Secure Contactless Payment

A contactless payment lets a card holder execute payment without any interaction (e.g., entering PIN or signing) between the terminal and the card holder. Even though the security is the first priority in a payment system, the formal security model of contactless payment does not exist. Therefore, in this paper, we design an adversarial model and define formally the contactless-payment security against malicious cards and malicious terminals including relay attacks. Accordingly, we design a contactless-payment protocol and show its security in our security model. At the end, we analyze EMV-contactless which is a commonly used specification by most of the mobile contactless-payment systems and credit cards in Europe. We find that it is not secure against malicious cards. We also prove its security against malicious terminals in our model. This type of cryptographic proof has not been done before for the EMV specification.

[1]  Gerhard P. Hancke,et al.  Practical Relay Attack on Contactless Transactions by Using NFC Mobile Phones , 2011, IACR Cryptol. ePrint Arch..

[2]  Josef Langer,et al.  Cloning Credit Cards: A Combined Pre-play and Downgrade Attack on EMV Contactless , 2013, WOOT.

[3]  Rafail Ostrovsky,et al.  Position-Based Cryptography , 2014, SIAM J. Comput..

[4]  Serge Vaudenay,et al.  Sound Proof of Proximity of Knowledge , 2015, ProvSec.

[5]  Mike Bond,et al.  Be Prepared: The EMV Preplay Attack , 2015, IEEE Security & Privacy.

[6]  Sébastien Gambs,et al.  A Prover-Anonymous and Terrorist-Fraud Resistant Distance-Bounding Protocol , 2016, WISEC.

[7]  Serge Vaudenay On Modeling Terrorist Frauds - Addressing Collusion in Distance Bounding Protocols , 2013, ProvSec.

[8]  Serge Vaudenay,et al.  Contactless Access Control Based on Distance Bounding , 2017, ISC.

[9]  Srdjan Capkun,et al.  Distance Hijacking Attacks on Distance Bounding Protocols , 2012, 2012 IEEE Symposium on Security and Privacy.

[10]  David Chaum,et al.  Distance-Bounding Protocols (Extended Abstract) , 1994, EUROCRYPT.

[11]  Serge Vaudenay,et al.  Efficient Public-Key Distance Bounding Protocol , 2016, ASIACRYPT.

[12]  Steven J. Murdoch,et al.  Keep Your Enemies Close: Distance Bounding Against Smartcard Relay Attacks , 2007, USENIX Security Symposium.

[13]  Markus G. Kuhn,et al.  So Near and Yet So Far: Distance-Bounding Attacks in Wireless Networks , 2006, ESAS.

[14]  Serge Vaudenay,et al.  Secure and Lightweight Distance-Bounding , 2013, LightSec.

[15]  Tom Chothia,et al.  Relay Cost Bounding for Contactless EMV Payments , 2015, Financial Cryptography.

[16]  Mike Bond,et al.  Chip and Skim: Cloning EMV Cards with the Pre-play Attack , 2012, 2014 IEEE Symposium on Security and Privacy.

[17]  Sébastien Gambs,et al.  A Terrorist-fraud Resistant and Extractor-free Anonymous Distance-bounding Protocol , 2017, IACR Cryptol. ePrint Arch..

[18]  P. Cochat,et al.  Et al , 2008, Archives de pediatrie : organe officiel de la Societe francaise de pediatrie.

[19]  Serge Vaudenay,et al.  Optimal Proximity Proofs , 2014, Inscrypt.

[20]  Serge Vaudenay,et al.  On Privacy for RFID , 2015, ProvSec.

[21]  Gerhard P. Hancke,et al.  Practical NFC Peer-to-Peer Relay Attack Using Mobile Phones , 2010, RFIDSec.

[22]  Serge Vaudenay Private and Secure Public-Key Distance Bounding - Application to NFC Payment , 2015, Financial Cryptography.