 Imagine you are at the check out at the supermarket and you take your cash card you got something like 35 euros to pay and you place it just on the top of the terminal it makes it beep and you have paid. Well how does near field communication work? In particular what happens at the protocol levels? Well the answers are given now by Simon Oemes who is a co-founder of PayWorks. It's a company specialized in point-of-sale payment gateway technologies. Simon has studied informatics in Munich in San Francisco and in Los Angeles. So let's welcome now Simon with his talk on decoding contactless card payments. Simon yours. Thanks a lot and yeah what a crowd welcome everybody thanks for joining tonight and tonight I want to talk about contactless card payments and how we go from like inserting a card to tapping a card to in the end just tapping your smartphone and full disclosure I'm not talking about like exposing new security risks in that format and also I'm not going on the lowest level of the EMV protocol which is basically below that I'm running this but I rather want to focus on the status quo how is basically a contactless card transaction working how do we do Apple pay how do we do Android pay what is involved there and why is it now possible to actually take a card and clone it to your smartphone something that the chip card should actually prevent you from from doing and just to give you some context where this is coming from I work at PayWorks where we run a payment gateway and develop tools for making transactions easier for developers to integrate and over there I'm mainly responsible for integrating new terminals connecting new banks and I want to take the motto of the Congress to what and just to what and give you some insights and what I learned while while working on that and yeah let's get started with this probably everybody here in the room has heard about contactless payments and has used it maybe maybe not I mean in Germany adoption rate for contactless transactions are relatively slow first of all you get a new card from your bank or your credit card company and even if you have that you still need a terminal which is actually able to handle contactless transactions and if you then finally do a contactless transaction the cashier is looking at you very curiously and saying well this not happen that is that's not how it worked basically before and then in the end you get your goods but they always some surprises waiting for you and what we looking at tonight is basically first of all what makes a contactless transaction the blueprint what stages do we go through then we need to discuss ways of actually converting your smartphone into annulating or simulating a contactless card in addition to that I want to talk a little bit about making payments a little bit more secure at the point of sale or on the e-commerce site in general where we talk about tokenization and then we have all the information that we need to actually look into apple pay and Android pay and in the end I just want to give a quick lookout on how I could envision the next steps when it comes to contactless transactions and transactions at the point of sale in general so looking at contactless transactions this is a relatively new technology and you might think well somebody came up with something new that was basically state of the art but if you look at the underlying protocols you would see that this just brings in V transactions that's the protocol or the workflows that are used for contactless for the traditional chip cards to the contactless level so you basically take what you have and put basically NFC on it and and that's it and because I'm not going into too much detail when it comes to the contactless transact where he was talking about in V transactions and is actually going on the lowest level looking at the specs looking at the protocols and what actually makes a transaction work in the end what data elements are involved in there but for us it's important to first have a look what is actually or who is actually involved in an overall transaction and this is not only true for a contactless transaction also contact transaction using a chip card is basically using the same entities so on the one hand you have yourself as a shopper as somebody who wants to buy something and you have a credit card and this credit card is given to you by a bank by your bank and because this bank issues you the card this bank is called an issuer and then on the other side you have a merchant who owns a store and he wants to accept credit card payments so he needs a terminal but just owning a tunnel terminal doesn't give him anything he needs to have a merchant account with an a separate bank where in the end the money is basically put on to and this is called an acquiring bank or acquirer so now we have two sides and they itself look fine but in some way we need to bring those two together and well we know what we use network and in our case we use payment networks this would be for example the visa networks the mastercard network American Express network the network that are available and they interconnect the acquirers and the issuers so that in the end the payment can be transacted basically between all parties now that we know who basically is involved in a transaction let's have a look the of the different phases or steps you go through during a transaction before you can actually make a transaction well you need your card so this is a card issuing step and the merchant needs his terminal so this is the terminal provisioning where he gets a terminal which is configured gets the correct configurations loaded there and and set up and configured what kind of cards should be accepted and then we at this point where we actually want to make a transaction and there you basically go through three distinct phases so you have the with the face where you tap your card to the to the terminal then you have a face where the channel is doing some internal stuff evaluating what the data that actually received and most likely after that it will go in a phase where it basically goes online users network talk to