Short paper: making contactless EMV robust against rogue readers colluding with relay attackers

Research output: Chapter in Book/Report/Conference proceedingConference contribution


Colleges, School and Institutes

External organisations

  • University of Surrey


It is possible to relay signals between a contactless EMV card and a shop’s EMV reader and so make a fraudulent payment without the card-owner’s knowledge. Existing countermeasures rely on proximity checking: the reader will measure round trip times in message-exchanges, and rejects replies that take longer than expected (which suggests they have been relayed). However, it is the reader that would receive the illicit payment from any relayed transaction, so a rogue reader has little incentive to enforce the required checks. Furthermore, cases of malware targeting point-of-sales systems are common.We propose three novel proximity-checking protocols that use a trusted platform module (TPM) to ensure that the reader performs the time measurements correctly. After running one of our proposed protocols, the bank can be sure that the card and reader were in close proximity, even if the reader tries to subvert the protocol. Our first protocol makes changes to the cards and readers, our second protocol modifies the readers and the banking backend, and our third protocol allows the detection of relay attacks, after they have happened, with only changes to the readers.


Original languageEnglish
Title of host publicationProceedings of the 23rd International Conference on Financial Cryptography and Data Security (FC'19)
Publication statusPublished - 22 Feb 2019
Event23rd International Conference on Financial Cryptography and Data Security (FC'19) - St. Kitts, Saint Kitts and Nevis
Duration: 18 Feb 201922 Feb 2019


Conference23rd International Conference on Financial Cryptography and Data Security (FC'19)
CountrySaint Kitts and Nevis
CitySt. Kitts