In this presentation, we share our Point-of-Sale security research which has revealed a multitude of concerns regarding the secure development of payment applications. We discuss our analysis of several PA-DSS validated applications for security vulnerabilities and configuration issues. Next, we cover our implementation of a proof-of-concept attack chain that demonstrates the capabilities an attacker could leverage in a vulnerable scenario. Finally, we discuss the process of vulnerability discovery, development of attacker capabilities, as well as defensive countermeasures. View the presentation slides here.