the issuer of your card to check if you actually have funds on your account and if this transaction is genuine and should be actually approved and after that we have a separate phase which is not that important for us which is the transaction settlement so this in the end makes sure that actually money moves from one account to the other we're going to basically focus on the on the three highlighted here so imagine you go into a store and want to pay with your card the first thing is that on the terminal the amount is basically shown and you as a shopper go there and tap your card on on the terminal and the terminal in this phase basically sees okay well I have a contactless card in my proximity and I have a basic idea what kind of card is this so this is a visa card this is a master card this is an MX card JCB you name it and as a first thing before actually continuing with the transaction it activates a special kernel and what a kernel is is an implementation of of a payment workflow that is specified by the schemes so visa mandates a different workflow how the card and terminal should interact as part of a contactless transaction and then master card for example all this was easier during a normal chip transaction because there was only one kernel now we have seven or eight kernels and each payment scheme has its own kernel and after the correct kernel has been loaded and activated the kernel now drives the transactions between the card and the terminal and the next phase is then the data exchange phase where the terminal as the card for some data to be given out in order to complete a transaction and what this normally includes is first of all the account data that's the credit card number expiry date information like that which is crucial for actually routing the transaction to the correct bank and making the the transaction work in the end you get a signature on specific data elements that the card generates and which allows a terminal to check if the card is an actual payment card and the card also generates a cryptogram that's in the end a cryptographic hash that allows the issuer in the end to verify that the transaction is genuine and that it's a like a recent transaction not a replay for example and all of this basically just happens between the card and the terminal at this point after that you can remove your card and that's also one of the big difference already if you would do a contact transaction with a chip the chip card needs to be in the terminal until the complete transaction is done here you can already move it and you don't accidentally wiggle with it and trigger an abort so this actually provides some more usability features also next phase we're looking at is then what's happening on the terminal and at this point only the terminal is doing something and first of all it checks if this card should be accepted at this location could be that the card should only be used domestically in a country but it's not the country of the merchant it could be that this card is an ATM card and shouldn't be used at a retail location for example and those things are basically checked first as a second step the the terminal is verifying the authenticity of the data it received from the card and for that there is a public key infrastructure in place at the top there is a root CA from the payment schemes and below that we have a CA from the actual issue of the card and then we have certificates which were put on the card itself and as basically as reading data it got this this kind of signed data and using public infrastructure the terminal can actually check if the signature that was created by the private key on the card was provided or created by an entity which at some point was signed by the by the root CA and then as a last step there is this phase of a customer verification you probably all know this you go in the supermarket pay for a couple of things and in the end you're asked for a signature or a pin new with contactless transaction is that if you're below a certain limit you're not asked for anything but nevertheless you are going through this phase and most likely especially with contactless transactions at the end the terminal decides well I should go online and check if this account is actually valid has the funds that I want to get from it and then the terminal starts like a chain of transactions or of hops and the terminal sends the data including the account data and this cryptogram to the actual acquiring bank and from there the current banks and to the global payment network and based on the first digits of the credit card the payment networks know what the actual issue is because every issue has assigned a specific number range and then in the end the issue receives this kind of data sees the cryptogram and basically is able to verify that this is an genuine transaction made with the card that it says it is and checks if the funds are available and then hopefully approve the transactions in the end and then this okay basically goes from from the lowest end back to the terminal it shows approved and in the end you get your goods and can leave so that's basically looking at a whole transaction as a as an entity talking a little bit about what kind of data is exchanged as that I think it's interesting to see what actually is basically saved on the credit card again Tim's talk about in V has some more detailed information on that but what you basically get is account information you get your primary account number your credit card number basically you get your track to equivalent data that's basically a data element which mimics the data that would normally be on a max drive if you still had one there are still networks which only route those kind of information and not the whole transaction data and for backward compatibility compatibility and legacy reasons this is still present aside from that you also for example have the expiry date then you have verification information so what kind of verification should be supported the card can make some recommendations the terminal has some information what it actually supports that has a pin pad does it