Practical EMV relay protection

Andreea Ina Radu; Tom Chothia; Christopher J.P. Newton; Ioana Boureanu; Liqun Chen

doi:10.1109/SP46214.2022.9833642

Practical EMV relay protection

Andreea Ina Radu, Tom Chothia, Christopher J.P. Newton, Ioana Boureanu, Liqun Chen

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

82 Downloads (Pure)

Abstract

Relay attackers can forward messages between a contactless EMV bank card and a shop reader, making it possible to wirelessly pickpocket money. To protect against this, Apple Pay requires a user's fingerprint or Face ID to authorise payments, while Mastercard and Visa have proposed protocols to stop such relay attacks. We investigate transport payment modes and find that we can build on relaying to bypass the Apple Pay lock screen, and illicitly pay from a locked iPhone to any EMV reader, for any amount, without user authorisation. We show that Visa's proposed relay-countermeasure can be bypassed using rooted smart phones. We analyse Mastercard's relay protection, and show that its timing bounds could be more reliably imposed at the ISO 14443 protocol level, rather than at the EMV protocol level. With these insights, we propose a new relay-resistance protocol (L1RP) for EMV. We use the Tamarin prover to model mobile-phone payments with and without user authentication, and in different payment modes. We formally verify solutions to our attack suggested by Apple and Visa, and used by Samsung, and we verify that our proposed protocol provides protection from relay attacks.

Original language	English
Title of host publication	Proceedings - 43rd IEEE Symposium on Security and Privacy, SP 2022
Publisher	Institute of Electrical and Electronics Engineers (IEEE)
Pages	1737-1756
Number of pages	20
ISBN (Electronic)	9781665413169
ISBN (Print)	9781665413176 (PoD)
DOIs	https://doi.org/10.1109/SP46214.2022.9833642
Publication status	Published - 27 Jul 2022
Event	43rd IEEE Symposium on Security and Privacy, SP 2022 - San Francisco, United States Duration: 23 May 2022 → 26 May 2022

Publication series

Name	Proceedings - IEEE Symposium on Security and Privacy
Publisher	IEEE
ISSN (Print)	1081-6011
ISSN (Electronic)	2375-1207

Conference

Conference	43rd IEEE Symposium on Security and Privacy, SP 2022
Country/Territory	United States
City	San Francisco
Period	23/05/22 → 26/05/22

Bibliographical note

Funding Information:
This work is part of the "TimeTrust" project, funded the UK s National Cyber Security Centre (NCSC). We thank Mastercard UK and Visa Research for providing useful insights and feedback.

Publisher Copyright:
© 2022 IEEE.

Keywords

Privacy
Protocols
Protective relaying
Authentication
Credit cards
Timing
Security

ASJC Scopus subject areas

Safety, Risk, Reliability and Quality
Software
Computer Networks and Communications

Access to Document

10.1109/SP46214.2022.9833642

RaduA2022Practical
A. -I. Radu, T. Chothia, C. J. P. Newton, I. Boureanu and L. Chen, "Practical EMV Relay Protection," 2022 IEEE Symposium on Security and Privacy (SP), 2022, pp. 1737-1756, doi: 10.1109/SP46214.2022.9833642. © 2022 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Accepted author manuscript, 1.05 MBLicence: Other (please specify with Rights Statement)

Cite this

Radu, A. I., Chothia, T., Newton, C. J. P., Boureanu, I., & Chen, L. (2022). Practical EMV relay protection. In Proceedings - 43rd IEEE Symposium on Security and Privacy, SP 2022 (pp. 1737-1756). Article 9833642 (Proceedings - IEEE Symposium on Security and Privacy). Institute of Electrical and Electronics Engineers (IEEE). https://doi.org/10.1109/SP46214.2022.9833642

@inproceedings{72e12d9ac5bc4adfadaabd304fc0a6fb,

title = "Practical EMV relay protection",

abstract = "Relay attackers can forward messages between a contactless EMV bank card and a shop reader, making it possible to wirelessly pickpocket money. To protect against this, Apple Pay requires a user's fingerprint or Face ID to authorise payments, while Mastercard and Visa have proposed protocols to stop such relay attacks. We investigate transport payment modes and find that we can build on relaying to bypass the Apple Pay lock screen, and illicitly pay from a locked iPhone to any EMV reader, for any amount, without user authorisation. We show that Visa's proposed relay-countermeasure can be bypassed using rooted smart phones. We analyse Mastercard's relay protection, and show that its timing bounds could be more reliably imposed at the ISO 14443 protocol level, rather than at the EMV protocol level. With these insights, we propose a new relay-resistance protocol (L1RP) for EMV. We use the Tamarin prover to model mobile-phone payments with and without user authentication, and in different payment modes. We formally verify solutions to our attack suggested by Apple and Visa, and used by Samsung, and we verify that our proposed protocol provides protection from relay attacks.",

keywords = "Privacy, Protocols, Protective relaying, Authentication, Credit cards, Timing, Security",

author = "Radu, {Andreea Ina} and Tom Chothia and Newton, {Christopher J.P.} and Ioana Boureanu and Liqun Chen",

