Reverse Vending Machine (RVM) Security: Real World Exploits / Vulnerabilities

Security is often an optional, paid feature. Learn how this choice enabled researchers to print fraudulent cash receipts from a supermarket's reverse vending machines.

#1about 3 minutes

The financial incentive for hacking reverse vending machines

Reverse vending machines present a security risk because they exchange returned bottles for money, creating an opportunity for financial exploits.

#2about 4 minutes

Understanding the bottle detection and refund process

RVMs use a combination of sensors like barcode scanners, weight sensors, shape detectors, and material analysis to validate and process returned bottles.

#3about 4 minutes

Categorizing common reverse vending machine attack vectors

Attacks on RVMs fall into three main categories: insider manipulation, tricking the bottle acceptance system, and misclassifying bottles for higher payouts.

#4about 4 minutes

Analyzing supermarket receipts to find security flaws

By collecting and comparing receipts from different supermarket chains, researchers identified patterns in barcode generation to find potential vulnerabilities.

#5about 4 minutes

Discovering a predictable and static barcode vulnerability

One supermarket chain used a static EAN-13 barcode on receipts where the refund amount was directly encoded, making it easy to forge.

#6about 2 minutes

Forging a valid receipt with a script and printer

A simple script and a thermal printer can generate a forged receipt with a custom refund amount that is accepted by the store's checkout system.

#7about 2 minutes

The vendor response to the disclosed vulnerability

The RVM manufacturer confirmed the vulnerability and stated that the secure, cloud-validated solution is an optional feature that customers must pay extra for.

#8about 3 minutes

Finding similar and new exploits in Finland's RVMs

An investigation in Finland revealed the same receipt forgery vulnerability, plus a new attack involving swapping barcode stickers on bottles to claim a higher refund.

#9about 2 minutes

Mitigating receipt fraud with a cloud validation system

The most effective way to prevent receipt forgery is to use a centralized data store that generates a unique ID for each receipt and invalidates it after one use.

#10about 9 minutes

Q&A on blockchain, pentesting, and ethical implications

The speaker discusses using blockchain for validation, the importance of early security involvement and pentesting, and the ethics of exploiting recycling systems.