This document discusses security risks in EMV chip credit card transactions and proposed solutions. It begins by explaining the need to transition from magnetic stripe cards to EMV chip cards due to high fraud rates with magnetic stripe cards. Some key reasons discussed are that magnetic stripe card data is unencrypted and vulnerable to skimming and cloning attacks. EMV chip cards address these issues through technologies like static data authentication, dynamic data authentication, and cryptograms that are unique to each transaction. However, the document also notes that EMV chip technology still has some vulnerabilities and the final sections propose solutions to issues like relay attacks in EMV and security problems with near field communication based payments.

1. NORTHEASTERN UNIVERISTY
MITIGATION OF SECURITY RISKS IN EMV-CHIP CREDIT CARD TRANSACTIONS
A PAPER PRESENTED TO
DEREK BRODEUR
IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE COURSE
IA 5010 - FOUNDATION OF INFORMATION ASSURANCE
BY
DEVANSHI GOYAL
APRIL 17, 2016

2. ii
CONTENTS
CHAPTER 1. INTRODUCTION ................................................................................................... 1
CHAPTER 2. TRANSITION TO EMV-CHIP ENABLED CARDS............................................. 1
2.1 Why This Shift was Necessary?....................................................................................... 2
2.2 Technology adopted in EMV-chip enabled cards............................................................ 4
2.3 Projections........................................................................................................................ 6
2.4 Liability Shift and Its Impact ........................................................................................... 7
CHAPTER 3 PAYMENTS USING NEAR FIELD COMUNICATION ....................................... 7
3.1 What is NFC?.........................................................................................................................7
3.2 NFC-Based Payments……………………………………………………………….……...8
3.3 NFC Payment Processing Applications……………………………………………….……8
3.4 Security Techniques Implemented in NFC…………………………………………….…...9
CHAPTER 4 VULNERABILITIES IN EMV CHIP TECHNOLOGY AND SUGGESTED
SOLUTIONS…………………………………………………………………………………….11
4.1 Chip and PIN are broken……………………………………………………………….11
4.2 EMV Relay Attack…………………………………………………..............................12
4.3 SDA Card Cloning and Modification........................................................................... 113
4.4 Attacks in Hybrid Environment .................................................................................... 13
4.5 CVM Downgrade Attack ............................................................................................... 14
4.6 Pre-play Attack............................................................................................................... 14
4.7 Some More Solutions to Enhance the Overall Security in EMV Chip
Transactions………………………………………………………………………………...…15
CHAPTER 5 VULNERABILITIES IN NFC PAYMENT METHODS AND SUGGESTED
SOLUTION................................................................................................................................... 17
5.1 Eavesdropping...................................................................................................................... 17
5.2 Man-in-the-Middle Attack…………………………………………….…………………...17
5.3.Relay Attack......................................................................................................................... 17
5.4.Spoofing............................................................................................................................... 18
5.5.Data Corruption .................................................................................................................... 18
CHAPTER 6 CONCLUSION AND FUTURE GENERATION TECHNOLOGY ..................... 18
REFERENCES ............................................................................................................................. 20

3. 1
CHAPTER 1. INTRODUCTION
The security risks involved in credit card transactions is one of the biggest threats to most
business organizations today. Compromised credit cards and data breaches are dominating the
headlines from past couple of years. The credit card transaction fraud rate is growing
exponentially around the world with U.S. accounting for 47 percent of total breaches worldwide
despite the fact that it accounts for only 24 percent of total worldwide card volume. (Homes
2015).
The major reason behind these breaches was a heavy reliance on traditionally used credit
cards with a magnetic stripe which is far less secure than modern chip-and-PIN technology. The
magnetic stripe cards are activated when swiped through Electronic Data Capture (EDC)
magnetic stripe terminals. All the data stored on these cards is in an unencrypted format which
makes it very easy for the attacker to tamper with the card and obtain all the transaction related
information. Fraudsters are constantly finding new and innovative ways to create counterfeit
cards with really simple techniques. This has increased the number of payment card breaches all
over the world.
The security issues posed by magnetic stripe cards raised an urgent need for a better
technology which led to the advent of EMV chip-enabled credit cards. EMV is an electronic chip
based solution which was jointly proposed by the three major card associations – namely
Europay International SA, MasterCard and Visa (EMVTM) in 1994. Over the time, EMV has
replaced magnetic stripe in most parts of the world thereby, becoming the de facto standard in
credit/debit payments, considering the important market share held by these three associations in
the retail financial services. The basic technology involved in EMV is that the card is
authenticated by a chip which is much difficult to forge as compared to the magnetic stripe and
this chip has the ability to locally verify the identity of the card owner by the means of a
signature (Chip-and-signature) or a PIN (Chip-and-PIN). (S. J. Murdoch 2010). Since the
implementation of EMV chip-enabled cards and POS terminals, there has been a significant
decline in fraud rates offering real benefits to retailers, acquirers, card issuers and card holders.
The aim of this paper is to emphasize the need for a transition from magnetic stripe cards
to EMV chip-enabled cards and the effectiveness of EMV technology in mitigating the security
issues posed by magnetic stripe cards. Since there is always a scope for improvement; this paper
will also address the vulnerabilities in EMV and will discuss the upcoming technology of Near
Field Communication (NFC). This paper will also recommend some viable solutions to mitigate
the risk factor involved in forth discussed payment transaction methods in a cost effective
manner.
CHAPTER 2. TRANSITION TO EMV-CHIP ENABLED CARDS
Before discussing the technical details of EMV chip cards, one needs to understand why
EMV chip technology was introduced in first place. This chapter intends to highlight the flaws in

