MrX - ADT: It's not about Faking the Approval

487 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
487
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
37
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

MrX - ADT: It's not about Faking the Approval

  1. 1. Asian Digital Thief : It’s not about faking the approval MrX @ IDSECCONF2009
  2. 2. Agenda • Intro • Who are they? • Prevention Methods • Case Studies • Conclusions • Q&A
  3. 3. Intro
  4. 4. Intro • Hi Tech = Lazy • Cyber Crime Increased • Internet Fraud Still Exist
  5. 5. Who are they?
  6. 6. Who are they? • Credit Card Fraudster • Suppliers (crackers/phisers/scammers) • Proxy Providers • Drop Point / Reshippers
  7. 7. Prevention Methods
  8. 8. Prevention Methods • SSL • AVS • 3D Secure • Automate Fraud Detection • Blocking Transaction from High Risk Country • System Hardening
  9. 9. SSL • SSL is good, but it’s not everything.
  10. 10. AVS • Definition • Advantage • Facts – Not globally supported – Still can bypassed – System Abuse • Solution
  11. 11. 3D Secure • Definition • Advantage • Facts – Weak Password – Expensive – Still can bypassed – Miss configuration – User vulnerable to phising attack • Solution
  12. 12. Automate Fraud Detection • Definition • Advantage • Facts – Still can bypassed with proxies – Easier for Fraudster • Solution
  13. 13. Blocking Transaction from High Risk Country • Definition • Advantage • Facts – No Manual Check – Drop Point – Jump Shipment • Solution
  14. 14. System Hardening • Definition • Advantage • Facts – OS & Network Hardening – Backdooring Source Code – “Cracked” Web Application • Solution
  15. 15. Case Studies
  16. 16. Case Studies • SSL is not everything • 3D Secure • Security Conference?
  17. 17. Conclusions
  18. 18. Conclusions • 100% Secure System? • Manual Check still needed • Internet Fraud = Never Ending Crime
  19. 19. Q&A
  20. 20. • UAI • Depkominfo • Maxindo Mitra Solusi • Nimhost
  21. 21. kthxbai!!

×