Examining Users’ Understanding of Security Failures in EMV Smart Card Payment Systems
DOI: http://dx.doi.org/10.30630/joiv.3.2.244
Abstract
Keywords
Full Text:
PDFReferences
Anderson, R., Bond, M., & Murdoch, S. J. (2007). Chip and spin. Infosecurity, 4(8), 38–40. https://doi.org/10.1016/S1754-4548(07)70204-8
Barisani, A., Bianco, D., & Laurie, A. (2011). Chip & PIN is definitely broken - Credit Card skimming and PIN harvesting in an EMV world. In Defcon 2011.
Bond, M., Choudary, O., Murdoch, S. J., Skorobogatov, S., & Anderson, R. (2014). Chip and skim: Cloning EMV cards with the pre-play attack. In Proceedings - IEEE Symposium on Security and Privacy (pp. 49–64). https://doi.org/10.1109/SP.2014.11
Degabriele, J. P., Lehmann, A., Paterson, K. G., Smart, N. P., & Strefler, M. (2012). On the Joint Security of Encryption and Signature in EMV BT - Topics in Cryptology – CT-RSA 2012: The Cryptographers’ Track at the RSA Conference 2012, San Francisco, CA, USA, February 27 – March 2, 2012. Proceedings. In O. Dunkelman (Ed.), Lecture Notes in Computer Science (LNCS) (pp. 116–135). Berlin, Heidelberg: Springer Berlin Heidelberg. https://doi.org/10.1007/978-3-642-27954-6_8
Drimer, S., & Murdoch, S. J. (2007). Keep your enemies close: Distance bounding against smartcard relay attacks. USENIX Security Symposium, 7. Retrieved from http://dl.acm.org/citation.cfm?id=1362910
Drimer, S., Murdoch, S. J., & Anderson, R. (2008). Thinking inside the box: System-level failures of tamper proofing. In Proceedings - IEEE Symposium on Security and Privacy (pp. 281–295). https://doi.org/10.1109/SP.2008.16
EMVCo. (2011a). Integrated Circuit Card Specifications for Payment Systems, Book 3: Application Specification. EMV Integrated Circuit Card Specifications for Payment Systems. Retrieved from http://www.emvco.com/specifications.aspx?id=223
EMVCo, L. (2011b). EMV – Integrated Circuit Card Specifications for Payment Systems, Book 4: Cardholder, Attendant, and Acquirer Interface Requirements, Version 4.2 ed. EMV2011, Dec, 4(November). Retrieved from http://scholar.google.com/scholar?hl=en&btnG=Search&q=intitle:Integrated+Circuit+Card+Specifications+for+Payment+Systems#1
Francis, L., Hancke, G., Mayes, K., & Markantonakis, K. (2012). Practical relay attack on contactless transactions by using NFC mobile phones. Cryptology and Information Security Series, 8, 21–32. https://doi.org/10.3233/978-1-61499-143-4-21
Gray, D., & Ladig, J. (2015). The Implementation of EMV Chip Card Technology to Improve Cyber Security Accelerates in the U.S. Following Target Corporation’s Data Breach. International Journal of Business Administration, 6(2), 60–67. https://doi.org/10.5430/ijba.v6n2p60
Murdoch, S. J. (2009). Reliability of Chip & PIN evidence in banking disputes. Digital Evidence and Electronic Signature Law Review, 6, 98–115. https://doi.org/10.14296/deeslr.v6i0.1862
Murdoch, S. J. (2015). Banks undermine chip and PIN security because they see profits rise faster than fraud.
Murdoch, S. J., Drimer, S., Anderson, R., & Bond, M. (2010). Chip and PIN is broken. In Proceedings - IEEE Symposium on Security and Privacy (pp. 433–446). https://doi.org/10.1109/SP.2010.33
Murdoch, S. J., Drimer, S., Anderson, R., & Bond, M. (2013). EMV PIN verification “ wedge †vulnerability.
Ruiter, J. De, & Poll, E. (2012). Formal Analysis of the EMV Protocol Suite, 113–129.
The U K Cards Association. (2012). Card Expenditure Statistics. January.
The UK Cards Association. (2009). Standard 70, Book 2 – Card Acceptor to Acquirer Interface Standards: Messages, Data Elements and Code Values for Real-time Systems.