4. 2
magnetic stripe technology and data breach attacks occurred due to its use which called for utter
need of a better and more secure technology, thus, giving rise to EMV chip technology.
2.1 Why This Shift was Necessary?
2.1.1 Fraud Rates
With over 421.82 million credit cards in the world in 2015, there is an ever
increasing need for security in payment transaction methods. According to Nilson Report,
July 2015, total credit card and debit card fraud amounted to $16.31 billion during 2014.
The USA was on top of the list of affected countries with over 41% of the total
cardholders affected by card fraud incidents. The major reason behind these breaches was
large scale prevalence of magnetic stripe cards in the USA and slow adoption of EMV
chip cards. (John n.d.).
2.1.2 Exploiting the vulnerabilities in magnetic stripe cards
The magnetic stripe is made up of tiny iron-based magnetic particles
which can be magnetized in either north pole or south pole in order to write
credentials on the card. These credentials (PAN, cardholder’s name, expiry date,
CVV) is present in unencrypted format and is vulnerable to theft and counterfeit
attacks. There is no method to verify the identity of the card owner. This led to the
exploitation of magnetic stripe cards thereby causing huge frauds worldwide.
Some of the techniques used by fraudsters to create counterfeit cards are listed
below:
 Brute Force attack: The researchers at CAPEC analysed that data stored
on the magnetic stripe of the credit card is unencrypted and careful
analysis of two or more cards can determine where the changes are taking
place and, therefore, can yield the card structure. The attackers, by using
this structure can generate new cards with valid sequences, thereby,
gaining unauthorized access. (CAPEC 2015).
 Skimming: Three researchers at Tata Consultancy Services described the
process of skimming as electronically copying the data of one credit card
onto another simply by using a battery-operated electronic magnetic card
reader. This device is used to get hold of customer’s card details which
can be further used for card-not-present (CNP) transactions by fraudsters.
(Bhatla 2003).
 White plastic: A white plastic is a card-size piece of plastic which can be
encoded with legitimate magnetic stripe data for illegal transactions.
Fraudsters can use these duplicated cards are POS terminals where
validation or verification is not required (for example, petrol pumps and
ATM).
The magnetic strip transaction architecture is well depicted in the diagram below.
We can clearly infer that the card is prone to attack at almost every step of transaction.
On careful analysis of the complete transaction process, it is very easy to attack a
magnetic stripe card. Such detailed explanation of its working is out of the scope of this
paper.

5. 3
Figure 1- “Magnetic stripe transaction Framework”
Source: (Guy n.d.)
2.1.3 Case Study – Target Data Breach Attack
On December 19th, 2013, Target Corporation was hit by a massive data breach
attack which exposed 130 million credit card and debit card accounts of its customers.
About 1797 stores in USA and 124 in Canada and some stores in Russia and Brazil were
attacked. The stolen information included customer name, credit card and debit card
account numbers, expiration date, CVV (card verification rules), phone number, email
addresses and mailing address. The main reason behind the attack was a lack of security
on point-of-sale (POS) terminals used in Target stores and magnetic stripe cards.
(Michael 2015).
Attack anatomy
Attackers gained access to Target’s network by stealing network login credentials
from an HVAC company- Fazio mechanical Services that works for Target. They logged
into the network and uploaded a malware program – Trojan.POSRAM on organization’s
POS terminals. This malware had a “RAM-scraping” portion which stole the data from
the POS terminal lacking internet connectivity when the card was swiped. Attackers took
advantage of the unencrypted information present on the magnetic stripe cards thus
making it vulnerable to attacks. (Michael 2015).
2.1.4 Why EMV technology is more secure
An EMV chip card contains an electronic chip which create unique codes for each
transaction. As a result, the stolen chip information from a specific POS terminal or
typical card duplication would be useless. A transaction-unique cryptogram secures
payment transactions by authenticating during online transactions thereby safeguarding
cardholders, card issuers, and merchants against frauds. Also, a transaction-unique digital
signature authenticates the card during offline transactions, hence preventing creation and
usage of fraudulent payment cards. A common certified standard for processing
transactions ensures global interoperability. Hence. All these features lead to enhanced
security in EMV chip technology. (Alliance, Smart Card 2012).

6. 4
2.2 Technology Adopted in EMV-Chip Enabled Cards
EMV specifications follow ISO / IEC 7816 series of standards for contact cards. EMV
chip specifications are the subset of the above series of standards. The ISO / IEC 7816-3 specify
the interaction between the card and the terminal. (CardLogix Corporation 2010).The steps
involved in an EMV transaction are discussed as follows:
2.2.1 Read Application Data
The POS terminal requests all information from the card required to process the
transaction. There are three types of card interface – contact cards and readers,
contactless card and readers and a dual interface supporting both these interfaces. (Fiserv
Inc. 2010).
2.2.2 Card Authentication
This step confirms that the card is legitimate through online or offline
authentication processes. Online authentication is carried out by the issuer whereas
offline is done at the POS terminal using RSA public key cryptography. In online
authentication, issuer decides whether to validate the card on their own or allow the card
brands to do it on their behalf. In offline authentication, one of the three techniques –
Static Data Authentication (SDA), Dynamic Data Authentication (DDA), Combined
DDA/Application Cryptogram Generation (CDA) is supported. The issuer must support
public key infrastructure for carrying out offline authentication. SDA, DDA, and CDA as
explained by researchers at Cryptomathic is as follows:
 Static Data Authentication (SDA)
The purpose of SDA is to confirm that the data placed onto the card
chip has not been altered. RSA signature is the most basic layer of crypto
which authenticates the payment card itself when it is used at the ATM or
POS terminal. In SDA, there is a static cryptogram (signed static
application data) placed onto the chip during production. The private key
of the issuer’s RSA key pair is used to sign the application data on the
card. “When this card is inserted into the terminal, it sends this static
cryptogram, the CA index, and the issuer certificate to the terminal. The
terminal performs the public key authentication of the cryptogram.”
Verification is performed by comparing the issuer’s certificate and the
digital signature with the application data on the card. If this is successful,
then it means that the card is unaltered. However, SDA implementation is
vulnerable to skimming and various other attacks which are discussed later
in this paper. (Cryptomathic 2013).

7. 5
Figure 2 - SDA Process Source: (Guy n.d.).
 Dynamic Data Authentication (DDA)
A DDA implemented chip cards are capable of performing public key
cryptographic processing. Every smart card possesses a card-unique RSA
key which signs dynamic data and is unique to a particular transaction for
validation at the POS terminal. The terminal, on receiving the card data,
performs a public key authentication of the dynamic cryptogram. It does
so by verifying the issuer certificate, smart card certificate, and the signed
dynamic application data. DDA is a better authentication technique than
SDA as it is not feasible to obtain the private key on a chip card simply by
reading the card and it also protects against skimming. (Cryptomathic
2013).
 Combined Dynamic Data Authentication/Application Cryptogram
Generation (CDA)
CDA is a variation of DDA wherein it not only authenticates the
validity of the card but also authorizes the transaction process. Similar to
DDA, the card must be capable of performing RSA cryptographic
processing. The initial process is same as DDA but in addition to that,
during card action analysis, a second dynamic signature is generated by
the card which is verified by the terminal using RSA cryptography. This
authenticates the card as well as authorizes the transaction. CDA basically
covers the weaknesses of SDA and DDA which may be exploited for
criminal purposes. (Cotignac 2008).

