Security Analysis and Implementation of Relay-Resistant Contactless Payments
- Submitting institution
-
The University of Surrey
- Unit of assessment
- 11 - Computer Science and Informatics
- Output identifier
- 9023839_3
- Type
- E - Conference contribution
- DOI
-
10.1145/3372297.3417235
- Title of conference / published proceedings
- 27th ACM Conference on Computer and Communications Security
- First page
- 879
- Volume
- -
- Issue
- -
- ISSN
- -
- Open access status
- -
- Month of publication
- -
- Year of publication
- 2020
- URL
-
-
- Supplementary information
-
-
- Request cross-referral to
- -
- Output has been delayed by COVID-19
- No
- COVID-19 affected output statement
- -
- Forensic science
- No
- Criminology
- No
- Interdisciplinary
- No
- Number of additional authors
-
-
- Research group(s)
-
-
- Citation count
- -
- Proposed double-weighted
- No
- Reserve for an output with double weighting
- No
- Additional information
- We produced the first implementation of Mastercard’s relay-protected contactless payments, and of an enhancement secure even with corrupted payment-terminals (a proposal by us at FinancialCrypto2019). We showed both to be practical, as well as yielded the first machine-checked proofs for relay-resistance even when payment-terminals are mobile, i.e., not pinned to a cashier. Our implementation is joint with payments’ company Consult Hyperion. From this, we collaborated with Mastercard and Visa, and combined their contactless-payments designs for provably improved relay-security. This is part of UK-RISE’s "TimeTrust" project, where we work with HP Labs, Consult Hyperion, Visa, Mastercard, to improve payments’ security standards.
- Author contribution statement
- -
- Non-English
- No
- English abstract
- -