[tjoff]

Encrypted in the same sense that https is encrypted. Doesn't do jack if you have control over the "server".

And in this case the server can have a large antenna and not require physical contact.

So in essence, orders of magnitude worse than the magnetic strip.

[aerostable_slug]

This is fundamentally incorrect.

Sniffing the NFC traffic gives the attacker nothing useful, just as skimming an EMV contact transaction gives the attacker nothing useful.

>The contactless EMV chip transaction path leverages the cryptographic functions normally associated with a contact EMV chip transaction and uses the same authorization and settlement fields as a contact chip transaction. [0] [1]

[0]: https://www.emv-connection.com/downloads/2015/12/EMV-and-NFC...

[1]: See EMV specifications, “Book 2 – Security and Key Management,” Version 4.3, November, 2011, http://www.emvco.com/specifications.aspx?id=223.

[tjoff]

Why would you need to sniff anything?

Just ask for it yourself. That's what I meant with encryption not meaning jack if you are one of the participants.

[notatoad]

the "server" in this case provides a one-time key to sign the transaction with, which is only valid for that transaction and that merchant. if you have a large antenna that can provide valid transaction keys for a trusted merchant, then yes, you have a significant exploit.

to my knowledge, nobody has ever successfully demonstrated an exploit of this nature.

[tjoff]

The "server" in this case is a rouge device.

It is trivially employed.

[notatoad]

I’m not sure why the color of the device matters here