8. 6
Figure 3 - DDA/CDA
Source: (Cryptomathic 2013).
2.2.3 Card Verification
The POS terminal verifies that the person presenting the card is a legitimate card
holder. There are four methods supported by EMV to verify the identity of the
cardholder:
a) Offline PIN
b) Online PIN
c) Signature
d) No Cardholder Verification Method (CVM)
2.2.4 Transaction Authorization
The POS terminal confirms that the cardholder’s account has enough fund to
process the transaction. EMV transactions can be authorized either online or offline
depending on merchant’s preference and situation. Mostly, online authorization is
preferred. When an EMV chip card is programmed, it can be configured to permit both
offline and online methods described as follows: (Host Merchant Services 2014).
a) Online Authorization: The transaction data and unique cryptogram are sent
to the card issuer and the issuer then verifies the transaction and chooses to
accept or decline it.
b) Offline Authorization: This method is used when POS terminal lacks internet
connectivity. It is generally not preferred but is a faster method of
authorization because it does not involve sending transaction data to a third
party. Authorization is done by terminal and card itself based on certain risk
parameters and a decision is taken whether to accept or decline the
transaction.
2.3 Projections
EMV has helped to significantly reduce the payment card fraud rates in all the countries
who have adopted this technology. According to Gemalto’s latest findings of Breach Level
Index, by 2012, 45% of the world’s payment cards and 76% of POS terminals were equipped
with EMV chip-and-PIN technology. Over 75 countries are transitioning from magnetic stripe

9. 7
cards to EMV chip smart cards. Here are some key takeaways of the EMV chip migration and its
impact in various countries around the world:
1. In the United Kingdom, there is a 56% reduction in counterfeit fraud rate since the
country rolled out EMV chip cards in 2005.
2. Australia saw 38% reduction in credit card fraud rate since its adoption of EMV in
2008.
3. Canada too adopted EMV in 2008 and there was 49% reduction in counterfeit fraud.
Also, the losses from skimming were brought down from C$142 million ($129
million) in 2009 to C$38.5 million in 2012.
4. USA is one of the last developed countries migrating to EMV chip card technology.
This is the reason that card fraud rates are on the rise in the United States. Around
31.8 million U.S. credit card holders were affected by fraud attacks in 2013.
However, a total of more than 570 million new chip-enabled cards are in circulation
in the United States. Migration of 1.2 billion cards and 8 million POS terminals is in
progress, to meet the EMV specifications and standards. (Homes 2015).
2.4 Liability Shift and Its Impact
Beginning October 2015, EMV fraud “liability shifts” are implemented on some U.S.
payment networks which states that in case of any fraudulent transactions from lost, stolen or
counterfeit cards created from the magnetic stripe on chip cards, if the merchant or acquirer has
not implemented EMV enabled chip devices and if they do not use EMV applications to process
the payment transactions then the sole responsibility of the fraud will be borne by these
merchants/acquirers. This rule is valid only on Card Present Transactions and not CNP
transactions. Also, the cost of deploying the EMV enabled POS terminals has to be borne by
merchants and acquirers. The implementation of EMV in U.S. was initially slow due to lack of
clarity among merchants, card issuers, acquirers and processors about the policies of the liability
shift framework. However, the implementation process is speeding up now as it is expected that
by October 2017, the United States will be completely equipped with EMV chip-enabled cards
and devices. ( EMV Migration Forum 2015).
CHAPTER 3 PAYMENTS USING NEAR FIELD COMUNICATION
3.1 What is NFC?
Near Field Communication (NFC) is a set of short-range wireless communication
standards which has evolved from the Radio Frequency Identification (RFID) technology. It
involves two NFC-enabled devices such as two smartphones or a smartphone and an NFC-
enabled terminal (ex. ViVOPay 4500) which can read the data on the NFC chip in the
smartphone. The range of communication is as short as 4 inches (in practicality, it is only 4cm).
However, this short range provides security benefits in payment processes via NFC. Two NFC-
enabled communicating devices can exchange information with each other via a simple tap or
wave. The NFC chip works on very low power as compared to Bluetooth device and also
provides two-way communication, unlike RFID’s one-way reading technology.

10. 8
NFC is slowly becoming the latest mode of payment transactions with POS terminals
having the capability to read NFC chips in devices. Google, Apple, BlackBerry, and HTC have
equipped their smart phones and watches (Apple watch) to support NFC and various applications
have been launched to process the transactions. A great example to depict the ease of paying
using NFC was seen at Intel Developer Forum (IDF) in San Francisco wherein when a
smartphone was tapped onto the laptop; it logged into a site and paid for an online purchase
thereby avoiding any filling up of forms.
3.2 NFC-Based Payments
1. Using Credit Cards or Debit Cards: Contactless payments can be processed via
waving or tapping an EMV chip credit card up to an NFC-enabled POS terminal.
(Smart Card Alliance n.d.). An NFC-enable terminal will have a logo on it as
shown it the figure below:
Figure 4 NFC logo printed on an NFC-enables POS terminal
Source: (world 2013)
2. Using Smartphones: An NFC-enabled smartphone acts almost like a standard
contactless smart card and can be easily used for making transactions. There are
various Android and iOS applications which enables the user to user their
smartphone as a payment device. The users simply need to tap or wave their
smartphone on the POS terminal and enter the PIN or present biometric feature
for authentication. Applications such as Google Wallet, Apple Pay, Android Pay,
and Samsung Pay have provided an alternative for credit cards. They are
discussed in detail in the following section:
 Technological Overview: NFC works using magnetic field induction to
enable communication between two electronic devices. An NFC-enabled
smartphone has a built-in NFC chip with a coil in it. The POS terminal
which is also capable of reading NFC chips creates a magnetic field.
When the distance between these two talking devices is up to 4 cm, then
the radio waves carrying signals are communicated between them which
allows a two-way communication. Transaction is authorized by entering a
PIN or by biometric verification. (Kumar 2011).
3.3 NFC Payment Processing Applications
1. Google Wallet: Author Megan Geuss at Ars Technica nicely explains Google
Wallet as an open platform application plus an android application which
facilitates NFC-based payment between a smartphone and NFC-enabled POS
terminal. Through Google wallet app, you can store and use your credit cards,
debit cards as virtual cards on your smartphone. You just need to tap your phone
up to a card reader and it will authenticate your card information via a 4-digit PIN
and process the payment. Google Wallet also provides prepaid cards which you

