Thousands of payment terminals are nowday connected to the network, and security and its enforcement are top priority to avoid threats . Operations with payment terminals need to rely on practical tools, easy to use, and guarantee high level of security, as in Android Payment Terminals.
In this talk we will describe advanced features to insure security in payment terminals. We will give a general introduction about Android Payment Terminal and describe their main differences from the old-style payment solutions. The talk will cover and analyze the following topics :
Secure Boot with reference of IMX6 architecture and OMAP4 one Network security SeLinux and hardening enforcement Wifi and bluetooth restrictions Applications strong signature verification Each topic will cover a theoretical analysis and very practical examples from working experience on actual products, like PCI-certified tablet-based touch screen payment terminals. Those terminals are already deployed in the market, and are in fact consider as the world’s first running customized Android Lollipop OS on a custom hardware.