slava was a security architect and PCI ISA, corporate product security officer, and R&D and application security manager at Retalix, a Division of NCR Retail.

Product Details

  • File Size: 12725 KB
  • Print Length: 312 pages
  • Publisher: Wiley; 1 edition (February 3, 2014)
  • Sold by: Amazon Digital Services, Inc.
  • Language: English
  • Text-to-Speech: Enabled
  • X-Ray:
  • Word Wise: Not Enabled
  • Lending: Enabled
  • Amazon Best Sellers Rank: #84,085 Paid in Kindle Store (See Top 100 Paid in Kindle Store)
  •  Would you like to give feedback on images?

Customer Reviews

Most Helpful Customer Reviews
9 of 10 people found the following review helpful
The only negative thing to say about Hacking Point of Sale: Payment Application Secrets, Threats, and Solutions is its title. A cursory look at it may lead the reader that this is a book for a script kiddie, when it is in fact a necessary read for anyone involved with payment systems. The book provides a wealth of information that is completely pragmatic and actionable. The problem is, as the book notes in many places, that one is constantly patching a system that is inherently flawed and broken.

Often after a major information security breach incidents, a public official (always in front of cameras and with many serious looking people standing in the wings) will go on TV and say something akin to “we have to make sure this never happens again”.

Last year, Target and Neiman Marcus were the major victims. This month, it’s eBay. What next month will bring isn’t known, but it will be major. But after hundreds of millions of records breached, it’s not that anyone is saying it won’t happen again. Rather, it’s inevitable it will happen many more times.

There are a number of good books on PCI, but this is the first one that looks at the entire spectrum of credit card processing. Author Slava Gomzin is a security and payments technologist at HP and as clearly evident in the book, he lives and breathes payment technology and his expert knowledge is manifest in every chapter. His technical expertise is certain to make the reader much better informed and understand the myriad issues involved.

The book provides an excellent overview to the workings of payment systems and Gomzin is not shy about showing how insecure many payment systems are. Its 9 chapters provide a good combination of deep technical and general detail.
Read more ›
Comment | 
Was this review helpful to you?
2 of 2 people found the following review helpful
Format:Kindle Edition
Don’t let the title of the book fool you, it’s intended audience isn’t the nefarious hacker types, quite the contrary, the book should become required reading for anyone involved in electronic payments, I would even say not even just those involved in specifically point-of-sale, as quite a few of the topics covered carry over into eCommerce as well.

The language of the book is not overly technical, in fact those involved in the business side can easily understand the concepts outlined in the book and it is a good resource to understand terminology and basic architectures. For the security geeks there are also code samples and more technical details on various topics.The book outlines the architecture of payment systems and identifies inherent vulnerabilities as well as why PCI is not enough, with concrete examples that you can test yourself.
Comment | 
Was this review helpful to you?
2 of 2 people found the following review helpful
Format:Paperback|Verified Purchase
For a retail industry professional, or any business using Point of Sale devices, Mr. Gomzin has written an outstanding summary of the contemporary technical concerns related to POS security. The book is written with a technical flair, yet is well illustrated and notated with enough dialog and appropriate descriptions to cover a broad audience of readers. This book is an essential guide for the current PCI standards, and the expected security accountability of the installed POS. Mr Gomzin has a genuine gift at explaining complex scenarios and sorting out the essential details in a fluid and professional style. This is an important reference book for anyone in the retail technology business and I highly recommend and applaud Mr. Gomzin for his work. I have no doubt this is the first of more books from this talented author.
Comment | 
Was this review helpful to you?
2 of 2 people found the following review helpful
Format:Paperback|Verified Purchase
I came across this book shortly after starting a new job at a large credit card issuer. My job involves developing/supporting payment authentication capabilities and I wanted to find a book that would provide a good deep dive into payment processing and the risks involved. At work I had access to dozens of technical specs and overview documents to ramp up, but this book took much of that information and condensed/arranged it into a format that was much easier to digest. I would recommend this book to anyone in the payment industry as well as merchants that want to have a better understanding of payment infrastructure and vulnerabilities.
Comment | 
Was this review helpful to you?
3 of 4 people found the following review helpful
Format:Kindle Edition|Verified Purchase
Gomzin's book is extremely relevant and timely with the current events and exposes the vulnerabilities in the POS/PCI/DSS world. This book is a great addition to your library for anyone interested in point of sale security. The author knows his stuff and gives you the information in a way that isn't incredibly overwhelming, yet not incredibly abridged either. If you're trying to figure out how to protect against PCI fraud, this isn't for you. If you want to learn more about the way the POS system works, or the problems with PCI standards, this book is for you.
Comment | 
Was this review helpful to you?
1 of 1 people found the following review helpful
Format:Paperback|Verified Purchase
Mr. Gomzin provides valuable insight into the problems with current point-of-sale systems. If it added anything, I would repeat all the other reviews. The book is as good (or better) as these reviews indicate. Hopefully this book will be a starting point to get retailers to lock down their systems to protect cardholder data.