11. 9
can use exactly like your credit cards. Google Wallet is secured as it relies on
Host Card Emulation (HCE) technology. (Megan 2014).
2. Apple Pay: With Apple Pay, customers can securely and easily pay using their
iPhones, iPads or Apple watches. Apple Pay is a contactless payment technology
which uses NFC to process transactions. When you upload your card image on
your Apple device, it is sent to Apple servers in encrypted form. Apple decrypts
it, determines the card’s payment network and re-encrypt and send it to your
bank. Bank will authorize the card and generate a device specific Device Account
Number, encrypt and send it along with other information to Apple. Apple will
then store all this information on your Apple device’s Secure Element (a chip
which is isolated from the rest of iOS). In this way, no information is stored on
Apple’s servers or your device. Apple Pay authenticates payment using Touch ID.
(Apple Inc. 2016).
3. Android Pay: Google Wallet introduced Android Pay as an upgraded version of
the Wallet comprising better comprehensive features. Technology reporter Elyse
Betters explains that it works with NFC-enabled Android devices supporting
version 4.4 (KitKat) or higher. It creates virtual cards by storing user’s credit card
or debit card details. These virtual cards can be used in for payment transactions
thereby eliminating the need for physical cards. Android pay is secured
application as it uses HCE in conjunction with tokenization (both of these
concepts are discussed later in this paper) for payment processing. (Elyse 2016).
4. Samsung Pay: Samsung Pay is yet another NFC-based payment processing
Android application built by Samsung. It currently works with Samsung S6, S6
Edge, Edge+ and Note 5 phones. This app can be used at traditional card readers
as well which only supports magnetic stripe cards. This is possible due to
Magnetic Secure Technology (MST) built into this app which emits magnetic
signals similar to magnetic stripe cards. Samsung pay authenticates transaction
via biometric verification (fingerprint scan). Similar to Apple pay, this app also
uses Secure Element to store static card credentials. It also uses tokenization and
has support for HCE. Samsung Pay provided ARMTrustZne to further protect
user’s transactions. (Bohn 2015).
Table 1 - Examples of U.S. Contactless Payment Offerings (Current and Announced) Using NFC
Source: (A SMART CARD ALLIANCE MOBILE AND NFC COUNCIL 2015).
Offering Technology Used in U.S. Contactless
Payment9
Dual-interface chip card EMV chip card with both contact and
contactless interfaces
Apple Pay™ NFC, secure element, tokenization
Android Pay NFC, Host Card Emulation, tokenization
Samsung Pay™ NFC, Host Card Emulation, Magnetic Secure
Transmission, tokenization

12. 10
3.4 Security techniques Implemented in NFC
NFC based payments are made secure by implementing technologies as discussed below:
1. Authentication: All NFC payment applications use some form of authentication
before processing the transaction. Common authentication methods are PIN
number, pattern or biometrics. Apple Pay requires Touch ID whereas Apple
Watch requires you to enter a PIN to authorize Apple Pay. In addition, the watch
must be in constant skin contact to authorize payment. Similarly, Google Wallet,
Android Pay, and Samsung pay too requires authentication methods as already
discussed above.
2. Secure Element: Secure Element (SE) is a tamper-resistant hardware module
which resides in highly secure crypto chips embedded in phone’s hardware or
SIM/UICC card or SD card. Access to its interface is restricted and protected via
strong encryption. It has limited memory for all the applications it stores and
various other functions such as encryption, decryption etc. NFC itself is not
involved in the payment transaction. It is the software program in the form of
payment application or applet stored in SE which emulates the contactless card.
Applications like Apple Pay and Samsung pay makes use of SE to store the credit
card data. The process how SE is used by Apple pay has been discussed above.
Host-based Card Emulation (HCE) is an alternative to Secure Element. However,
the same device can possess both the technologies. This conjunction is discussed
in the following topic. (Ganeshji, Mobile Payments: What is a Secure Element?
2014)
3. Host-based card Emulation (HCE): HCE is another card emulation technology
which overcomes the limited memory and slow processing power limitation of
Secure Element. Unlike SE, HCE directly interacts with the host CPU. If HCE is
deployed in transaction processing, then the NFC controller routes all the data to
the host CPU instead of SE. Since host CPU is highly insecure to store card
credential information, it moves all the data to a hosted cloud environment
thereby allowing a secure storage and processing environment. This cloud
database is maintained with high-security standards. The limitation of using HCE
is all time need for data connection and security. HCE is usually used in
combination with tokenization which adds an extra layer of security. The strength
of HCE lies in temporary keys, tokens, device authentication via biometric
verification or PIN and transaction risk analysis. (Ganeshji, Mobile Payments:
What is HCE? 2014).
 Co-existence of HCE with Secure Element:
Both Secure Element and HCE can reside in the same device. This is
based on the principle of “AID routing”. NFC controller maintains a
routing table consisting of some routing rules. Each rule has an AID
(application ID) and destination. The destination can either be host CPU or
Secure Element. Depending upon the AID selected (either x or y), the data
packet (called APDU) is routed to the destination associated with the
selected AID. Routing tables are automatically configured by Android.
(Android n.d.)

13. 11
Figure 5- Both HCE and SE are incorporated in the same device
Source: (Android n.d.)
4. Tokenization: “EMVCo.Payment Tokenization Specification” describes
technical specifications for creating tokens. According to this report, a token is a
random sequence of numbers which substitute credit card’s original 16-digit
PAN- Primary Account Number. Tokens are also called as Pseudo-PAN. Use of
tokens eliminates the exposure of credit card credentials to the retailer thereby
reducing the risk of creating a counterfeit card. Original PAN is passed through
Token Service Provided (TSP) to generate tokens which are then delivered to the
mobile app and used with HCE. To process the transaction, TSP is used to revert
token into original PAN. A token can only be reverse engineered to reveal
original PAN by the issuer possessing correct decryption key Different tokens are
created for different users and they can single use or multi-use tokens. The last
four digits of original PAN are not tokenized so that the issuer can identify the
customer in case of return or loyalty program. The security provided by
tokenization lies in the fact that a compromised token has no value. Usually,
tokenization is used along with HCE or Secure Element. (Pannifer Steve 2014).
CHAPTER 4 VULNERABILITIES IN EMV CHIP TECHNOLOGY AND SUGGESTED
SOLUTIONS
4.1 Chip and PIN are broken:
Computer researchers Steven Murdoch, Saar Drimer, Mike Bond and Ross Anderson at
Cambridge University, UK demonstrate a man-in-the-middle attack which can allow an attacker
to use a stolen Chip and PIN card without knowing the PIN.Chip and PIN protocol have
cardholder verification step wherein a negotiation is performed between the card and terminal to
establish which authentication sub-protocol to use – PIN verification, signature verification or no
verification at all. However, according to Cambridge University researchers, “PIN verification
step is never explicitly authenticated”. By using a simple man-in-the –middle device, you can
intercept and modify the communications between the card and terminal thereby making it think

