You may pre-order it now at Amazon.
The book is called Hacking Point of Sale: Payment Application Secrets, Threats, and Solutions.
Hacking Point of Sale describes the payment application security as a journey from the failure of the “security through obscurity” approach to the power of real cryptographic solutions. All aspects of card-payment processing, from the structure of magnetic stripes to the architecture and deployment models of payment applications, are reviewed from the viewpoint of security. Although there is an entire chapter about PCI, as well as multiple references to the standards (an essential part of the payment industry), the book is not a trivial guide to PCI compliance but looks beyond PCI and provides practical recommendations on how to implement real application security controls.
The book covers:
- Anatomy of Electronic Payments: Processing Payment Transactions; Architecture of Payment Applications; Security Standards; Attacks on Point-of-Sale Systems
- Attacks on Point of Sale Systems: Turning 40 Digits into Gold; Hacking Protected Areas;Penetrating the Security-Free Zone; Exploiting Other Vulnerabilities
- Defense: Cryptography in Payment Applications; Protecting Cardholder Data; Securing Application Code
- An Appendix provides a Payment Application Security Evaluation Checklist, a handy tool for merchants, software vendors, and security assessors. The checklist will assist in security risk assessment by evaluating the quality of payment application security controls.