Transactions Payment Cards Card Entry Methods Key Players More Players Even More Players Payment Stages Payment Transactions Key Areas of Payment Application Vulnerabilities Essential Payment Application Blocks Communication Between Modules Deployment of Payment Applications Architecture Magic Plastic Physical Structure and Security Features Inside the Magnetic Stripe Regular Expressions Getting the Dumps: Hackers Converting the Bits into Cash: Carders Monetization Strategies: Cashers Producing Counterfeit Cards What is PCI? PCI StandardsPCI Payment Application Memory Sniffing Exploiting Other Vulnerabilities PCI Areas of Interest Data at Rest: The Mantra of PCI Data in Transit: What is Covered by PCI? The Tip of the Iceberg Symmetric, Asymmetric, or One-way? Does Size Matter? Symmetric Encryption Asymmetric Encryption One-way Encryption Digital Signatures Cryptographic Hardware Cryptographic Standards Data in Memory Data in Transit Data at Rest Point-to-point Encryption EMV Mobile and Contactless Payments Code Signing Signing Configuration and Data Files Code Obfuscation Secure Coding Guidelines