14. 12
that it is performing PIN verification whereas the card will think it is performing Signature
verification. As a result, any PIN (ex. 0000) entered into the terminal will successfully process
the transaction and the receipt so printed will say “Verified by PIN”. The PIN is never sent to the
card, so the PIN retry counter remains as it is. In all this process, card thinks that terminal does
not support PIN verification and has used signature verification. Attacks work well with both
offline and online terminals. This attack cannot be performed at ATM’s or with canceled cards.
Suggested Solution: One possible solution as suggested by Murdoch and his fellow researchers
is for the terminal to parse the IAD (Issuer application data) containing PIN verification result.
This method is effective for online transactions and offline ones if CDA implemented cards are
used. A man-in-the-middle device can tamper with the IAD because it is returned by the card.
IAD is meant for the issuer and can be implemented in several formats. So, banks and terminal
vendors need to come together to act on this issue. (Steven J. Murdoch 2010).
4.2 EMV Relay Attack
An attacker can perform fraudulent transactions using a card with a fake chip. In this
attack, a genuine card can be “relayed” on a faulty POS terminal to perform a legitimate
transaction on another POS terminal present at a different location, thereby making it accept a
counterfeit card. The Chip and PIN relay attack was demonstrated by Cambridge University
computer researchers Saar Drimer and Steven J. Murdoch in 2007. They demonstrated that when
a genuine EMV chip card is inserted into a fake terminal (attacker’s terminal), the information on
the card (PIN) is relayed to the attacker’s accomplice possessing a counterfeit card and present at
another location in any part of the world. This accomplice inserts her card into the merchant’s
genuine POS terminal and enters the relayed PIN. The transaction is approved. Hence, the attack
is successful. To the bank, the transaction appears to be legitimate as correct PIN was entered.
Thus, relay attacks are super hard to detect. This attack works well not only with SDA cards
where information between card and terminal in unencrypted but also with DDA cards because
encryption only prevents reading and modification to data, whereas the attackers just need to
relay data to his accomplice without altering it. The main reason why this attack works is
customer’s trust on the integrity of merchant’s POS terminal and merchant’s ignorance to verify
customer’s card. (Murdoch 2007).
Suggested Solution: EMV relay attack can be prevented in several ways as discussed below:
1. Identification of fake cards by merchants:
 Check hologram and embossing on the card and insert the card into the reader
themselves. Usually, a relay card is a wired card but if the merchant is handling
the card insertion process then the attacker will be required to create a wireless
prototype of relay card.
 Cross-check the PAN on receipt and card if they match or not.
2. Calculating the communication time between card and terminal by the bank: If the
communication time between the card reader and the payment card is longer than the
usual then, banks can suspect a relay attack.
3. Inventing new devices to avoid entering PIN into merchant’s terminal: If customers can
enter their PIN into a device they control rather than the merchant then relay attacks can
be avoided to a greater extent. Such a device would also display the transaction value
before the payment is processed.

15. 13
4.3 SDA Card Cloning and Modification
Static Data Authentication (SDA) implementation of Card Authorization Methods
(CAMs) is vulnerable to cloning as an SDA implementation does not contain cryptograms and
the information on the card is same for all transactions. It is, therefore, possible to clone SDA
cards but there is one more requirement to be fulfilled. The POS terminal should be “offline”. An
offline terminal validates the card solely by the information on the card whereas in “online”
terminal, the card is validated by sending the information to the issuer bank. Since the PIN
verification is also performed by the card; counterfeit card can be programmed to accept any PIN
thereby making it a “Yes” card. Thus, two conditions need to be met – SDA card (BIN- specific)
and offline terminal to exploit the vulnerability. (J. 2007).
Suggested Solution: Use DDA or CDA implementation of CAM. In these implementations, the
card chip contains a cryptogram and the information on the card changes for every transaction.
Hence, it is not possible to clone a DDA or CDA implemented card.
4.4 Attacks in Hybrid Environment
a) Magnetic stripe fallback mechanism: Countries all over the world are in migrating phase
to EMV technology. Some countries including parts of USA still support old magnetic
stripe cards. Due to this EMV chip cards still have a magnetic stripe to make the card
usable at older POS terminals or in situations where the chip is damaged or if the card is
used abroad in countries which have not fully migrated to EMV chip technology. As a
result, attackers leverage the vulnerabilities in EMV technology and magnetic stripe cards
to carry out cross-border attacks. When an EMV card is inserted into the card reader. The
data between card and terminal is sent in clear text. Also, the data between the terminal
and acquiring bank is sent unencrypted. Man-in-the-middle attack at any of these
positions can be performed to create fake magnetic stripe cards. These fake cards can be
used at POS terminals in regions which are yet to migrate to EMV credit cards.
(Ogundele 2012).
Suggested Solution The solutions to this issue are very straightforward:
 Stop producing hybrid cards (EMV chip cards having magnetic stripe at the back)
 Complete migration to EMV technology all over the world.
 Installation of EMV chip card readers at major retail outlets.
b) Replay attack: In October 2014, 3 financial institutions reported huge fraudulent credit
and debit card transactions coming from Brazil. Many of the compromised accounts were
those involved in Home Depot breach that occurred recently that time. All these
transactions were strangely carried out via Visa and MasterCard’s network as chip-
enabled transactions. However, the banks involved had not issued chip-enabled cards to
their customers. A similar breach occurred in Canada soon after this incident incurring
huge losses to banks involved. Fraud analysts at Gartner Inc. suspected a “replay” attack
wherein attackers can copy the data on magnetic stripe card to create fake EMV chip
cards. Let’s discuss how replay attack is carried out:
Replay attack does not break the EMV protocol to carry out the attack rather simply
leverage the implementation flaw in the EMV protocol. A hybrid card can be used to
perform cross-border fraud when either the chip on the card is damaged or the POS
terminal is not EMV-chip enabled. With a skimmer installed on POS terminal, fraudulent
merchants can record all the cardholder information including his PIN to generate