doesn't have a pin pad should be accept signatures information like that then we have the authentication data there you basically get the reference to your CA public key from from the card schemes you get the public key of the card itself and the resulting signed data to check offline on the terminal if the transaction is valid and then you have the authorization data which is I mean aside from the card information the amount and currency which is crucial I mean in the end you want to get basically a specific amount during the transaction and then you add the date and time the cryptogram which allows the the issuer to verify that this transaction is genuine and basically that's basically the information that's used during a transaction the format or the protocol that is used for the communication between the card and the terminal is ISO 7816 that's basically what's normally talked between a card reader any card reader and a chip card and the payload is VR TLV encoded it's like an self-encoding format which allows you to add more or less data as part of your communication and we will talk about the communication then between the terminal and the acquirer or the entities behind that you have mostly an ISO variant of ISO 8583 especially with the acquirers but also banking networks use this and it's a bitmap based format which has very weird bitmap combinations and is a pain to to debug if you if you want to send a valid message there yeah so comparing NFC to ICC why should I use it what's the benefit why actually go for it so normally you have lot faster transaction times but there are timing limits on how fast the card in a terminal need to interact in this first interaction phase and you can also remove the card already after this phase and this is normally completed within a second you also get some benefits when it comes to verification methods and limits so they introduced or rediscovered something which is a no CVM so this means you don't have to provide a signature or a pin and they introduced a limit under which you don't have to basically provide anything in the end this was probably added to ease or to incentivize you as a shopper to use contactless transactions but then again we also have legacy and this means that NFC transactions run in two operating modes EMV mode which is basically upgrading ICC transaction to contactless and then we have max drive mode for those networks back then in the US but also in other countries around the world which only can route max drive information and not EMV or ICC information and there this relies heavily on just using track two equivalent data so now we have seen how a contactless transaction is made what steps we go through what is required as part of data elements for actually making a transaction now we want to talk about how can we actually make a smartphone simulate or emulate such card and not everybody should be able to just do it and say well I want to have my card on my phone and that's it and there are two distinctive ways on how you can do this and the first one is is basically using a something which is called a secure element which is an enclave for cryptographic and sensitive information which basically once it basically receives this kind of information no longer gives it out it's basically a micro HSM if you like and your normal chip card is basically a secure element but nowadays we also have phones which include this so also again looking at the parties if you talk about secure elements and busy providing this information required for making a transaction to secure element what do we need there well on the one hand we need the smartphone or in this case we are talking predominantly about a smartphone which has this kind of secure element and which at some point receives the information and data required for emulating a card and then we have something which is called a trusted service manager this exists for a long time and this is also the entity which normally provisions your actual ship card and it holds the cryptographic keys to actually modify data within those enclaves and now this this entity is also then linked to your smartphone and has the power to actually load information in there in the past I have also seen secure elements as part of the SIM card but there for example the trusted service manager was the mobile network operator so he had another player in there and this never really took off and so we have our next try with the smartphone and some entity which is a trusted service manager there's not just only one service manager but there are a lot of them and the one who is provisioning your smartphone isn't the one that also provisions your your smart card in your like traditional credit card but those are the two roads which play a major role when it comes to to making a secure element able to to make a contactless transaction so looking at when do we actually get the data into the the secure element well I mean you want to make a transaction with a secure element you have so you have to do it before actually making the transaction but most likely you already have a card so this happens right before your first transaction after that you can make as many transaction as you like and looking at basically how this how this works out in the end you as a user normally enter your credit card number on your smartphone you scan it you enter it manually something like that and then your smartphone or your app talks to the trusted service manager gets the information hey I wanted provision this kind of card and the trusted service manager normally has a connection to your issuing bank or a group of issuing banks and then there it checks hey well I want to add this card to my secure element or to this specific phone can I do this and normally then the first thing the issue is doing is talking to you as the owner of your card on a second channel SMS email whatever and ask you hey somebody's asking to provision a new new card to your smartphone is this actually you and do you approve this in the end and as long as you don't do anything nothing is happening so you actually have to confirm this and then the