New Security Protocols for Offline Point-of-Sale Machines

From LRDE

Revision as of 23:22, 12 December 2022 by Bot (talk | contribs) (Created page with "{{Publication | published = true | date = 2022-01-01 | authors = Nour El Madhoun, Emmanuel Bertin, Mohamad Badra, Guy Pujolle | booktitle = The 36th International Conference o...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Authors
Nour El Madhoun, Emmanuel Bertin, Mohamad Badra, Guy Pujolle
Where
The 36th International Conference on Advanced Information Networking and Applications (AINA-2022)
Type
inproceedings
Date
2022-01-01

Abstract

EMV (Europay MasterCard Visa) is the protocol implemented to secure the communication, between a client's payment device and a Point-of-Sale machine, during a contact or an NFC (Near Field Communication) purchase transaction. In several studies, researchers have analyzed the operation of this protocol in order to verify its safety: unfortunatelythey have identified two security vulnerabilities that lead to multiple attacks and dangerous risks threatening both clients and merchants. In this paper, we are interested in proposing new security solutions that aim to overcome the two dangerous EMV vulnerabilities. Our solutions address the case of Point-of-Sale machines that do not have access to the banking network and are therefore in the "offline" connectivity mode. We verify the accuracy of our proposals by using the Scyther security verification tool.


Bibtex (lrde.bib)

@InProceedings{	  el-madhoun.22.aina,
  author	= {El Madhoun, Nour and Bertin, Emmanuel and Badra, Mohamad
		  and Pujolle, Guy},
  booktitle	= {The 36th International Conference on Advanced Information
		  Networking and Applications (AINA-2022)},
  title		= {New Security Protocols for Offline Point-of-Sale
		  Machines},
  year		= {2022},
  abstract	= {EMV (Europay MasterCard Visa) is the protocol implemented
		  to secure the communication, between a client's payment
		  device and a Point-of-Sale machine, during a contact or an
		  NFC (Near Field Communication) purchase transaction. In
		  several studies, researchers have analyzed the operation of
		  this protocol in order to verify its safety: unfortunately,
		  they have identified two security vulnerabilities that lead
		  to multiple attacks and dangerous risks threatening both
		  clients and merchants. In this paper, we are interested in
		  proposing new security solutions that aim to overcome the
		  two dangerous EMV vulnerabilities. Our solutions address
		  the case of Point-of-Sale machines that do not have access
		  to the banking network and are therefore in the "offline"
		  connectivity mode. We verify the accuracy of our proposals
		  by using the Scyther security verification tool.},
  doi		= {FIXME}
}





Retrieved from "https://www.lrde.epita.fr/index.php?title=Publications/el-madhoun.22.aina&oldid=128186"