Harvesting High Value Foreign Currency Transactions from EMV Contactless Credit Cards Without the PIN
- Submitting institution
-
University of Newcastle upon Tyne
- Unit of assessment
- 11 - Computer Science and Informatics
- Output identifier
- 206086-120018-1292
- Type
- E - Conference contribution
- DOI
-
10.1145/2660267.2660312
- Title of conference / published proceedings
- 21st ACM Conference on Computer and Communications Security (CCS)
- First page
- 716
- Volume
- -
- Issue
- -
- ISSN
- -
- Open access status
- -
- Month of publication
- November
- Year of publication
- 2014
- URL
-
http://dx.doi.org/10.1145/2660267.2660312
- Supplementary information
-
-
- Request cross-referral to
- -
- Output has been delayed by COVID-19
- No
- COVID-19 affected output statement
- -
- Forensic science
- No
- Criminology
- No
- Interdisciplinary
- No
- Number of additional authors
-
4
- Research group(s)
-
A - Advanced Model-Based Engineering and Reasoning (AMBER)
- Citation count
- 9
- Proposed double-weighted
- No
- Reserve for an output with double weighting
- No
- Additional information
- By utilising formal proof techniques, this paper - published in the premier security conference (ACM CCS, Google Scholar) - identified practically exploitable vulnerabilities in the world's most commonly used contactless credit card protocol. The work was disclosed to all major credit card issuers prior to publication, and these interactions led to: contracted involvement in the formal verification of the EMV2.0 protocol (£25K, EMVCo LLC, 2017); an Innovate UK project; and NCSC PhD scholarship. The first author is now CTO in Maxa Group (security of contactless payments). The work was featured in BBC News/Breakfast (https://www.bbc.com/news/uk-england-tyne-29862080) and many other media venues world-wide.
- Author contribution statement
- -
- Non-English
- No
- English abstract
- -