issue or gets active again and provides to this to the trusted service manager the information the cryptographic keys that need to be embedded into the secure element and from there it goes back to the to the smartphone and from there on your smartphone is actually able to just mimic an actual a smart card and drive a transaction at a at a contact at a contactless transaction terminal contactless credit card terminal but well I mean in the beginning I talked about cloning a card I mean it's not really true we saw this what we do we rather provision an additional card that is added to the secure element and this means that the issuer has means to distinguish between hey we are now doing a transaction with like an actual card and we're doing a transaction with a phone which has been loaded with the information about how to make a card also now we have a smartphone in in play we don't have the dumb card we have something which has logic there and most of time also has biometric sensors other means of very verifying that there's actually the right person using the phone and what this basically changed or added was an additional verification method which is called how to devise CVM or on device verification and those of you have who has used Apple pay maybe in the past this is when you press your home button with your finger and authorize the transaction by this and this is basically a self-adjustation of this device that the right person used the that the terminal there's a smartphone for making a transaction and when we talk about the data that is loaded onto the secure element this is basically the same as if you were a chip card or a NFC card that was actually handed out by the your bank but most importantly it it also includes a symmetric and asymmetric keys that are needed for generating the signed data and the cryptogram and this is really what makes the the transaction or adds the same security level as if you would use a traditional card to the level where you use your smart card for a transaction and this uses the same verification method and on the terminal level and also on the bank level to see that this transaction is actually genuine this is one way to do it but not everybody has a smartphone which has a secure element which is also trusted by all the issuers and this is why we have another way of making a smartphone able to act as a as a card provider and this is called host card emulation and what we have there is basically we have a smartphone could be any smartphone in the end well you need NFC capabilities in there but other than that you don't really have many requirements there and then you have your traditional payment network or the issuer which is behind that and what what's happening here is that your smartphone no longer receives those generally valid cryptographic keys but it only gets limited use keys or one-time keys basically a code book that can be used for a couple of transactions from the network but it cannot be used for repeated transactions same as with the secure element you want to make a transaction with your newly provided information so this host card emulation provisioning also needs to happen before actually making the transaction but in addition to that or comparable in contrast to the secure element you only get information that you can use a couple of times so you need to have a constant network connection in order to make repeated transactions and if you also look at basically how this look works out in the end you again enter your credit card information on your smartphone you scan it whatever this then directly goes to the payment networks so there is no trusted service manager involved there and then depending on the solution you're using either the payment networks themselves generate those one times key that can be used for making a transaction or this is also forwarded then again to the issue to the one who actually gave you your card and they are then generating those limited keys and and they are then basically handed up again to your to your phone but the data that you receive isn't really stored in a secure element it's stored within your application data so comparing those two methods HCE versus SE provisioning one of the benefits of HCE is that you don't need a totally secure environment but if you have it you can still use it so you can also put your one-time keys into a secure element for example and normally with HCE you only get limited use crypto keys which are then stored within the app and which need to be renewed every now and then and this is also then the catch here well what what happens if your smartphone doesn't have any cell reception and you want to make a couple of transactions well after you have used your limited number of of keys to basically create the cryptograms for transaction you're out of keys so at least every once in a while you need to make network connectivity to refresh the number of keys that that you have available and you can also see that HCE is receiving a big push from the industry so actually the this payment scheme so the payment network networks themselves provide SDKs for app developers to add this into their applications which abstract away the network communication which gives predefined interfaces that you can use for from making the transaction and which basically is I mean if you look at it from their side every transaction that is made through one of the networks makes the money so they want to basically bring more people on to that and here they actually have an influence a secure element they cannot modify but they can bring other app developers to use HCE for their transactions well now we know how we can get data on a terminal and act on a on a credit card sorry on a smartphone and well now we we have this data on there and it can simulate now an actual card but well in the end I don't want to have my credit card data run lying around in some kind of of application written by some app developer or maybe not even by a bank I mean we have seen what this would result in so there is another thing that was recently introduced which is account data tokenization and what