Payment card forensic analysis: From concepts to desktop and mobile analysis tools |
| |
| Affiliation: | 1. Institut de Recherche Criminelle de la Gendarmerie Nationale (IRCGN), Digital Forensics Department (INL), 1 boulevard Théophile Sueur, 93110, Rosny-Sous-Bois, France;2. PRES Sorbonne Universités – Université Panthéon-Assas Paris II, 12 place de Panthéon, 75005, Paris Cedex 05, France;3. ENSICAEN, 6 boulevard maréchal Juin, 14050, Caen Cedex 4, France;4. INSA Lyon, 20 avenue Albert Einstein, 69100, Villeurbanne, France;1. Centro Cochrane Iberoamericano, Instituto de Investigación Biomédica Sant Pau (IIB Sant Pau), Barcelona, España;2. Centro de Investigación Biomédica en Red de Epidemiología y Salud Pública (CIBERESP), Barcelona, España;1. Équipe de recherche en épidémiologie nutritionnelle (EPIBIOS), centre de recherche en épidémiologie et biostatistique, INSERM U1153, université Paris 13, Sorbonne-Paris-Cité, 99, avenue Jean-Baptiste-Clément, 93430 Villetaneuse ; INRA, 147, rue de l’Université, 75338 Paris Cedex 7 ; CNAM, 292, rue Saint-Martin F-75141, Paris Cedex 3 ; université Paris 5, 12, rue de l’École-de-Médecine, 75006 Paris ; université Paris 7, 5, rue Thomas-Mann, 75013 Paris, F-93017 Bobigny, France;2. École supérieure des sciences et techniques de la santé de Tunis, B.P. 176, Bab-Saadoun – 1006 Tunis, Tunisie;1. Consejo Nacional de Investigaciones Científicas y Técnicas (CONICET), Rivadavia 1917, C1033AAJ Ciudad Autónoma de Buenos Aires, Argentina;2. Instituto de Biología Marina y Pesquera “Almirante Storni”, Universidad Nacional del Comahue, Güemes 1030, 8520 San Antonio Oeste, Provincia de Río Negro, Argentina |
| |
| Abstract: | While one would not even consider them alike, payment cards are one of the most valuable and widely used embedded systems. Payment card systems are probably the most attacked and counterfeited. In fact, even though the use of smart cards have introduced high security capabilities, criminal activity has not been deterred and payment card fraud remains a lucrative activity.From low-tech (carding) to high-tech (man in the middle attack) fraud, all payment card based frauds require stealing or modifying card data and reusing it with a direct profit. Physical forms of fraud, such as Automated Teller Machine (ATM) withdrawals or in store payments, are mostly based on and associated with manipulated cards. Through their nefarious actions, that may include overwriting the magnetic strip data or injecting attacks on the embedded microcontroller, criminals are able to realise significant monetary gains.To effectively deal with these fraud cases, investigators have to quickly determine whether a card is authentic or a counterfeit. Currently no known easy forensic tool exists that provides a quick effective and accurate response.In this article, after having conceptualised payment cards as multi-interface embedded systems, we propose simple and fast forensic analysis methods to finally provide investigators with associated desktop and mobile forensic tools. |
| |
| Keywords: | Payment card fraud Skimming Carding Forensic tool Payment card analysis |
| 本文献已被 ScienceDirect 等数据库收录! |
|
