SoK: Attacks on Modern Card Payments
By: Xenia Hofmeier , David Basin , Ralf Sasse and more
Potential Business Impact:
Finds ways to break phone payment security.
EMV is the global standard for smart card payments and its NFC-based version, EMV contactless, is widely used, also for mobile payments. In this systematization of knowledge, we examine attacks on the EMV contactless protocol. We provide a comprehensive framework encompassing its desired security properties and adversary models. We also identify and categorize a comprehensive collection of protocol flaws and show how different subsets thereof can be combined into attacks. In addition to this systematization, we examine the underlying reasons for the many attacks against EMV and point to a better way forward.
Similar Papers
SoK: Security of EMV Contactless Payment Systems
Cryptography and Security
Finds ways to make contactless payments safer.
SoK: Stealing Cars Since Remote Keyless Entry Introduction and How to Defend From It
Cryptography and Security
Stops car thieves from unlocking your car.
Breaking ECDSA with Electromagnetic Side-Channel Attacks: Challenges and Practicality on Modern Smartphones
Cryptography and Security
Lets hackers steal phone secrets using tiny signals.