Security News > 2020 > September > Interesting Attack on the EMV Smartcard Payment Standard
This allowed the two devices to read data from the credit card chip and exchange information with payment terminals.
To obtain unauthorized funds from a third-party credit card, the first mobile phone is used to scan the necessary data from the credit card and transfer it to the second phone.
Abstract: EMV is the international protocol standard for smartcard payment and is used in over 9 billion cards worldwide.
First, criminals can use a victim's Visa contact-less card for high-value purchases, without knowledge of the card's PIN. We built a proof-of-concept Android application and successfully demonstrated this attack on real-world payment terminals.
Finally, we propose and verify improvements to the standard that prevent these attacks, as well as any other attacks that violate the considered security properties.