16. 14
counterfeit EMV-chip cards. These cards are programmed to say “yes” to PIN
verification request even if the PIN is not entered. Usually, these fake cards are SDA
implemented and used at offline terminals to successfully process the transaction. The
know-how of this technique has already been discussed in previous sections. Attackers
take the overhead of pushing magnetic stripe data onto a chip card because they know
that banks do not check the cryptogram and dynamic counter code in an EMV transaction
and they simply authorize the transaction. (Brian 2014).
4.5 CVM Downgrade Attack
A CVM list is signed and used in Offline Data Authentication. It is believed to be
tamperproof and PIN can be harvested only is CMV method chosen by the terminal is ‘Plaintext
PIN verification performed by ICC’ “The Action Codes are data elements used to specify
policies for accepting or rejecting transactions, there are two types of Action Codes: Issuer
Action Codes (published by the card) and Terminal Action Codes (set by the terminal).
Additionally, there are three flavours of Action Codes: Denial, Online, and Default. The Online
Action Codes specify which failure conditions trigger online transactions. “In CVM downgrade
attack, POS terminal can be interfered with to manipulate Action Codes so that making changes
in CVM list would not result in offline rejection. As a result, CVM list is modified to select
‘Plaintext PIN verification performed by ICC’ and PIN is harvested. Despite having original
CVM List configuration, this attack works successfully with SDA and DDA cards. (Adam
Laurie 2011).
Suggested Solution: One solution to this vulnerability as suggested by researchers at Aperture
Labs would require modification to CVM list to remove the option of ‘Plaintext PIN verification
performed by ICC’ to stop CVM downgrade attacks. But this would disable transactions on SDA
cards not possessing on-line PIN verification capabilities. (Adam Laurie 2011).
4.6 Pre-play Attack
In September 2012, a person in Mallorca, Spain reported of his stolen wallet and five
ATM withdrawals totaling upto1350 Euros within the first hour of theft. Apart from this
incident, Target data breach and Neiman Marcus incidents have raised questions about the
effectiveness of EMV technology. Researchers at Cambridge University, UK studied the attack
methodology in these incidents and demonstrated a “pre-play” attack. Pre-play attack is similar
to card cloning with the only difference that it can be used in instances where cloning is
impossible. The figure gives a high-level overview of pre-play attack methodology. Pre-play
attack can be pulled off in two ways:
a) Use of weak Random number generator (RNG)
b) Manipulation of UN between terminal and bank
POS terminals generate unpredictable numbers (UNs) or nonce which are unique for each
transaction to ensure integrity. Random number generation (RNG) algorithms or counters or
timestamps are used to supply these UNs. However, the use of defective RNG makes POS
terminals vulnerable to pre-play attack which allows attackers to carry out fraudulent
transactions from counterfeit chip-enabled cards. Chip cards generate an authorization request
cryptogram (ARQC) from its secret key plus UN and transaction data supplied by POS terminal.
The POS terminal sends this ARQC, encrypted PIN and UN in PLAINTEXT to the issuing bank
for verification. At this point, pre-play attack can take place as discussed below:

17. 15
a) If an attacker can predict the UN which will be generated by a particular ATM at a
particular time in future, then the attacker can force genuine chip card to generate an
ARQC with that UN and future date and use that ARQC on fake chip cards to process
payment transactions. (Lucian 2012).
b) Researchers at University of Cambridge, UK have suggested an effective solution to pre-
play attack. They have explained the solution as discussed below:
“a man-in-the-middle device between the terminal and the bank can be used to attack a
system where the random number generation is sound. The attacker records an ARQC in
response to the nonce N and presents it to a terminal that actually generated the nonce
N0. The terminal sends the ARQC along with the transaction data and N0 to the bank; the
MITM changes N0 to N, and the transaction may well be accepted. This means that a
terminal infested with malware can debit your card not once, but multiple times, and for
arbitrary amounts.” (Bond 2014).
Suggested Solution: One workaround to prevent a pre-play attack is that unpredictable numbers
should be provided by banks instead of having them automatically generated at POS terminals.
Weak RNG algorithms generate alike numbers which are very easy to predict and carry out the
attack. Also, malware running on terminals or ATM could alter the UN choice. This solution was
suggested by researchers at Cambridge University, UK.
4.7 Some More Solutions to Enhance the Overall Security in EMV Chip Transactions
1. First Encrypt Then Tokenize: Encryption followed by provides a layered security
solution to overcome the vulnerabilities of EMV protocol thereby making it
virtually impossible to steal the cardholder data. It works in following way:
a) Customers inserts or taps (in the case of NFC-enabled POS terminal) the
EMV card onto the terminal. The card and cardholder are verified. The card
data is sent to the terminal in clear text.
b) PAN is encrypted using session encryption and sent to the payment processor.
c) Encrypted card data is received at the processor data center.
d) Now. The encrypted PAN is sent to a server (uses tokenization algorithms) for
tokenization and to the bank for authorization.
e) Multi-pay token is then received at POS terminal and is used to replace
original card data at all the places.
f) All transactions from now on will use this multi-pay token instead of original
PAN. (First Data Corporation 2012).

18. 16
Figure 6- Encryption + Tokenization Framework
Source: (First Data Corporation 2012).
2. 3-D Secure: 3-D secure protocol adds an additional layer of security in CNP
transactions. This 3-D secure protocol is offered by VISA by the name Verified
by Visa and by MasterCard by the name MasterCard SecureCode. The issuers,
vendors and networks have made some fundamental changes to the protocol to
improve the overall security in CNP transactions:
a) Migration to dynamic data: This requires the use of dynamic authentication
methods rather than static passwords which are easy to crack.
b) Putting the merchant in control: Merchants have the freedom to choose
when to invoke 3-D Secure and on which transactions.
c) Transition to risk-based authentication: This involves assessing the risk of
transactions based on data in Access Control Server and using stepped-up
authentication only on those transactions which involve high risk. Cardholders
no longer need to enrol for 3-D Secure eligibility. (Conroy 2014).
3. The Electronic Attorney: Customers can buy and insert a shim between their card
and terminal which will protect their card information. “The shim can have a
button, display, and secure storage and can decode, block, delay and alter
command responses.” By using the shim, customer can reap following benefits:
 Prevent relay attack as amount value is displayed before the transaction is
processed.
 PIN is never entered into the terminals and instead one-time passwords can be
used
 The customer can also choose to perform different security features such as
biometric authentication. (J. 2007).