this does is basically it replaces your credit card number with a token equivalent this is basically same format same length again for legacy reasons probably and this can be used interchangeably with your actual credit card number and this is something that can then be stored within your app well new features new players we have now a token service provider that's a service which stores mappings between tokens and the actual card number and provides interfaces to adding new ones and to be converting from one to the other and then you have the token requester which actually quests new tokens from from the service provider or ask it's to basically translate from one format to the other luckily this happens in the same phase as if we would do HHC or SE provisioning so you also want to basically convert your credit card number to a token before you actually do a transaction and what this then looks like is that you have your your phone which knows about your credit card that you want to use this then goes to the token requester which for example could be Apple could be Google and what they do they add some information about who you are maybe your credit history with iTunes or something or the app store and they then talk to a token service provider and provide them with the card number and basic information how they know you and they then talk to the payment networks and from there it goes into the issue and the issue can say well okay this account is is existing is valid and it's okay to add it as a token basically and then this okay on the account goes back to the tokens to the token provider and it basically stores the actual number generates a token and gives it back through the requester to your phone and then you basically have a phone which knows about a token it can discard the credit card number and use this now for every transaction it's doing well why would you want to use tokenization well I mean yeah it provides security benefits so the account number is no longer basically used outside of payment networks the other benefit is that you can limit the scope on those kind of tokens so you can say well this token that was requested was requested by Apple so this is only valid for point-of-sale transactions using NFC all other kind of transactions through Amazon through a Magstrup card are declined because it's not intended to be used like that and the other benefit is that the tokens can be revoked individually so for example if you have two devices and you load your same credit card on both devices they will receive a different token on each device and that means if one device is compromised you can basically cancel this token but your other ones are still working and your actual credit card number is not compromised because it's not safe there think of it of an app specific password if you use two factor of the authorization something that you give one entity which you can revoke all the time without affecting the others and the other benefit is that you can use a token not only for point-of-sale payments you can also for example use this in an e-commerce context on amazon for example all right so we know about how can we make a phone act as a card we know how we can make this a little bit more secure and this is now where we can look at Apple Pay and Android Pay because they use actually those kinds of information make it short Apple Pay uses the secure element on the iPhone that you have and in addition applies account data tokenization and as a result you get Apple Pay and if you look at Android Pay this is rather similar but they don't have a secure element we have a fragmented market where you cannot make any assumptions and this is why they basically are betting on host card emulation and in addition to that they also applying account data tokenization and in the end this is Android Pay if you now look at a transaction what kind of workflows are happening there what kind of data is exchanged let's assume we already basically went through the initial stage of presenting a card or filling your phone actually we get rid of the card so we presented the phone to the terminal it read the data and now we are in this online phase where we actually want to talk to the issuer instead of having your credit card number you now have the token in addition to that you have the cryptogram that was generated exactly for this transaction for example by the secure element this traditionally goes then to the acquirer from there it enters a payment network and now one additional step is happening the payment network sees well okay this is a token this is not a card number i don't know where to give this to so first i have to ask the the token manager hey can you convert this back to a card to me and so the token goes to the manager and you get returned the extra card number but this happens within the credit card networks where more or less every information that's flowing around there is visible in plain text anyways and from there on the payment network that knows okay well okay this is a visa transaction and this visa card belongs to for example my spark has a here in and then this data basically is is given to this bank and the bank can then do the the normal checking of checking cases a valid card in this case it's a smartphone is the the cryptogram valid for the transaction and then gives its okay back and that's basically what makes a transaction when using hci hce or a secure element in particular apple pay or android pay in this scenario google or apple would play the role or wouldn't would play no role in in in this because as soon as the data elements are provisioned they are more or less out of the transaction and they also then no longer see the actual crowd data so now we have seen okay apple pay android pay but it adds a different security um what's happening after that um well first of all especially in germany i want to actually be able to use apple pay um i envy my friends in the us which uses on a daily basis um i'm still sitting here i can now use giro pay um but well it's not helping me um but if you look around there are other things happening um there's