

Encrypted Square Reader to Credit Card Skimmer in Under 10 Min - alexandreamel
https://www.blackhat.com/us-15/briefings.html#mobile-point-of-scam-attacking-the-square-reader

======
ceequof
How could you possibly defend against a malicious merchant? They can just have
a video camera pointing at the terminal, no amount of encryption would defend
against that.

~~~
viraptor
The first few transactions would probably go through, but then some people
would notice and report strange transactions. I was told by someone working in
that industry that credit card companies would figure out who's the source and
cut them off / sue them if it was malicious. I'm not sure if that kind of data
mining / correlation is common - I'd really like to hear some details / other
confirmations.

