About   Advertise   Archives   Education   Glenbrook   Jobs   Store   Views   Subscribe:

Weekend Reading: Contactless Payments And The Security Challenges

Tags » Card Technology, Privacy, Security  » Comments (0)

David Birch of Consult Hyperion writes for Principia on contactless payments and how they deliver appropriate levels of security and privacy.

In a typical retail environment the retailer's point-of-sale (POS) terminal and the payment token both contain a microprocessor; the microprocessors communicate using a payment protocol (on top of the ISO 14443 protocol for basic data exchange).

When it is time to pay, the customer brings their tag close to the POS terminal. The terminal interrogates the card and gets back the serial number and a cryptogram (a one-time code calculated inside the token). It feeds these to the acquiring bank, which passes them back to the issuer. From the serial number, the issuer knows which account to authorise and from the cryptogram the issuer knows that the token is valid.

The cryptogram is made up from the serial number and a transaction counter, encrypted using the token security key. This key is inserted in the token during manufacturing; it is derived from the serial number and a bank master key. Once in the token, it is never divulged.

Posted: Sep 17, 2005 07:36 PM Pacific |   |   |   Tweet This

Add your comment... (note that all comments are reviewed before they're published)

Feed You can follow this conversation by subscribing to the comment feed for this post.

If you have a TypeKey or TypePad account, please Sign In

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00d8341bfc2453ef00d8351f3b7553ef

Listed below are links to weblogs that reference Weekend Reading: Contactless Payments And The Security Challenges:

Sponsors

News View

Payments Consultants

Subscribe

Search

Languages
Glenbrook Partners

PAYMENTS NEWS IS PRODUCED BY AND IS A SERVICE MARK OF GLENBROOK PARTNERS, LLC
ISSN 1556-4487

Glenbrook's Consulting Services

  • Innovation and Strategy
  • Payments Product Development
  • Payments Market Assessments
  • Payments Vendor Selection
  • Merchant Payments Optimization
  • Payments Risk Management
  •  
  • To discuss how Glenbrook can
    help you    , email us:

Glenbrook's Payments Education

  • Payments Boot Camp
  • Emerging Payments Roundtables
  • Special Focus Workshops
  • Private Payments Workshops
  •  
  •  
  •  
  • For more information on Glenbrook's payments education, email us:

Tools for Payments Professionals

  • Glenbrook Writings
  • Payments News
  • Payments Jobs
  • Payments Education
  • Payments Bookstore
  • Payments Glossary
  •  
  • To send us news that you'd like us to cover on Payments News, email us:

Contacts:                        
Compilation Copyright © 2002 - 2009 Glenbrook Partners LLC. All Rights Reserved.
Terms of Use        Privacy Policy        RSS Feed        Payments News RSS Feed

Subscribe to Payments News   

Follow Payments News on Twitter for Real-Time Updates