Skip to Main content Skip to Navigation
Conference papers

An Online Security Protocol for NFC Payment Formally Analyzed by The Scyther Tool

Nour El Madhoun 1 Fouad Amine Guenane 1 Guy Pujolle 1
1 Phare
LIP6 - Laboratoire d'Informatique de Paris 6
Abstract : Nowadays, NFC technology is integrated into bank cards, smartphones and sales point terminals in order to immediately execute payment transactions without any physical contact. EMV is the standard intended to secure both contact (traditional) and contactless-NFC payment operations. In fact, researchers in recent years have detected some security vulnerabilities in this protocol (EMV). Therefore, in this paper, we introduce the risks entailed by the vulnerabilities of EMV and particularly those at stake in the case of NFC payment. Hence, in order to overcome EMV weaknesses, we propose a new security protocol based on an online communication with a trusted entity. The proposal is destined to secure contactless-NFC payment transactions using NFC bank cards that are unconnected client payment devices (without Wi-Fi or 4G). A security verification tool called Scyther is used to analyze the correctness of the proposal.
Document type :
Conference papers
Complete list of metadata
Contributor : Nour El Madhoun <>
Submitted on : Sunday, February 21, 2016 - 1:14:34 PM
Last modification on : Friday, January 8, 2021 - 5:42:03 PM


  • HAL Id : hal-01276921, version 1


Nour El Madhoun, Fouad Amine Guenane, Guy Pujolle. An Online Security Protocol for NFC Payment Formally Analyzed by The Scyther Tool. The Second IEEE International Conference On Mobile And Secure Services, Feb 2016, Gainesville, Florida, United States. ⟨hal-01276921⟩



Record views