Security Analysis and Implementation of Relay-Resistant Contactless Payments

Ioana Boureanu, Tom Chothia, Alexandre Debant, Stéphanie Delaune

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)


Contactless systems, such as the EMV (Europay, Mastercard and Visa) payment protocol, are vulnerable to relay attacks. The typical countermeasure to this relies on distance bounding protocols, in which a reader estimates an upper bound on its physical distance from a card by doing round-trip time (RTT) measurements. However, these protocols are trivially broken in the presence of rogue readers. At Financial Crypto 2019, we proposed two novel EMV-based relay-resistant protocols: they integrate distance-bounding with the use of hardware roots of trust (HWRoT) in such a way that correct RTT-measurements can no longer be bypassed. Our contributions are threefold: first, we design a calculus to model this advanced type of distance-bounding protocols integrated with HWRoT; as an additional novelty, our calculus is also the first to allow for mobility of cards and readers during a proximity-checking phase. Second, to make it possible to analyse these protocols via more standard mechanisms and tools, we consider a 2018 characterisation of distance-bounding security that does away with physical aspects and relies only on the causality of events; we cast it in our richer calculus and extend its theoretical guarantees to our more expressive models (with mobility, potentially rogue readers, and HWRoT). Due to this extension, we can carry out the security analysis in the standard protocol verification tool ProVerif. Third, we provide the first implementation of Mastercard's relay-resistant EMV protocol PayPass-RRP as well as one of its 2019 extension with HWRoT called PayBCR. We evaluate their efficiency and their robustness to relay attacks, in presence of both honest and rogue readers. Our experiments are the first to show that Mastercard's PayPass-RRP and its HWRoT-based extension PayBCR are both practical in preventing relay attacks of the magnitude shown thus-far in EMV.

Original languageEnglish
Title of host publicationCCS 2020 - Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security
PublisherAssociation for Computing Machinery
Number of pages20
ISBN (Electronic)9781450370899
Publication statusPublished - 30 Oct 2020
Event27th ACM SIGSAC Conference on Computer and Communications Security, CCS 2020 - Virtual, Online, United States
Duration: 9 Nov 202013 Nov 2020

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221


Conference27th ACM SIGSAC Conference on Computer and Communications Security, CCS 2020
Country/TerritoryUnited States
CityVirtual, Online

Bibliographical note

Funding Information:
This work has been partially supported by the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation program (grant agreement No 714955-POPSTAR) and by the NCSC-funded “TimeTrust” project. Also, we especially thank Consultant Hyperion (, and particularly Katie Facey and Haritha Gunniguntala from Consult Hyperion, for working with us to integrate PayPass-RRP in their CardCracker tool and giving us an 1-year licence for the tool.

Publisher Copyright:
© 2020 ACM.


  • contactless payments
  • relay attacks

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications


Dive into the research topics of 'Security Analysis and Implementation of Relay-Resistant Contactless Payments'. Together they form a unique fingerprint.

Cite this