19. 17
CHAPTER 5 VULNERABILITIES IN NFC PAYMENT METHODS AND SUGGESTED
SOLUTION
In Black Hat 2012 conference held in Las Vegas, Dr. Charlie Miller, a top security
researcher demonstrated various attacks which can be carried out over NFC. One was ‘Double
Free’ vulnerability in Android 2.3.3 which could be leveraged to run malicious code on the
victim’s device over NFC. Another demonstration depicted functional flaw in ‘Android Beam’
application in Android 4+ wherein the attacker can send and run any Android Beam file on the
victim’s phone without their consent (Seltzer 2012). Following are some critical vulnerabilities
in NFC-based payment transaction:
5.1. Eavesdropping: Attackers can eavesdrop on two communicating NFC devices by using
an antenna capable of recording RF signals (ex. Patch loop antenna). This attack is
difficult to prevent because the attacker need not intercept the whole signal; only a few
percent of total signal would be enough. (Suraperwata 2013).
Suggested Solution: Use secure channels; communicating devices can agree upon a key
agreement protocol such as ‘Diffie-Hellman key exchange’ or ‘NFC Specific Key
Agreement’ secure channel. These secure channels maintain confidentiality, integrity and
availability of data exchanged between communicating devices. (Suraperwata 2013).
5.2.Man-in-the-Middle Attack: An attacker can intercept signals sent by the sender device,
modify and relay them to the receiving device. However, it is extremely difficult to carry
out MITM attack because of:
 the close proximity of communication devices (merely 3-4 cm).
 the use of AES encryption algorithm for secure communication.
 Interference signals sent by an attacker are very easily detected by the sender
device. (Suraperwata 2013).
Suggested Solution: “Use active-passive communication mode in data exchange.” In
active mode, both the communicating devices will generate RF signals whereas, in
passive mode, only one device will generate RF signal at a time. In this way, the sender
can listen to any unwanted third party trying to perform MITM attack.
5.3.Relay Attack: Author S. Kavya and her co-authors have explained their work in volume 3
of IJSTR wherein they have described relay attack as follows:
“the attacker forwards the request of the reader to the victim and relays back its answer to
the reader in real time in order to carry out a task pretending to be the sender. This attack
focuses on the extension of the range between NFC token and the reader, two NFC
devices on acting as a reader and other as a card emulator will be required. The victim
can’t detect this as it will appear like a card in front of it. The attacker holds the NFC
reader near the victim’s card and relays the data over another communication channel to a
second NFC reader placed in proximity to the original reader that will emulate the
victim’s card. This Security concern can be resolved using the proposed technique.”
(S.Kavya 2014).
Suggested Solution: Some countermeasures to prevent relay attack are:

20. 18
 Faraday Cages: Simplest preventive measure is to protect the user’s card in a box
called as Faraday cage.
 Incorporate distance bounding protocol to ensure that the card is within the
electromagnetic field.
5.4.Spoofing: In a spoofing attack, an attacker masquerades as another entity to induce the
victim to tap its device against an NFC tag that has already been compromised by the
attacker. This tag contains a malicious code which then executes on the victim’s device.
Some devices are configured to run the NFC commands automatically without the user’s
consent. The same flaw was discovered in an Android application ‘Android Beam’ which
is discussed in greater detail in the following point. (Pierluigi 2013).
Suggested Solution: Always configure your device so that it asks for your permission
before executing commands received via NFC.
5.5.Data Corruption: It is a type of Denial-of-Service (DoS) attack. The attacker’s motive is
to destroy, block or make the data sent by the sender undecipherable to the receiver. For
accomplishing this, the attacker injects noise signals into the communication channel
which tend to destroy the information content in the original signals sent by the sending
device. (Pierluigi 2013).
Suggested Solution: One workaround to this attack is to check the RF signals during data
transmission as the power required to generate noise signals and corrupt the data is higher
than the power required to send it. As a result, a difference between power consumption
would let the attacker detect the unwanted intruder and will stop the transmission of data
automatically.
CHAPTER 6 CONCLUSION AND FUTURE GENERATION TECHNOLOGY
In summary, EMV chip technology has improved the security in payment transactions via
credit card and debit card manifold but the implementation of the protocol has some flaws in it.
Having those flaws fixed, could result in a very strongly secured payment card processing
technology.
NFC is an efficient technology which provides secure transactions with ease of use. It is
gradually gaining popularity among the masses. It is a significant improvement over RFID and
consumes very low power as compared to other devices like Bluetooth. Major smartphone
companies have launched their own NFC-compatible payment application and surveys have
shown that number of smartphone users using such apps have increased in past 2 years. But
NFC-based payments are also vulnerable to attacks.
Having said all that, I believe that technology is an ever expanding domain and new
technology can overcome or at least mitigate the risks involved with EMV-chip based and NFC-
based payment processes.
Following are two technologies which can be implemented in future to enhance safety in
contactless payments:

21. 19
1. Cloud POS System: A cloud-based POS system provides an efficient, low-cost
and much more secure payment transaction system. The whole process is
explained in the diagram as shown below. There are several advantages of
switching to a cloud-based POS system:
 No setup cost involved. Merchants can start receiving payments by
installing applications on their phones or laptops.
 Support offline mode in case of network failure.
 Secure transmission and storage of payment card data.
 Central storage space for data from multiple devices thereby simplifying
data management process. (Trend Micro 2015).
Figure 7 – Cloud Based POS architecture
Source: (Trend Micro 2015).
2. Secure Element: In this system, all the payment card information is stored in a
Secure Element called Protected Applet (PA) thereby bypassing the POS software
completely. Secure Element handles all the transaction processing request and can
be configured to share certain data with POS terminal. This will enhance the
security of payment card by manifolds as the sensitive data is not vulnerable to
theft by RAM Scraper malware. Secure Element cannot be infected with malware
and is tamper resistant. (Trend Micro 2015)
Figure 7 – Security Element architecture
Source: (Trend Micro 2015)

22. 20
REFERENCES
EMV Migration Forum. “Understanding the 2015 U.S. Fraud Liability Shifts.” http://www.emv-
connection.com/. may 2015. http://www.emv-connection.com/downloads/2015/05/EMF-
Liability-Shift-Document-FINAL5-052715.pdf (accessed Aprl 3, 2016).
A SMART CARD ALLIANCE MOBILE AND NFC COUNCIL . EMV and NFC:
Complementary. White Paper, New Jersey: Smart Card Alliance, 2015.
Adam Laurie, Zac Franken , Andrea "lcars" Barisani , Daniele "danbia" Bianco. EMV - Chip &
PIN CVM Downgrade Attack . 2011.
https://dev.inversepath.com/download/emv/blackhat_df-whitepaper.txt (accessed april 3,
2016).
Alliance, Smart Card. "EMV and NFC: Complementary Technologies that Deliver Secure
Payments and Value-Added Functionality.". White paper, A Smart Card Alliance
Payments Council, 2012.
Android. Host-based Card Emulation. n.d.
https://developer.android.com/guide/topics/connectivity/nfc/hce.html (accessed april 3,
2016).
Apple Inc. Apple Pay security and privacy overview. 23 January 2016.
https://support.apple.com/en-us/HT203027 (accessed April 3, 2016).
Bhatla, Tej Paul, Vikram Prabhu, and Amit Dua. “"Understanding credit card frauds." .” Cards
business review 1 no. 6, 2003.
Bohn, Dieter. Samsung Pay works almost anywhere your credit card does. 13 August 2015.
http://www.theverge.com/2015/8/13/9146965/samsung-pay-mobile-payment-credit-card-
readers-date (accessed April 3, 2016).
Bond, Mike, Omar Choudary, Steven J. Murdoch, Sergei Skorobogatov, and Ross Anderson.
“Chip and Skim: cloning EMV cards with the pre-play attack.” In Security and Privacy
(SP), 2014 IEEE Symposium on. IEEE, 2014. 49-64.
Brian, Krebs. ‘Replay’ Attacks Spoof Chip Card Charges. October 2014.
http://krebsonsecurity.com/2014/10/replay-attacks-spoof-chip-card-charges/ (accessed
april 3, 2016).
CAPEC. CAPEC-398: Magnetic Strip Card Brute Force Attacks. 7 December 2015.
https://capec.mitre.org/data/definitions/398.html (accessed April 3, 2016).
CardLogix Corporation. Smart Card Standards. 2010. http://www.smartcardbasics.com/smart-
card-standards.html (accessed April 3, 2016).
Conroy, Julie. Card-Not-Present Fraud in a Post-EMV. White paper, AITE GROUP , 2014.
Cotignac . EMV Offline Data Authentication. 11 December 2008. http://cotignac.co.nz/emv-
offline-data-authentication/ (accessed April 3, 2016).

