Be Prepared: The EMV Preplay Attack

Mike Bond; Marios O. Choudary; Steven J. Murdoch; Sergei Skorobogatov; Ross Anderson

doi:10.1109/MSP.2015.24

Be Prepared: The EMV Preplay Attack

Mike Bond, Marios O. Choudary, Steven J. Murdoch, Sergei Skorobogatov, Ross Anderson

Research output: Contribution to journal › Article › peer-review

Abstract

The leading system for smart card-based payments worldwide, EMV (which stands for Europay, MasterCard, and Visa), is widely deployed in Europe and is starting to be introduced in the US as well. Despite this wide deployment, a series of significant vulnerabilities make EMV vulnerable to the preplay attack. Specifically, weak and defective random number generators and various protocol failures leave the system open to fraud at scale.

Original language	English
Pages (from-to)	56-64
Number of pages	9
Journal	IEEE Security and Privacy
Volume	13
Issue number	2
DOIs	https://doi.org/10.1109/MSP.2015.24
Publication status	Published - 14 Apr 2015

Access to Document

10.1109/MSP.2015.24Licence: All Rights Reserved

https://ieeexplore.ieee.org/document/7085649Licence: All Rights Reserved

Cite this

@article{8cc39ea281b9493c9cfaedf64a1644d7,

title = "Be Prepared: The EMV Preplay Attack",

abstract = "The leading system for smart card-based payments worldwide, EMV (which stands for Europay, MasterCard, and Visa), is widely deployed in Europe and is starting to be introduced in the US as well. Despite this wide deployment, a series of significant vulnerabilities make EMV vulnerable to the preplay attack. Specifically, weak and defective random number generators and various protocol failures leave the system open to fraud at scale.",

author = "Mike Bond and Choudary, {Marios O.} and Murdoch, {Steven J.} and Sergei Skorobogatov and Ross Anderson",

year = "2015",

month = apr,

day = "14",

doi = "10.1109/MSP.2015.24",

language = "English",

volume = "13",

pages = "56--64",

journal = "IEEE Security and Privacy",

issn = "1540-7993",

publisher = " Institute of Electrical and Electronics Engineers ",

number = "2",

}

TY - JOUR

T1 - Be Prepared: The EMV Preplay Attack

AU - Bond, Mike

AU - Choudary, Marios O.

AU - Murdoch, Steven J.

AU - Skorobogatov, Sergei

AU - Anderson, Ross

PY - 2015/4/14

Y1 - 2015/4/14

N2 - The leading system for smart card-based payments worldwide, EMV (which stands for Europay, MasterCard, and Visa), is widely deployed in Europe and is starting to be introduced in the US as well. Despite this wide deployment, a series of significant vulnerabilities make EMV vulnerable to the preplay attack. Specifically, weak and defective random number generators and various protocol failures leave the system open to fraud at scale.

AB - The leading system for smart card-based payments worldwide, EMV (which stands for Europay, MasterCard, and Visa), is widely deployed in Europe and is starting to be introduced in the US as well. Despite this wide deployment, a series of significant vulnerabilities make EMV vulnerable to the preplay attack. Specifically, weak and defective random number generators and various protocol failures leave the system open to fraud at scale.

U2 - 10.1109/MSP.2015.24

DO - 10.1109/MSP.2015.24

M3 - Article

VL - 13

SP - 56

EP - 64

JO - IEEE Security and Privacy

JF - IEEE Security and Privacy

SN - 1540-7993

IS - 2

ER -

Be Prepared: The EMV Preplay Attack

Abstract

Access to Document

Fingerprint

Cite this