Bristol researchers work to secure next generation chip-card payment technology

Nov 05, 2013

Current chip technology used for purchasing items via credit and debit cards in shops was developed in the mid-1990s. EMVCo, the standard body which manages, maintains and advances EMV Specifications, is in the process of designing the next generation payment technology to meet long-term industry requirements. The activity will establish a common, robust technology platform for supporting contact and contactless/mobile interfaces for both online and offline transactions.

Dr Gaven Watson from Bristol's Department of Computer Science will be presenting a paper at the prestigious Association of Computing Machinery's Conference on Computer and Communications Security (ACM-CCS) sharing the details of a study that validates the proposed design to be used in future EMV chip cards.

This protocol was developed by EMVCo and then published on its website as a request for comments (RFC). University of Bristol researchers responded and proved mathematically that the protocol meets the security goals that it was designed to achieve.

The protocol sits at the heart of the new specification as it offers a key agreement system based on elliptic curve cryptography. Due to the constrained nature of payment cards, and some new requirements for protecting contactless transactions, the new protocol needed to be created.

Nigel Smart,Professor of Cryptology at the University of Bristol, said: "This is an important step in validating the we will all start to use in the future. When the previous was designed people did not know how to mathematically prove that a protocol satisfied certain security goals. The science of cryptography has advanced and is now at a stage where this is possible and protocols that will be used in the real world can be fully analysed."

Christina Hulka, Chair of the EMVCo Board of Managers, added: "EMVCo welcomes the initiative of Professor Nigel Smart and his fellow researchers in developing a security proof of this key agreement protocol. EMVCo is of the view that the new cryptographic algorithms and protocols that will be used to secure billions of EMV payment transactions should not only offer optimum performance but also receive the best analysis that modern cryptology can provide."

The paper represents joint work by the Bristol's Department of Computer Science and the Engineering Faculty of Tel-Aviv University.

Explore further: Breakthrough in cryptography could result in more secure computing

More information: An analysis of the EMV Channel Establishment Protocol by Christina Brzuska and Nigel P. Smart and Bogdan Warinschi and Gaven J. Watson. eprint.iacr.org/2013/031
ACM Conference on Computer and Communications Security [ACM-CCS] 2013.

add to favorites email to friend print save as pdf

Related Stories

Cambridge team exposes EMV card vulnerabilities

Sep 13, 2012

(Phys.org)—At a cryptography gathering in Leuven, Belgium, on Tuesday, Cambridge University researchers made it known that they do not like what they see in chip and pin systems. Banks rely on customer ...

Security card with a one-time password and LED display

Mar 06, 2013

Infineon Technologies AG and Bundesdruckerei GmbH have developed a new security smart card with an LED display and a one-time password. This new technology is centred around a security chip in the card which ...

Using your car key as a credit card?

Oct 22, 2008

(PhysOrg.com) -- BMW Group Research and Technology and NXP Semiconductors, the independent semiconductor company founded by Philips, have unveiled a prototype of the world’s first multifunctional car key. The prototype ...

Recommended for you

'Chief Yahoo' David Filo returns to board

31 minutes ago

Yahoo announced the nomination of three new board members, including company co-founder David Filo, who earned the nickname and formal job title of "Chief Yahoo."

Fired Yahoo exec gets $58M for 15 months of work

41 minutes ago

Yahoo's recently fired chief operating officer, Henrique de Castro, left the Internet company with a severance package of $58 million even though he lasted just 15 months on the job.

Simplicity is key to co-operative robots

8 hours ago

A way of making hundreds—or even thousands—of tiny robots cluster to carry out tasks without using any memory or processing power has been developed by engineers at the University of Sheffield, UK.

Freight train industry to miss safety deadline

9 hours ago

The U.S. freight railroad industry says only one-fifth of its track will be equipped with mandatory safety technology to prevent most collisions and derailments by the deadline set by Congress.

User comments : 0

More news stories

'Chief Yahoo' David Filo returns to board

Yahoo announced the nomination of three new board members, including company co-founder David Filo, who earned the nickname and formal job title of "Chief Yahoo."

Simplicity is key to co-operative robots

A way of making hundreds—or even thousands—of tiny robots cluster to carry out tasks without using any memory or processing power has been developed by engineers at the University of Sheffield, UK.

Floating nuclear plants could ride out tsunamis

When an earthquake and tsunami struck the Fukushima Daiichi nuclear plant complex in 2011, neither the quake nor the inundation caused the ensuing contamination. Rather, it was the aftereffects—specifically, ...

New clinical trial launched for advance lung cancer

Cancer Research UK is partnering with pharmaceutical companies AstraZeneca and Pfizer to create a pioneering clinical trial for patients with advanced lung cancer – marking a new era of research into personalised medicines ...

More vets turn to prosthetics to help legless pets

A 9-month-old boxer pup named Duncan barreled down a beach in Oregon, running full tilt on soft sand into YouTube history and showing more than 4 million viewers that he can revel in a good romp despite lacking ...