something which is called issue a great hce um the issuers saw that well we don't really need a a token manager in the workflow i mean i can actually now give out tokens to to my customers via my my own app uh i can also give them the keys that are necessary for that because i'm in the end the one who is verifying them and would be issuing them in the first place um and this also enables um those issuers to to give out cards but cardless just provisioning of a card to your actual phone without sending you a physical card we've also seen alternative payment methods um i mean traditionally banks are slow to adapt to new technologies and then there were other players which basically came in um for example especially in the um asia region we have new ways of making a transaction which removes the card and the terminal together and then we end up with ali pay or we chat pay which just uses a qr code on the phone and an application on the phone of the merchant um to to make a transaction and another thing well i mean legacy for the win um those are big networks networks this enables you to actually use your card in germany in spain in mexico in the u.s in iceland um this will not change overnight there are too many um parties involved and everyone has their own agenda there so um probably in the next years we see alternative payment methods but we'll always see credit card terminals credit cards and smartphones acting as credit cards and to finish with a personal touch i work in this area um yes i know it's a um it's a very slow progressing area um it's used a lot of legacy code um but in the end this is the best playing field for you to actually improve something to find new um new areas where you want to improve um and um this is actually why i got into this and with that i want to thank everybody and thank you right we got enough time for questions please line up at the microphones if you are interested in anything you want to ask something to simon do we have an internet question currently not so oh microphone number three please yeah thanks for all those insights that was great you mentioned that the token requester adds some data like credit history something when they want a token could you briefly explain why this is necessary what this information is used for um well in the end this information uh well for for example if you talk about apple pay let's use this as a combination um apple has a like a history of if you're actually a recent user of this card if you have used it for a long time how credible you are um and this is just used for making sure that um a second card is issued to the to the right person um in the end this is the most likely a tax scenario for apple pay for example that somebody is using your card and add a second one to his phone and not to your phone and and those kind of information um is just making sure that the right person's actually use or requesting a second card on on their phone this is kind of a fingerprint it's not i wouldn't say a fingerprint uh because it's not um reused at a later point it's just a point a collection of the of your of the current moment of what you have been done and how authentic this request seems to be all right uh for those who are leaving please a little bit uh lower down your voice and the noise we still have going on here so microphone number one please uh do i see any difference as a customer uh if i use a secure element or just host card emulation so the maximum amount or what happens in case of fraud or what happens if the android phone is rooted so this depends on basically the provider of the hce c e solution um in general they are on the same level um but um the one who gives out this one times key could could limit them to certain amounts uh they normally also limit how many one time keys you normally get at a certain point so five or ten is normal um and yeah you're right if your phone is rooted and somebody else gets access to those they can be used for actually imposing a playing imposter and making a transaction um but this is limited to like the ones that you receive this is actually why you limit the number the number of tokens that you get for hce because they're not protected as if you would be using a secure element then the bank play blaming me or is it so this is an interesting part um i don't know about any case so um i don't know um this probably is a case by case analysis okay let's move on to microphone number six there's somebody over there um in case multiple cards are within a wireless range uh is there a collision detection and card denomination applied or is it just a general error and nothing happens um so yeah this is detected um the um guys who basically invented the contact aspects uh said well okay if we detect the collision we say well just present one card so you get an error message indicating to you as the one who is providing the cards hey please just provide one card and that's it probably to make it easier to differentiate which card should actually be used and not adding a new selection interface to basically prolong the transaction in the end so i can't present my entire wallet you can't you can but this will not work all right microphone number two please hi um so if you go back to the secure element provisioning stat um yeah it would be nice to see that on the screen let's have a quick look yeah so the the bottom two lines is that that's basically blob holding the the secret keys right um so what um the issuer gives back to the um to the trusted service manager and then to the government is basically uh well a standardized block if you want which holds uh like the the private crypto keys for the asymmetric and symmetric encryption yeah but those are encrypted right uh well kind of yes so they are encrypted by um or between the issuer and the uh service provider and then from there to the to the phone so um it's not like you just apply tls there or something but it's actually they have shared keys which encrypt this on both sides so so only the service provider can do this yes and only the service provider has the knowledge about how um the secure element can be