note = "Funding Information: This work is part of the {"}TimeTrust{"} project, funded the UK s National Cyber Security Centre (NCSC). We thank Mastercard UK and Visa Research for providing useful insights and feedback. Publisher Copyright: {\textcopyright} 2022 IEEE.; 43rd IEEE Symposium on Security and Privacy, SP 2022 ; Conference date: 23-05-2022 Through 26-05-2022",

year = "2022",

month = jul,

day = "27",

doi = "10.1109/SP46214.2022.9833642",

language = "English",

isbn = "9781665413176 (PoD)",

series = "Proceedings - IEEE Symposium on Security and Privacy",

publisher = "Institute of Electrical and Electronics Engineers (IEEE)",

pages = "1737--1756",

booktitle = "Proceedings - 43rd IEEE Symposium on Security and Privacy, SP 2022",

}

Radu, AI , Chothia, T, Newton, CJP, Boureanu, I & Chen, L 2022, Practical EMV relay protection. in Proceedings - 43rd IEEE Symposium on Security and Privacy, SP 2022., 9833642, Proceedings - IEEE Symposium on Security and Privacy, Institute of Electrical and Electronics Engineers (IEEE), pp. 1737-1756, 43rd IEEE Symposium on Security and Privacy, SP 2022, San Francisco, United States, 23/05/22. https://doi.org/10.1109/SP46214.2022.9833642

Practical EMV relay protection. / Radu, Andreea Ina ; Chothia, Tom; Newton, Christopher J.P. et al.
Proceedings - 43rd IEEE Symposium on Security and Privacy, SP 2022. Institute of Electrical and Electronics Engineers (IEEE), 2022. p. 1737-1756 9833642 (Proceedings - IEEE Symposium on Security and Privacy).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Practical EMV relay protection

AU - Radu, Andreea Ina

AU - Chothia, Tom

AU - Newton, Christopher J.P.

AU - Boureanu, Ioana

AU - Chen, Liqun

N1 - Funding Information: This work is part of the "TimeTrust" project, funded the UK s National Cyber Security Centre (NCSC). We thank Mastercard UK and Visa Research for providing useful insights and feedback. Publisher Copyright: © 2022 IEEE.

PY - 2022/7/27

Y1 - 2022/7/27

N2 - Relay attackers can forward messages between a contactless EMV bank card and a shop reader, making it possible to wirelessly pickpocket money. To protect against this, Apple Pay requires a user's fingerprint or Face ID to authorise payments, while Mastercard and Visa have proposed protocols to stop such relay attacks. We investigate transport payment modes and find that we can build on relaying to bypass the Apple Pay lock screen, and illicitly pay from a locked iPhone to any EMV reader, for any amount, without user authorisation. We show that Visa's proposed relay-countermeasure can be bypassed using rooted smart phones. We analyse Mastercard's relay protection, and show that its timing bounds could be more reliably imposed at the ISO 14443 protocol level, rather than at the EMV protocol level. With these insights, we propose a new relay-resistance protocol (L1RP) for EMV. We use the Tamarin prover to model mobile-phone payments with and without user authentication, and in different payment modes. We formally verify solutions to our attack suggested by Apple and Visa, and used by Samsung, and we verify that our proposed protocol provides protection from relay attacks.

AB - Relay attackers can forward messages between a contactless EMV bank card and a shop reader, making it possible to wirelessly pickpocket money. To protect against this, Apple Pay requires a user's fingerprint or Face ID to authorise payments, while Mastercard and Visa have proposed protocols to stop such relay attacks. We investigate transport payment modes and find that we can build on relaying to bypass the Apple Pay lock screen, and illicitly pay from a locked iPhone to any EMV reader, for any amount, without user authorisation. We show that Visa's proposed relay-countermeasure can be bypassed using rooted smart phones. We analyse Mastercard's relay protection, and show that its timing bounds could be more reliably imposed at the ISO 14443 protocol level, rather than at the EMV protocol level. With these insights, we propose a new relay-resistance protocol (L1RP) for EMV. We use the Tamarin prover to model mobile-phone payments with and without user authentication, and in different payment modes. We formally verify solutions to our attack suggested by Apple and Visa, and used by Samsung, and we verify that our proposed protocol provides protection from relay attacks.

KW - Privacy

KW - Protocols

KW - Protective relaying

KW - Authentication

KW - Credit cards

KW - Timing

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=85134023546&partnerID=8YFLogxK

UR - https://practical_emv.gitlab.io/

U2 - 10.1109/SP46214.2022.9833642

DO - 10.1109/SP46214.2022.9833642

M3 - Conference contribution

AN - SCOPUS:85134023546

SN - 9781665413176 (PoD)

T3 - Proceedings - IEEE Symposium on Security and Privacy

SP - 1737

EP - 1756

BT - Proceedings - 43rd IEEE Symposium on Security and Privacy, SP 2022

PB - Institute of Electrical and Electronics Engineers (IEEE)

T2 - 43rd IEEE Symposium on Security and Privacy, SP 2022

Y2 - 23 May 2022 through 26 May 2022

ER -

Practical EMV relay protection

Abstract

Publication series

Conference

Bibliographical note

Keywords

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this