|
|
By finding a vulnerability in a Merchant App, in `libosal.so` or in one in the kernel drivers a remote attack via a payment vector is theoretically possible. Unfortunately, due to the lack of second hand production PoS in the used market, I'm unable to get a test device with a working Merchant App unless I open a contract with a bank (which I don't want to). If anyone has contacts or is willing to provide one, or need assistance for futher research drop me an email or a tweet.
|