provisioned and the keys for actually changing data in there yeah so and who is that so in in case of apple pay uh this is apple and in any other case well i don't know about any other solution which uses a secure secure element to make a uh a contactless transaction work um and well in the hc case we don't have this entity but it could be for example if you talk about a traditional credit card um then this could be for example oba two or jmalto basically the the creators of the or the the manufacturers of the actual cards that you get sent by the by the bank and and the keys of those uh secure elements are diversified yes so there's not one provider who has every key but basically they are a couple of entities which then um have their own access to their cards basically yeah so what i mean is and you can let's go on to the next question i mean this is a dialogue i'm sorry that's a little bit too much we have an internet question please just drop by laughter the internet wants to know are tokens static on a device or are they ever updated and would there be an advantage to changing them um so the the one time keys that are um i know so sorry we're talking about the tokens um so the token once it's basically provisioned they are normally static um until you basically say well i want to add another card even if the same card you will probably get a different token but in general it's basically static um yes there would be a benefit in changes regularly just removing um finger printing options there um but uh as i think the the major benefit of actually having this kind of of option is um that you can hide your actual credit card number and this i think was the primarily focus on there okay microphone number four please you were talking about uh payment networks like mastercard and we size the same technology used for contactless payment cards known as a shiro card it was this completely different it's similar i mean the giro card has its own kernel which should be running on the terminal um and you don't have this there's global payment network if you will but you have like a local german network um which is connected to different service providers um but the handling overall is is more or less similar and microphone number five please hi um i heard or i often hear that risk management is one of the most important things for credit card institutes or a pretty important thing do you have any experience in this or do you know if there really is so much money stolen from the credit card institutes or during the transaction um well i think you have to differentiate i mean there are um credit card uh issuers or companies who have been doing this in a long time especially in europe they are very keen on checking the data as part of the risk management um when emv was introduced in the u.s there were instances where the bank introduced emv but they didn't check any data so you could just send in transactions they would be approved um so yes this happens from time to time um but if the correct checking is implemented then um this is very hard okay let's get back to microphone number three hello i think you forgot to mention another alternative you can pay with the phone or nearly pay with the phone because some banks are also issuing near the card the near field communication sticker that you can just put on the back of the phone and it works even when you don't have the signal isn't that the easiest way well this works um and yes you're right this is also one of the options that you can use in this case you net don't doesn't even necessarily need a phone you can stick this to anything um and true this is like a key fob or something that you carry around with you um this also works this has been tried in germany for example um the network operators um t-mobile and so on have tried this but it didn't reach critical mass and never took off and when they buried it i guess this is now the next try of of getting it to the masses my country in Slovenia that's released by the bank and okay you can pay with it well this is just an alternative then to the to actual credit card yes okay number one microphone please okay so when i got my um one of the last card a couple of years ago um before the first time that i could pay contactless i had to pay with the contact i had to insure the card is there a technical reason for that um in general no um i think this is just a checking that everything is okay and that the account is still available um otherwise you could for example use this card for below uh contactless limits um without needing any pin or anything else i think this is just a first risk check but there is no technical reason for it and microphone number six please when using host card emulation how do the limited use keys get updated does that require cardholder interaction does it happen automatically so this normally happens behind the scenes so you as a user of the smartphone don't see this um this happens basically asynchronously in the background um and whenever the phone sees well or the application sees well i'm running out of keys um it refreshes them let's go to microphone two please uh hi um could you elaborate a bit on why the banks are pushing more for host card emulation than sc i understand why google uses host card emulation but the banks are pretty powerful entity and could basically put their weight behind forcing manufacturers to use as these why don't they so from what i understand yes they couldn't put more force on that but in the end you also need manufacturers who want to support it and if you're looking for example at at android it's pretty fragmented there might be one manufacturer who adds a secret element to their phone but well first of all you need to basically be able to cater than for markets and sell it in markets um so me here in germany it doesn't help me if a chinese maker is adding this to his smartphone and i'm also not so sure how how much i would trust this implementation so a secure element is basically has the same capabilities of a card um so you really need a trusted entity in there and this is i think why the why the issuers basically focus