Be Prepared: The EMV Preplay Attack

Mike Bond, Marios O. Choudary, Steven J. Murdoch, Sergei Skorobogatov, Ross Anderson

Research output: Contribution to journalArticlepeer-review


The leading system for smart card-based payments worldwide, EMV (which stands for Europay, MasterCard, and Visa), is widely deployed in Europe and is starting to be introduced in the US as well. Despite this wide deployment, a series of significant vulnerabilities make EMV vulnerable to the preplay attack. Specifically, weak and defective random number generators and various protocol failures leave the system open to fraud at scale.
Original languageEnglish
Pages (from-to)56-64
Number of pages9
JournalIEEE Security and Privacy
Issue number2
Publication statusPublished - 14 Apr 2015


Dive into the research topics of 'Be Prepared: The EMV Preplay Attack'. Together they form a unique fingerprint.

Cite this