Secure firmware updates for point of sale terminals

Tsague, HD; Van der Merwe, Johannes J; Moabalobelo, Terrence

Secure firmware updates for point of sale terminals

http://academic-bookshop.com/ourshop/prod_3774091-ICCWS-2015-10th-International-Conference-on-Cyber-Warfare-and-Security-Kruger-National-Park-South-Africa-PRINT-ver-ISBN-978191030996.html
http://hdl.handle.net/10204/8516

Abstract:

A large number of electronic transactions are performed with credit or debit cards at point of sale terminals located at merchant stores. The success of this form of payment however, has an associated cost due to the management and maintenance of the equipment. In particular, there is an important cost related to the deployment of new software upgrades for the point of sale terminals, since in most cases human intervention is required. In this paper, we present a lightweight protocol for secure firmware updates for smart card based point of sale terminals. The protocol has especially been designed with respect to the limited hardware resources in such devices. Also, the low bandwidth and the risk of packet loss in the wireless link have been taken into consideration. The protocol provides data integrity and authenticity protection, and thus prevents an attacker from modifying a firmware in transit and installing malicious firmware in the terminals. In addition, terminals can verify that, the received firmware originated from a trusted source. The protocol includes confidentiality protection, and thus the proprietary firmware is kept secret from attackers.

Reference:

Tsague, H.D, Van der Merwe, J and Moabalobelo, T. 2015. Secure firmware updates for point of sale terminals. In: The 10th International Conference on Cyber Warfare and Security, 24-25 March 2015, Mpumalanga, South Africa

Tsague, H., Van der Merwe, J. J., & Moabalobelo, T. (2015). Secure firmware updates for point of sale terminals. Academic Conferences International. http://hdl.handle.net/10204/8516

Tsague, HD, Johannes J Van der Merwe, and T Moabalobelo. "Secure firmware updates for point of sale terminals." (2015): http://hdl.handle.net/10204/8516

Tsague H, Van der Merwe JJ, Moabalobelo T, Secure firmware updates for point of sale terminals; Academic Conferences International; 2015. http://hdl.handle.net/10204/8516 .

Download RIS

The 10th International Conference on Cyber Warfare and Security, 24-25 March 2015, Mpumalanga, South Africa. Due to copyright restrictions, the attached PDF file only contains the abstract of the full text item. For access to the full text item, please consult the publisher's website

Tsague, HD
Van der Merwe, Johannes J
Moabalobelo, Terrence

Mar 2015

Point of sale
Firmware updates
Upgrades
Authenticity
Confidentiality
Information security
Electronic transactions

Show full item record

Files in this item

Tsague2_2015_ABSTRACT.pdf

This item appears in the following Collection(s)

Conference Publications

Browse

All of ResearchSpace
This Collection
- By Issue Date
- Authors
- Titles
- Subjects
- Publication Type
- Cluster
- Impact Area

Quick Links

Legislation and compliance

General Enquiries

Tel: + 27 12 841 2911
Email: callcentre@csir.co.za

Physical Address
Meiring Naudé Road
Brummeria
Pretoria
South Africa

Postal Address
PO Box 395
Pretoria 0001
South Africa

Social Connect

Resources on this site are free to download and reuse according to associated licensing provision. Please read the terms and conditions of usage of each resource.

Secure firmware updates for point of sale terminals

Secure firmware updates for point of sale terminals

This item appears in the following Collection(s)

Browse

All of ResearchSpace

This Collection

Quick Links

Legislation and compliance

General Enquiries

Social Connect