Protocol Interactions and the Chosen Protocol Attack
Proceedings of the 5th International Workshop on Security Protocols
Security Engineering: A Guide to Building Dependable Distributed Systems
Security Engineering: A Guide to Building Dependable Distributed Systems
Thinking Inside the Box: System-Level Failures of Tamper Proofing
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
Optimised to Fail: Card Readers for Online Banking
Financial Cryptography and Data Security
Security Protocols
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Verified by visa and mastercard securecode: or, how not to design authentication
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
Identity verification schemes for public transport ticketing with NFC phones
Proceedings of the sixth ACM workshop on Scalable trusted computing
Mass transit ticketing with NFC mobile phones
INTRUST'11 Proceedings of the Third international conference on Trusted Systems
| Hi-index | 0.00 |
The credit card system has been one of the world's great successes because of its adaptability. By the mid-1990s, a credit card had become a mechanism for authenticating a transaction by presenting a username (the card number) and a password (the expiry date, plus often a CVV) that was already used in mail order and could be adapted with little fuss to the Internet. Now banks in Europe, and increasingly elsewhere, have moved to the EMV "Chip and PIN" system which uses not just smart cards but also "trusted" hardware. The cryptography supported by this equipment has made some kinds of fraud much rarer --- although other kinds have increased, and the jury is still out on the net effect. In the USA in particular, some banks and others oppose EMV on the grounds that it will damage innovation to move to a monolithic and inflexible system. We discuss the effects that cryptographic lock-down might have on competition and innovation. We predict that EMV will be adapted to use cards as keys; we have found, for example, that the DDA signature can be used by third parties and expect this to be used when customers use a card to retrieve already-purchased goods such as air tickets. This will stop forged credit cards being used to board airplanes. We also investigate whether EMV can be adapted to move towards a world in which people can use bank cards plus commodity consumer electronics to make and accept payments. Can the EMV payment ecology be made more open and competitive, or will it have to be replaced? We have already seen EMV adapted to the CAP system; this was possible because only one bank, the card issuer, had to change its software. It seems the key to innovation is whether its benefits can be made sufficiently local and incremental. We therefore explore whether EMV can be adapted to peer-to-peer payments by making changes solely to the acquirer systems. Finally, we discuss the broader issue of how cryptographic protocols can be made extensible. How can the protocol designer steer between the Scylla of the competition authorities and the Charybdis of the chosen protocol attack?