论文信息 - Security Failures in EMV Smart Card Payment Systems

Security Failures in EMV Smart Card Payment Systems

New credit cards containing Europay, MasterCard and Visa (EMV) chips for enhanced security used in-store purchases rather than online purchases have been adopted considerably. EMV supposedly protects the payment cards in such a way that the computer chip in a card referred to as chip-and-pin cards generate a unique one time code each time the card is used. The one time code is designed such that if it is copied or stolen from the merchant system or from the system terminal cannot be used to create a counterfeit copy of that card or counterfeit chip of the transaction. However, in spite of this design, EMV technology is not entirely foolproof from failure. In this paper we discuss the issues, failures and fraudulent cases associated with EMV Chip-And-Card technology.

[1] Steven J Murdoch,et al. Reliability of Chip & PIN evidence in banking disputes , 2014 .

[2] T. Dierks,et al. The TLS protocol , 1999 .

[3] Gerhard P. Hancke,et al. Practical Relay Attack on Contactless Transactions by Using NFC Mobile Phones , 2011, IACR Cryptol. ePrint Arch..

[4] 齐振宏. VISA International：混序组织的机理与特征研究 , 2006 .

[5] Steven J. Murdoch,et al. Thinking Inside the Box: System-Level Failures of Tamper Proofing , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[6] Uta Wille,et al. Risks and Potentials of Using EMV for Internet Payments , 1999, Smartcard.

[7] Mike Bond,et al. Chip and spin , 2006 .

[8] Mike Bond,et al. Chip and Skim: Cloning EMV Cards with the Pre-play Attack , 2012, 2014 IEEE Symposium on Security and Privacy.

[9] Steven J. Murdoch,et al. Keep Your Enemies Close: Distance Bounding Against Smartcard Relay Attacks , 2007, USENIX Security Symposium.

[10] Paul Syverson,et al. Fail-Stop Protocols: An Approach to Designing Secure Protocols (Preprint) , 1995 .

[11] Mike Bond,et al. 2010 IEEE Symposium on Security and Privacy Chip and PIN is Broken , 2022 .