Hacking Point of Sale and over one million other books are available for Amazon Kindle. Learn more
Buy New
$48.00
Qty:1
  • List Price: $60.00
  • Save: $12.00 (20%)
In Stock.
Ships from and sold by Amazon.com.
Gift-wrap available.
Add to Cart
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 2 images

Hacking Point of Sale: Payment Application Secrets, Threats, and Solutions Paperback – February 17, 2014

ISBN-13: 978-1118810118 ISBN-10: 1118810112 Edition: 1st

Buy New
Price: $48.00
32 New from $19.69 14 Used from $19.67
Amazon Price New from Used from
Kindle
"Please retry"
Paperback
"Please retry"
$48.00
$19.69 $19.67

Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student



Frequently Bought Together

Hacking Point of Sale: Payment Application Secrets, Threats, and Solutions + The Hacker Playbook: Practical Guide To Penetration Testing + Rtfm: Red Team Field Manual
Price for all three: $77.07

Buy the selected items together

NO_CONTENT_IN_FEATURE

Save up to 90% on Textbooks
Rent textbooks, buy textbooks, or get up to 80% back when you sell us your books. Shop Now

Product Details

  • Paperback: 312 pages
  • Publisher: Wiley; 1 edition (February 17, 2014)
  • Language: English
  • ISBN-10: 1118810112
  • ISBN-13: 978-1118810118
  • Product Dimensions: 9.1 x 7.3 x 0.7 inches
  • Shipping Weight: 1.2 pounds (View shipping rates and policies)
  • Average Customer Review: 4.4 out of 5 stars  See all reviews (11 customer reviews)
  • Amazon Best Sellers Rank: #82,913 in Books (See Top 100 in Books)

Editorial Reviews

From the Back Cover

Implement bulletproof point of sale security for your payment transactions

Hacking Point of Sale takes a unique look at point of sale security from the viewpoint of your business, not a credit card company. The book provides proven techniques that are designed to help brick-and-mortar merchants properly protect their entire in-store payment infrastructure. The book also includes a POS vulnerability rank calculator to help you perform a risk assessment and security control evaluation as you implement recommendations to improve your existing infrastructure.

  • Eliminate breaches in security related to design flaws and physical vulnerabilities
  • Use point-to-point encryption to protect your front-end and back-end payment systems
  • Close gaps in protection provided by PCI security standards
  • Understand the anatomy of a credit card and how payment cards can be compromised
  • Explore the most relevant standards for payment application security, including PCI, FIPS, ANSI, EMV, and ISO
  • Get practical recommendations on powerful payment application security controls designed to protect against a wide array of common breach attempts

About the Author

Slava Gomzin, CISSP, PCIP, ECSP, Security+ is the Security and Payments Technologist at Hewlett-Packard. Prior to joining HP, Slava was a security architect and PCI ISA, corporate product security officer, and R&D and application security manager at Retalix, a Division of NCR Retail.


More About the Author

Slava Gomzin is a Security and Payments Technologist at Hewlett-Packard, where he helps create products that are integrated into modern payment processing ecosystems using the latest security and payments technologies. Prior to joining Hewlett-Packard, Slava was a security architect, corporate product security officer, R&D and application security manager, and development team leader at Retalix, a Division of NCR Retail. As PCI ISA, he focused on security and PA-DSS, PCI DSS, and PCI P2PE compliance of POS systems, payment applications, and gateways. Before moving into security, Slava worked in R&D on design and implementation of new products including next-generation POS systems and various interfaces to payment gateways and processors. Slava currently holds CISSP, PCIP, ECSP, and Security+ certifications. He blogs about payment security and technology at www.gomzin.com.

Customer Reviews

4.4 out of 5 stars
5 star
7
4 star
3
3 star
0
2 star
0
1 star
1
See all 11 customer reviews
The book provides a wealth of information that is completely pragmatic and actionable.
Ben Rothke
The book is written with a technical flair, yet is well illustrated and notated with enough dialog and appropriate descriptions to cover a broad audience of readers.
J. Sehnert
This book is a great addition to your library for anyone interested in point of sale security.
Jacob Crawford

Most Helpful Customer Reviews

5 of 6 people found the following review helpful By Ben Rothke on May 26, 2014
Format: Paperback
The only negative thing to say about Hacking Point of Sale: Payment Application Secrets, Threats, and Solutions is its title. A cursory look at it may lead the reader that this is a book for a script kiddie, when it is in fact a necessary read for anyone involved with payment systems. The book provides a wealth of information that is completely pragmatic and actionable. The problem is, as the book notes in many places, that one is constantly patching a system that is inherently flawed and broken.

