Research Article

Security Enhanced EMV-Based Mobile Payment Protocol

Table 1

Security comparison with current EMV protocols.

EPMAREMV (with CDA)EMV (with DDA)EMV (with SDA)

Offline mutual authentication*1*1×
Confidentiality×××
Replay attacks
Data privacy×××
Integrity
Nonrepudiation*2
MITM attacks×××
Clone attacks×××
Online-level security*3*3*3

CDA and DDA only authenticate the credit cards; they do not authenticate the readers.
*2SDA can achieve a reader’s nonrepudiation, but it does not have a user’s nonrepudiation.
*3EMV standards cannot verify whether a credit card has been revoked without readers being online.