Corpus ID: 46234723

Harvesting high value foreign currency transactions from EMV contactless cards without the PIN

@inproceedings{Emms2014HarvestingHV,
  title={Harvesting high value foreign currency transactions from EMV contactless cards without the PIN},
  author={M. Emms and B. Arief and L. Freitas and Joseph Hannon and M. A. Van},
  year={2014}
}
  • M. Emms, B. Arief, +2 authors M. A. Van
  • Published 2014
  • Business
  • In this paper we present an attack which allows fraudulent transactions to be collected from EMV contactless credit and debit cards without the knowledge of the cardholder. The attack exploits a previously unreported vulnerability in EMV protocol, which allows EMV contactless cards to approve unlimited value transactions without the cardholder's PIN when the transaction is carried out in a foreign currency. For example, we have found that Visa credit cards will approve foreign currency… CONTINUE READING
    2 Citations

    Figures and Tables from this paper

    A security evaluation and proof-of-concept relay attack on Dutch EMV contactless transactions
    • 7
    • Highly Influenced
    • PDF
    Perceived security and usage of a mobile payment application
    • 1
    • PDF

    References

    SHOWING 1-5 OF 5 REFERENCES
    Chip and PIN is Broken
    • 210
    • PDF
    Keep Your Enemies Close: Distance Bounding Against Smartcard Relay Attacks
    • 247
    • PDF
    Chip and Skim: Cloning EMV Cards with the Pre-play Attack
    • 109
    • PDF
    Practical Relay Attack on Contactless Transactions by Using NFC Mobile Phones
    • 129
    • PDF
    Chip and Skim : cloning EMV cards with the preplay attack . 35 th IEEE Symposium on Security and Privacy
    • 2014