23. 21
Cryptomathic. “White paper EMV Key Management - Explained.” www.cryptomathic.com.
2013. https://www.cryptomathic.com/hubfs/docs/cryptomathic_white_paper-
emv_key_management.pdf (accessed April 3, 2016).
Elyse, Betters. Android Pay UK explained: Release date, how it works and where it's supported.
23 March 2016. http://www.pocket-lint.com/news/135017-android-pay-uk-explained-
release-date-how-it-works-and-where-it-s-supported (accessed April 3, 2016).
First Data Corporation. EMV and Encryption + Tokenization:A Layered Approach to Security.
White paper, First Data Corporation, 2012.
Fiserv Inc. FAQ EMV™. 2010. https://www.fiserv.com/ext/EMV_FAQ_9-17-14.pdf (accessed
April 3, 2016).
Ganeshji, Marwaha. Mobile Payments: What is a Secure Element? 1 September 2014.
http://www.gmarwaha.com/blog/2014/09/01/mobile-payments-what-is-a-secure-element/
(accessed April 3, 2016).
Mobile Payments: What is HCE? 20 september 2014.
http://www.gmarwaha.com/blog/2014/09/20/mobile-payments-what-is-hce/ (accessed
april 3, 2016).
Guy, Berg. Fundamentals of EMV . n.d.
http://www.smartcardalliance.org/resources/media/scap13_preconference/02.pdf
(accessed April 3, 2016).
Homes, Tamara E. Credit Card Fraud and ID Theft Statistics. 16 September 2015. (accessed
April 3, 2016).
Host Merchant Services. EMV Transaction Authorization. 2014.
https://www.hostmerchantservices.com/articles/emv-articles/emv-transaction-
authorization/ (accessed April 3, 2016).
J., Murdoch Steven. EMV flaws and fixes: vulnerabilities in. 2007.
http://sec.cs.ucl.ac.uk/users/smurdoch/talks/leuven07emv.pdf (accessed april 3, 2016).
John, Kiernan. Credit Card & Debit Card Fraud Statistics. n.d.
http://www.cardhub.com/edu/credit-debit-card-fraud-statistics/ (accessed April 3, 2016).
Kumar, Anurag. “NEAR FIELD COMMUNICATION.”
http://dspace.cusat.ac.in/jspui/handle/123456789/2214. 9 February 2011.
http://hdl.handle.net/123456789/2214 (accessed April 3, 2016).
Lucian, Constantin. EMV protocol flaw allows 'pre-play' attacks against chip-enabled payment
cards, researchers say. 11 September 2012.
http://www.pcworld.com/article/262197/emv_protocol_flaw_allows_preplay_attacks_aga
inst_chipenabled_payment_cards_researchers_say.html (accessed april 3, 2016).

24. 22
Megan, Geuss. How Apple Pay and Google Wallet actually work. 29 October 2014.
http://arstechnica.com/gadgets/2014/10/how-mobile-payments-really-work/ (accessed
April 3, 2016).
Michael, Kassner. Anatomy of the Target data breach: Missed opportunities and lessons learned.
2 February 2015. http://www.zdnet.com/article/anatomy-of-the-target-data-breach-
missed-opportunities-and-lessons-learned/ (accessed April 3, 2016).
Murdoch, Steven J. Chip & PIN (EMV) relay attacks. 6 February 2007.
https://www.cl.cam.ac.uk/research/security/banking/relay/ (accessed March 30, 2016).
Ogundele, Oludele, Pavol Zavarsky, Ron Ruhl, and Dale Lindskog. “Fraud reduction on emv
payment cards by the implementation of stringent security features.” Int J Intell Comput
Res (IJICR) 3, no. 1/2, 2012: 252-262.
Pannifer Steve, Dick Clark, Dave Birch. “HCE and.” Consult Hyperion. june 2014.
http://www.chyp.com/wp-content/uploads/2015/01/HCE-and-SIM-Secure-Element.pdf
(accessed april 3, 2016).
Pierluigi, Paganini. Near Field Communication (NFC) Technology, Vulnerabilities and Principal
Attack Schema. 18 june 2013. http://resources.infosecinstitute.com/near-field-
communication-nfc-technology-vulnerabilities-and-principal-attack-schema/ (accessed
april 3, 2016).
S. J. Murdoch, S. Drimer, R. Anderson, and M. Bond. “"Chip and PIN is Broken".” Security and
Privacy (SP), 2010 IEEE Symposium on. Oakland: IEEE, 2010. 433-446.
S.Kavya, K.Pavithra, Sujitha Rajaram, M.Vahini, N Harini. “Vulnerability Analysis And
Security System For.” INTERNATIONAL JOURNAL OF SCIENTIFIC &
TECHNOLOGY RESEARCH VOLUME 3, ISSUE 6, 2014: 207-210.
Seltzer, Larry. NFC Phone Hacking and Other Mobile Attacks. 25 July 2012.
http://www.informationweek.com/wireless/nfc-phone-hacking-and-other-mobile-
attacks/d/d-id/1105508 (accessed april 3, 2016).
Smart Card Alliance. NFC Resources. n.d. http://www.smartcardalliance.org/smart-cards-
applications-nfc/ (accessed April 3, 2016).
Steven J. Murdoch, Saar Drimer, Ross Anderson, Mike Bond. “Chip and PIN is Broken.”
Security and Privacy (SP), 2010 IEEE Symposium on. Oakland, CA, USA: IEEE, 2010.
433 - 446.
Suraperwata, Aulia Virnanda, and Ika Yul Pratiwi. “Solutions to Near Field Communication
(NFC) Vulnerabilities Against Interception Type Attacks.” 2013.
Trend Micro. Next-Gen Payment Processing Architectures. 1 August 2015.
http://www.trendmicro.com/vinfo/us/security/news/security-technology/next-gen-
payment-processing-architectures (accessed april 3, 2016).

25. 23