back

Decoding Contactless (Card) Payments

An Exploration of NFC Transactions and Explanation How Apple Pay and Android Pay Work

If you suspend your transcription on amara.org, please add a timestamp below to indicate how far you progressed! This will help others to resume your work!

Please do not press “publish” on amara.org to save your progress, use “save draft” instead. Only press “publish” when you're done with quality control.

Video duration
00:58:19
Language
English
Abstract
This talk will dive into the techniques and protocols that drive contactless card payments at the Point of Sale. We will explore how Apple Pay works on a technical level and why you are able to 'clone' your credit card onto your phone. Building upon previous C3 talks on the topics of EMV and ICC payments, we will learn about different NFC payment options, why legacy will never die and how the individual card brands have specified their payment workflows.

Contactless payments are gaining more momentum every day and even though Apple Pay is not yet available in Germany, you are able to use your new contactless credit card at an increasing number of locations. This trend is not likely to stop anytime soon and it is time to understand what is going on the lower layers.

To jumpstart the discussion, we will first have a look at all the parties involved in a card transaction and where they are placed in the communication and decision chain. From there we are comparing the differences between a chip (ICC) and a contactless (NFC) transaction.

Afterwards we are ready to look at Apple Pay, Android Pay and other card emulations. Even though they provide the same features on first look, they work fundamentally different on the technical level. We will learn about storing sensitive transaction information offline on the device in a Secure Element (SE) or online with your service provider utilizing Hosted Card Emulation (HCE).

In the end, we will take a short look at how contactless payments might influence our future, why legacy is still king and if tokenization might just save your day one time.

Talk ID
8965
Event:
34c3
Day
3
Room
Saal Adams
Start
10:15 p.m.
Duration
01:00:00
Track
Security
Type of
lecture
Speaker
Simon Eumes
Talk Slug & media link
34c3-8965-decoding_contactless_card_payments
English
0.0% Checking done0.0%
0.0% Syncing done0.0%
0.0% Transcribing done0.0%
100.0% Nothing done yet100.0%
  

Work on this video on Amara!

English: Transcribed until

Last revision: 2 years, 2 months ago