more on host card emulation because they they can actually influence it they don't have any external requirements of some some manufacturer adding some stuff there um for example with android they just need a recent handset with i think android 4 plus um and then they are more or less good to go thanks all right uh any questions from the internet nope okay let's go on to microphone number four please thank you for the great talk i wonder if there are any liability changes when uh these new workflows with mobile pilots arrived like secure element and host card emulation who is liable for the fraud in this case is because there are now new players for example the trusted service providers which basically owns the secure the crypto keys for the emulated card well overall this doesn't change anything it's the same as if you would use your credit card um yes there's somebody who basically can put data in your secure element but uh those types of entities have been existing in the past the ones who basically provisioned your own actual physical card um and they undergo the same um certifications or i don't know what how you want to call this like the same requirements in order to become one um when it comes to securing your data um so in the end um the same liability is there um and as long as you use emv um you are protected by it except for if you use a pin or something whatever would the banks come up with in the end yeah but in general if you use emv the liability is with the with the bank all right second small question is there such a thing as an offline contactless payments and if there is how widespread are they technically yes you can use it um but this then really shifts the liability um because then you are um ignoring the result of the transaction and just trying to accept it um but you have to differentiate between saying well i want to use i want to work in a in a strictly offline environment and um i have an offline approved transaction um which could also happen but uh nowadays um i think in almost all countries that uh i've been working with um there is this this floor limit which indicates to the terminal when should i go online for a transaction and this is at zero so normally every transaction is authorized online okay and microphone number five please i think there is somebody over there hi um how does pin verification work and how is it different compared to a chip transaction so when looking at a chip transaction you normally have three ways of verifying a pin so you can basically check this offline so just between the terminal and the card and there you have two ways of encrypting it or doing it in plain text so this is how the terminal communicates with the card and actually wants the the pin to be verified and then there's a second third option which is online pin where the pin that you enter is actually encrypted on the terminal and then together with your authorization sent to the bank and the bank checks that the pin is actually valid and when we're talking about off of contactless transactions then only the third option is actually available so if you use a pin for contactless transaction this always goes to the to the issuer for for checking because there is no card anymore for verifying the pin offline and microphone number three please my question would be about epipay in germany banks in germany seem to be reluctant to accept it and implement it one reason seems to be that they have to give up a little share of their the the fee transaction the transaction fee they they receive so my question would be how does apple how does apple know about the transaction and which data is sent to to apple when i pay with with the phone so i don't want them to be involved too much yes and in the end they actually aren't well in order to basically be able to use apple pay on your phone your issuer needs to participate in this charade of provisioning in card and this also then means that they enter an agreement that a percentage of every transaction is basically paid out to apple and this happens basically independently of making the transaction so the the the issuers are aggregating basically the transactions and then basically providing apple with information of how much they get there is no direct feedback as of as part of every transaction to apple that where i made a transaction about this and this means that you get that so this is like a trusting contractual agreement between the issuer and the and apple in microphone number one please i also worry about transaction privacy and is this any different with android pay do they get any transaction data so this is kind of similar also there in general apple google doesn't get any transaction data they have access to the same elements that you has as part of a transaction but after you apply the tokenization you also just have your replaced account number in theory they could do more to be honest i don't know 100 what they actually store and what is basically transferred as part of a transaction but i would assume that this is similar to what apple does because this is a highly sensitive topic and if there's any wrongdoing there then this would create a real shit storm yeah okay we're good in time there's one more question left as it looks like please microphone four hello thanks for the great talk but i think you missed something okay yeah and maybe i missed it but you never mentioned number 26 with this qr code paying well i would say that's basically similar to the alternative payment methods which basically come up and this is a way where you no longer need a card actually you just need your smartphone to display a qr code and this is in scanned at the cashier system and this basically includes information of making the transaction yeah yes you're right this is a valid way of doing this for example in germany but i wanted to focus on actually making like cloning or making card payments with with your smartphone those is what as a replacement for for normal credit card so this is why i didn't focus on that okay thank you okay thank you very much simon apologies again for this small delay thanks a lot yeah