Payment Village - Resources

If you would like to have a paper referenced here submit a request https://forms.gle/K9fyMq24dt1SaLDm9

Resources:

New Vulnerabilities in Public Transport Schemes for Apple Pay, Samsung Pay, GPay

https://www.paymentvillage.org/resources/hand-in-your-pocket-without-you-noticing-vulnerabilities-of-mobile-wallets

POSWorld:‌ ‌Vulnerabilities‌ ‌within‌ ‌Ingenico‌ ‌Telium‌ ‌2‌ ‌and‌ ‌Verifone‌ ‌VX‌ ‌and‌ ‌MX‌ ‌series‌ ‌Point‌ ‌of‌ ‌Sales‌ ‌terminals‌, Aleksei Stennikov, Timur Yunusov

https://drive.google.com/file/d/1GqiFrt_61lqXXPjuj7O4PJx4tV7uaVWD/view

Card Fraud in a PSD2 World: A Few Examples, Timur Yunusov

https://www.paymentvillage.org/resources/card-fraud-in-a-psd2-world-a-few-examples

It Only Takes A Minute to Clone a Credit Card, Thanks to a 50-Year-Old Problem, Leigh-Anne Galloway

https://drive.google.com/file/d/17YIKh2aWf9n-Hr8cD8_K9vUGtiM-zuFU/view

First Contact: New Vulnerabilities in Contactless Payments

https://www.paymentvillage.org/resources/first-contact-new-vulnerabilities-in-contactless-payments

A Security Evaluation and Proof-of-Concept Relay Attack on Dutch EMV Contactless Transactions, Jordi van den Breekel

https://www.cs.bham.ac.uk/~tpc/Relay/thesisJordi.pdf

Attack Tree for Modelling Unauthorized EMV Card Transactions at POS Terminals, Dilpreet Singh, Ron Ruhl and Hamman Samuel

https://www.scitepress.org/papers/2018/67233/67233.pdf

Chip & SPIN, Anderson et al.

http://www.chipandspin.co.uk/

Contactless payments: usability at the cost of security? Emms, Martin J.

https://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.703165

Does the Online Card Payment System Unwittingly Facilitate Fraud, Mohammed Aamir Ali

https://theses.ncl.ac.uk/jspui/bitstream/10443/4567/1/Ali%20MA%202019.pdf

Harvesting High Value Foreign Currency Transactions from EMV Contactless Credit Cards Without the PIN, Emms M, Arief B, Freitas L, Hannon J, van Moorsel A.

https://eprint.ncl.ac.uk/file_store/production/206086/D5A3040D-71FE-4275-BB4C-9A31767CDE92.pdf

Practical Relay Attack on Contactless Transactions by Using NFC Mobile Phones, Francis et al

https://www.researchgate.net/publication/220335621_Practical_Relay_Attack_on_Contactless_Transactions_by_Using_NFC_Mobile_Phones

Risks of Offline Verify PIN on Contactless Cards, Emms et al

https://www.researchgate.net/publication/286531657_Risks_of_Offline_Verify_PIN_on_Contactless_Cards

Securing Digital Payments Transformation of the payment industry, Andrew Jamieson

https://drive.google.com/file/d/1IKQ3zOzfJ9ZnKIEi9yOEFiwjbQSTINAC/view?usp=sharing

Apple Pay Online/in-app Cryptogram replay attacks
https://www.paymentvillage.org/resources/apple-pay-online-cryptogram-replay