Designing and proving an EMV-compliant payment protocol for mobile devices
Véronique Cortier, Alicia Filipiak, Jan Florent, Said Gharout, and Jacques Traoré. Designing and proving an EMV-compliant payment protocol for mobile devices. In Proceedings of the 2nd IEEE European Symposium on Security and Privacy (EuroS&P'17), pp. 467–480, IEEE Computer Society, Paris, France, April 2017.
Download
Abstract
We devise a payment protocol that can be securely used on mobile devices, even infected by malicious applications. Our protocol only requires a light use of Secure Elements, which significantly simplify certification procedures and protocol maintenance. It is also fully compatible with the EMV SDA protocol and allows off-line payments for the users.
We provide a formal model and full security proofs of our protocol using the TAMARIN prover.
BibTeX
@InProceedings{CFTG-EuroSPO17,
author = {V\'eronique Cortier and Alicia Filipiak and Jan
Florent and Said Gharout and Jacques Traor{\'e}},
title = {Designing and proving an EMV-compliant payment
protocol for mobile devices},
year = 2017,
abstract = {We devise a payment protocol that can be securely
used on mobile devices, even infected by malicious
applications. Our protocol only requires a light use
of Secure Elements, which significantly simplify
certification procedures and protocol
maintenance. It is also fully compatible with the
EMV SDA protocol and allows off-line payments for
the users. \par We provide a formal model and full
security proofs of our protocol using the TAMARIN
prover.},
address = {Paris, France},
booktitle = {{P}roceedings of the 2nd IEEE European Symposium on
Security and Privacy (EuroS\&P'17)},
pages = {467--480},
month = apr,
publisher = {IEEE Computer Society},
acronym = {{EuroSP}'17},
nmonth = 4,
={https://members.loria.fr/VCortier/files/Papers/euroSP17.pdf}
}