Don’t trust POS terminals! Verify in-shop payments with your phone

Despite the advanced capabilities of the chip-enabled, debit and credit cards, fraud in payment transactions has not diminished it has shifted. The reason lies in the lack of a trusted communication path between the smartcard and the cardholder. More explicitly, because users have no means of verifying the authenticity of the Point-of-Sales (POS) terminal, they do not know how much they are about to pay nor to whom. We propose to use the camera-enabled mobile phone and a previously shared secret to create a two-way, secure communication channel. Messages from the card are displayed by the POS terminal as visual codes, then captured and decoded by the phone. Messages from the cardholder are computed by the phone and manually typed in as one-time PINs. We extend the EMV payment protocol to provide explicit verification and confirmation of the transaction amount. In the process we also improve cardholder authentication, protect against stolen PIN and cards, and eliminate the POS terminal from the trust chain altogether. The implementation requires minimal software updates and no hardware