Risks and potentials of using EMV for internet payments

Authors:
Els Van Herreweghen;Uta Wille
Affiliations:
IBM Zurich Research Laboratory, Ruschlikon, Switzerland;IBM Zurich Research Laboratory, Ruschlikon, Switzerland and Jelmoli Information Systems AG, Zurich, Switzerland
Venue:
WOST'99 Proceedings of the USENIX Workshop on Smartcard Technology on USENIX Workshop on Smartcard Technology
Year:
1999

Citing 2
Cited 2

The State of the Art in Electronic Payment Systems

Computer
iKP: a family of secure electronic payment protocols

WOEC'95 Proceedings of the 1st conference on USENIX Workshop on Electronic Commerce - Volume 1

e-EMV: emulating EMV for internet payments with trusted computing technologies

Proceedings of the 3rd ACM workshop on Scalable trusted computing
Formal analysis of the EMV protocol suite

TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

Existing payment smartcards developed for traditional point-of-sale transactions are being considered for use in Internet transactions. Such solutions have been suggested as alternatives to using payment protocols more specifically designed for Internet payments (such as SET [8]) but often lacking smartcard support. In this paper, we analyze EMV'96 [7], a representative example of an existing payment smartcard specification. We investigate which security requirements for an Internet payment system can and cannot be met when using EMV for Internet payments. We suggest possible modifications that can enhance the security of an Internet payment scheme based on EMV.