The Library
NFC Payment Spy : a privacy attack on contactless payments
Tools
Mehrnezhad, Maryam, Ali, Mohammed Aamir, Hao, Feng and Moorsel, Aad P.A. van (2016) NFC Payment Spy : a privacy attack on contactless payments. In: Security Standardisation Research. Lecture Notes in Computer Science, 10074 . Cham: Springer, pp. 92-111. ISBN 9783319490991
|
PDF
WRAP-NFC-payment-spy-privacy-attack-payments-Hao-2016.pdf - Accepted Version - Requires a PDF viewer. Download (1071Kb) | Preview |
Official URL: http://dx.doi.org/10.1007/978-3-319-49100-4_4
Abstract
In a contactless transaction, when more than one card is presented to the payment terminal’s field, the terminal does not know which card to choose to proceed with the transaction. This situation is called card collision. EMV (which is the primary standard for smart card payments) specifies that the reader should not proceed when it detects a card collision and that instead it should notify the payer. In comparison, the ISO/IEC 14443 standard specifies that the reader should choose one card based on comparing the UIDs of the cards detected in the field. However, our observations show that the implementation of contactless readers in practice does not follow EMV’s card collision algorithm, nor does it match the card collision procedure specified in ISO.
Item Type: | Book Item | ||||||
---|---|---|---|---|---|---|---|
Subjects: | H Social Sciences > HG Finance T Technology > TK Electrical engineering. Electronics Nuclear engineering |
||||||
Divisions: | Faculty of Science, Engineering and Medicine > Science > Computer Science | ||||||
Library of Congress Subject Headings (LCSH): | Debit cards, Banks and banking -- Customer services -- Security measures, Cell phones | ||||||
Series Name: | Lecture Notes in Computer Science | ||||||
Publisher: | Springer | ||||||
Place of Publication: | Cham | ||||||
ISBN: | 9783319490991 | ||||||
ISSN: | 0302-9743 | ||||||
Book Title: | Security Standardisation Research | ||||||
Official Date: | 2016 | ||||||
Dates: |
|
||||||
Volume: | 10074 | ||||||
Page Range: | pp. 92-111 | ||||||
DOI: | 10.1007/978-3-319-49100-4_4 | ||||||
Status: | Peer Reviewed | ||||||
Publication Status: | Published | ||||||
Reuse Statement (publisher, data, author rights): | This is a post-peer-review, pre-copyedit version of an article published in Security Standardisation Research. The final authenticated version is available online at: http://dx.doi.org/10.1007/978-3-319-49100-4_4 | ||||||
Access rights to Published version: | Restricted or Subscription Access | ||||||
Date of first compliant deposit: | 20 December 2018 | ||||||
Date of first compliant Open Access: | 20 December 2018 | ||||||
RIOXX Funder/Project Grant: |
|
||||||
Conference Paper Type: | Paper | ||||||
Title of Event: | 3rd International Conference on Security Standardisation Research (SSR'16) | ||||||
Type of Event: | Conference |
Request changes or add full text files to a record
Repository staff actions (login required)
View Item |
Downloads
Downloads per month over past year