Work in progress by Ossama Al-Maliki, discussing A Tokenisation Technique for the Security on Contactless Cards

Name: Ossama Al-Maliki – DPhil in Computing

Supervisor: Dr Hisham Al-Aassam (1^st) / Dr Tuan Nguyen (2^nd)

Ossama introduces the meaning of EMV payment protocol and how much it impacts our daily life through the consistent use in both credit and debit contactless cards purchases. EMV stands for Europay, Mastercard and Visa with almost 7.1 billion EMV based cards around the world.

The fraudulent activities involving EMV contactless cards has been increasing year on year. Ossama demonstrates that anyone can purchase over-the-counter software/hardware to easily obtain valuable information such as cardholder name, Primary Account Number (PAN) and expiry date of the card without the cardholder knowledge. This was then linked to the rise of remote purchasing attacks that represented 76% of the total fraud losses in 2018, which was one of the motivations for Ossama’s tokenisation solution to EMV contactless cards.

The tokenisation proposed would replace the actual PAN  with a unique token to each EMV contactless card. This would reduce the risk of obtaining the PAN by unauthorised reader and use it to launch remote purchasing attack as this token is useless in this kind of attack. The tokenisation solution required minimum changes in the original EMV infrastructures.

The Work in Progress seminar series gives postgraduate and undergraduate students an insight into the range of research projects being undertaken in the School of Computing, an opportunity to broaden their understanding of computing and identify areas of interest for further study. All are encouraged to attend.

Check out the upcoming School of Computing events and seminars.

Find out more about our courses in computing.