Your Money or Your Life—Modeling and Analyzing the Security of Electronic Payment in the UC Framework

Resource type
Conference
Author(s)
Roland Gröll and Timon Hackenjos and Alexander Koch and Bernhard Löwe and Jeremias Mechler and Jörn Müller-Quade and Jochen Rill
Year
2019
Pages
243-261
Publisher
Springer International Publishing
Book title
Financial Cryptography and Data Security
Editor
Ian Goldberg and Tyler Moore
Abstract
EMV, also known as Chip and PIN, is the world-wide standard for card-based electronic payment. Its security wavers: over the past years, researchers have demonstrated various practical attacks, ranging from using stolen cards by disabling PIN verification to cloning cards by pre-computing transaction data. Most of these attacks rely on violating certain unjustified and not explicitly stated core assumptions upon which EMV is built, namely that the input device (e.g. the ATM) is trusted and all communication channels are non-interceptable. In addition, EMV lacks a comprehensive formal description of its security.
Online Sources
https://doi.org/10.1007/978-3-030-32101-7_16
DOI
10.1007/978-3-030-32101-7_16
Research focus
Safety and Security
Download .bib
Download .bib
Published by
Timon Hackenjos