Great book with many references for more in depth research provided through out the whole book.
Comment | 
Was this review helpful to you?
1 of 1 people found the following review helpful
By Kiomy
Format:Kindle Edition|Verified Purchase
I have read the book twice in one weekend. It is full with details and explanation about the vulnerabilities of the point of sale. I really enjoyed learning about the POS security questionnaire and it opened my eye to what it needs to take place to protect sensitive data. I will highly recommend the purchase and integration of the advices presented in that book. Adley DaSilva
Comment | 
Was this review helpful to you?
Most Recent Customer Reviews
4.0 out of 5 stars Straight forward and to the point!
Good book and a quick read - I was able to drill through it in 5 hours. It was written with an assumption that you have a basic understanding of point-of-sale (POS) systems, which... Read more
Published 3 months ago by spiff5000
4.0 out of 5 stars Four Stars
Great product
Published 3 months ago by Dr.$am
3.0 out of 5 stars Hacking Point of Sale. Payments Applications Secrets, Threats and...
This book is a good overview on payment applications and solutions with focus on card payment processing. The book is divided into three big blocks: 1. Technology overview, 2. Read more
Published 6 months ago by Javier
3.0 out of 5 stars Very high level. If you are looking for "POS ...
Very high level. If you are looking for "POS hacking for dummies" this is your book. I didn't find a lot of new info but the author did a decent job of explaining the... Read more
Published 6 months ago by Michael Scott
5.0 out of 5 stars Top-Notch and Timely
Thinking about all those recent POS attacks? This book explains why, in detail, and provides a masterly overview of PCI requirements, and then some. Read more
Published 6 months ago by A. E Heald
4.0 out of 5 stars good book and good summary
good book and good summary. probably will need to be updated every year given the trends in IT and Security.
Published 7 months ago by Emmanuel Cho
4.0 out of 5 stars ARTS for Retail
This is a good book for traditional POS payment problems. however it misses a couple of critical components. Read more
Published 8 months ago by Amazon Customer
1.0 out of 5 stars Poorly written book
Although the author does not seem to get it; PCI SSC documents provide a better explanation on this topic than this book. There are many better and free whitepapers on this topic!
Published 9 months ago by Johan Van Tilburg
Search Customer Reviews
Search these reviews only

More About the Author

Slava Gomzin is Director of Information Security at PCCI (Parkland Center for Clinical Innovation). Prior to joining PCCI, Slava was a security and payments technologist at Hewlett-Packard, where he helped create products that are integrated into modern payment processing ecosystems using the latest security and payments technologies. Before HP, he worked as a security architect, corporate product security officer, R&D and application security manager, and development team leader at Retalix, a Division of NCR Retail. As PCI ISA, he focused on security and PA-DSS, PCI DSS, and PCI P2PE compliance of POS systems, payment applications, and gateways. Before moving into security, Slava worked in R&D on design and implementation of new products including next-generation POS systems and various interfaces to payment gateways and processors. Slava currently holds CISSP, PCIP, ECSP, and Security+ certifications. He blogs about payment security and technology at

What Other Items Do Customers Buy After Viewing This Item?


There are no discussions about this product yet.
Be the first to discuss this product with the community.
Start a new discussion
First post:
Prompts for sign-in

Look for Similar Items by Category