In this thesis the security landscape for near-_eld communication (NFC) payment applications on smartphones is investigated. The proposed model in this thesis is used to perform a robust risk assessment on a set of NFC related attack and fraud scenarios. The impact of the fraud scenarios is evaluated using information of a real-world NFC payment provider. The attack scenarios are presented to a group of experts in an expert elicitation, who gave their opinion on the likelihood of the attack scenarios based on evaluation criteria of an existing risk assessment method. The experts are also asked to answer a set of calibration questions to gain insight in the knowledge and certainty of the expert opinions. These results are aggregated into a discrete probability distribution. This distribution is used as input for a SMAA-TRI model that results in set of risk class acceptability indices for the di_erent attack scenarios. This resulted for the NFC attack scenarios in two high risks scenarios, three medium risk scenarios and _ve low risk scenarios.

, , ,
Tervonen, T.
Economie & Informatica
Erasmus School of Economics

Vermaas, R. (2013, March 26). The Security Risks of Mobile Payment Applications Using Near-Field Communication. Economie & Informatica. Retrieved from