First Contact - Vulnerabilities in Contactless Payments

Conference:  BlackHat EU 2019



The presentation discusses vulnerabilities in contactless payment systems and the potential for fraudulent transactions. The speaker highlights the need for strong customer authentication and reasonable transaction limits.
  • PSD2 regulations require strong customer authentication for transactions over 250 euros or more than five transactions
  • Cumulative limits can be bypassed, leading to potential fraud
  • Mastercard and Visa have different requirements for contactless transactions
  • Vulnerabilities exist in both Mastercard and Visa contactless systems
  • Reasonable transaction limits can help prevent fraud
  • Responsibility for fraud prevention falls on card issuers
  • The speaker provides examples of fraudulent transactions and potential attacks on contactless systems
The speaker describes an attack where the only thing an attacker needs to do is convince a phone that cardholder verification is not required, leading to a transaction without unlocking the phone. This attack can be applied to both Mastercard and Visa systems. The speaker also notes that some banks are still affected by replay attacks despite efforts to fix vulnerabilities.


Introduced in 2007, contactless (NFC) payments have been used widely for a decade. Accounting for more than 40% of transactions globally, contactless payments are fast replacing cash and CHIP. Yet, contactless makes use of protocols much older than the technology itself. So, how safe and secure are contactless payments? In this talk, we discuss how the EMV protocols and magstripe modes used for contactless are equally flawed. For the first time, we show how to bypass the UK £30 limit for contactless payments made using physical cards. Then how to circumvent limits for mobile wallets using locked mobile phones. What's more, we cover flaws in the generation keys values, the unpredictable number (UN) and application transaction counter (ATC). Another first, we perform a pre-play attack using EMV without downgrading to legacy modes.



Post a comment