Often after a major information security breach incidents, a public official (always in front of cameras and with many serious looking people standing in the wings) will go on TV and say something akin to “we have to make sure this never happens again”.

Last year, Target and Neiman Marcus were the major victims. This month, it’s eBay. What next month will bring isn’t known, but it will be major. But after hundreds of millions of records breached, it’s not that anyone is saying it won’t happen again. Rather, it’s inevitable it will happen many more times.

There are a number of good books on PCI, but this is the first one that looks at the entire spectrum of credit card processing. Author Slava Gomzin is a security and payments technologist at HP and as clearly evident in the book, he lives and breathes payment technology and his expert knowledge is manifest in every chapter. His technical expertise is certain to make the reader much better informed and understand the myriad issues involved.

The book provides an excellent overview to the workings of payment systems and Gomzin is not shy about showing how insecure many payment systems are. Its 9 chapters provide a good combination of deep technical and general detail.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 1 people found the following review helpful By J. Sehnert on July 14, 2014
Format: Paperback Verified Purchase
For a retail industry professional, or any business using Point of Sale devices, Mr. Gomzin has written an outstanding summary of the contemporary technical concerns related to POS security. The book is written with a technical flair, yet is well illustrated and notated with enough dialog and appropriate descriptions to cover a broad audience of readers. This book is an essential guide for the current PCI standards, and the expected security accountability of the installed POS. Mr Gomzin has a genuine gift at explaining complex scenarios and sorting out the essential details in a fluid and professional style. This is an important reference book for anyone in the retail technology business and I highly recommend and applaud Mr. Gomzin for his work. I have no doubt this is the first of more books from this talented author.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 1 people found the following review helpful By Ken Westin on June 26, 2014
Format: Kindle Edition
Don’t let the title of the book fool you, it’s intended audience isn’t the nefarious hacker types, quite the contrary, the book should become required reading for anyone involved in electronic payments, I would even say not even just those involved in specifically point-of-sale, as quite a few of the topics covered carry over into eCommerce as well.

The language of the book is not overly technical, in fact those involved in the business side can easily understand the concepts outlined in the book and it is a good resource to understand terminology and basic architectures. For the security geeks there are also code samples and more technical details on various topics.The book outlines the architecture of payment systems and identifies inherent vulnerabilities as well as why PCI is not enough, with concrete examples that you can test yourself.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
2 of 3 people found the following review helpful By Jacob Crawford on April 2, 2014
Format: Kindle Edition Verified Purchase
Gomzin's book is extremely relevant and timely with the current events and exposes the vulnerabilities in the POS/PCI/DSS world. This book is a great addition to your library for anyone interested in point of sale security. The author knows his stuff and gives you the information in a way that isn't incredibly overwhelming, yet not incredibly abridged either. If you're trying to figure out how to protect against PCI fraud, this isn't for you. If you want to learn more about the way the POS system works, or the problems with PCI standards, this book is for you.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
3 of 5 people found the following review helpful By Timothy Cormier on March 24, 2014
Format: Paperback
Hacking Point of Sale is a timely book given the recent high profile attacks, that outlines the common mistakes that application developers in the POS often make. Slava points out that security, not compliance, should be the focus of what we create. The book is not a step by step guide nor does it provide tools or what the newest technology is, but it does provide the foundation for any developer to start looking at security.

The book starts with a look at the payment ecosystem, moves into attacks, and finally talks about defense. The book takes known and common sense security and applies it specifically to the Point of Sale world, making it easier for developers and assessors alike to understand and apply.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 2 people found the following review helpful By Relayer on April 9, 2014
Format: Paperback
As a software developer I learned a lot of good information in the Securing Application Code chapter among other topics.

But this book should be read by every merchant who accepts credit cards in their business. The entire transaction flow is explained in clear language that enlightens the reader to all of the aspects of electronic fund transfers. You will be surprised at all that goes on behind the scenes between the customer swiping their card until the receipt prints.

Also new technologies, such as Chip and PIN (EMV) smart cards, that will change the future of credit cards are covered.

I know I would be less worried about using my credit card if merchants followed the advice in this book.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Customer Images

Search

What Other Items Do Customers Buy After Viewing This Item?