by Jordi Breekel,

Summary : We present the first vulnerabilities in EMV (Europay, MasterCard and Visa) Contactless that do not use legacy modes and that are applicable to practically all EMV Contactless cards and terminals. In particular, we show that a relay attack can be performed with very limited resources and widely available off-the-shelf hardware. Our proof-of-concept relay attack proves that a criminal can pay at a Point-of-Sale terminal, using the card inside a wallet of a victim, while the victim is arbitrary far away from the terminal. Using EMV and Android specific optimizations, we show the world's first relayed transaction that is faster for certain cards than a transaction performed directly with the same card. Therefore, the most obvious countermeasure, timing restriction, will likely not be effective at all.
Furthermore, we identified other vulnerabilities in cards from certain issuers, and in the most used type of Point-of-Sale terminals in the Netherlands. For instance, certain Maestro cards have a vulnerability that concerns the distribution process of the cards. Furthermore, certain Visa cards break the EMV security requirements by using secret keys that are not unique. The most used type of Point-of-Sale terminals in the Netherlands is vulnerable to a Denial-of-Service attack, which presumably is the result of a buffer overflow.
Our findings have significant implications for the acceptance of contactless transactions by the public. Indeed, contactless transactions will not be widely accepted by customers if they are not confident about the security of contactless cards, and banks can suffer significant reputational damage.