Get inside the hacker's mindset at Mobile Banking Security

As many of you will know, one the recent headlines in the contactless security space has been that of a group of university research students cracking the security of the Mifare contactless chip. Never afraid of cutting to the heart of the matters that count, IIR went straight to the source and is delighted to confirm that 'hacker' Karsten Nohl of the University of Virginia will be presenting his thoughts on contactless security and also participating in an interview session; enabling you to ask detailed questions about the project. Karsten Nohl has been involved in RFID and smart card security for the past three years while working on his PhD. He promotes cryptography as the best and most elegant solution for most of smart cards' security and privacy problems -- but only when done right. While evaluating several of the most widely used smart cards, Nohl stumbled upon the ways in which cryptography is being poorly implemented on every level imaginable, including weak encryption functions, predictable random numbers, insecure protocols and bad key management. Nohl's work contributed to the security discussion surrounding contactless credit cards and caused extensive debate over weaknesses in RFID tickets and payment cards. His research identified several vulnerabilities in the most widely used smart card, Mifare Classic, that he and hackers from the Chaos Computer Club reverse-engineered. In his dissertation, Karsten Nohl provides very practical cryptographic solutions for RFIDs, which he hopes will be used to protect the privacy of individuals and companies that use the technology. Other applications of his inventions, which were published in several academic conferences, include very low-cost, yet secure identification and access control. While still active in the research community, Nohl is now mainly consulting for RFID adaptors with non-trivial security needs. IIR's Mobile Banking Security offers a balance of business and technical perspectives. On the more technical side, Nohl will be sharing his views on how to improve contactless smart card security by: Understanding that wireless technologies create many new attack vectors Modelling these threats realistically to estimate the likelihood and potential damage caused by potential attacks Considering that the risks of contactless technologies often outweigh its benefits Focusing on the overall security of a system by using cryptographic building blocks that are all equally strong Layering protection measures so that security survives in the event of any single measure failing   Commercial and Marketing Opportunities Mobile Banking Security 2008 is a fantastic opportunity to demonstrate your expertise and provide solutions to professionals responsible for assuring service security, guaranteeing revenue protection and ensuring that authentication and fraud detection processes can promote trust and maximise consumer confidence in mobile financial services. For details on which sponsorship and exhibition opportunities will raise your profile and achieve the exposure your company needs to tap the business opportunities on offer, please contact Stephan Groves at sgroves@iir-conferences.com +44 (0)20 7017 7098. Whatever your requirements, we can develop a tailored solution that will fulfil both your business objectives and budgetary needs.