This work systematically analyzes security vulnerabilities in the EMV contactless payment protocol. Addressing the lack of a unified attack taxonomy and causal modeling in prior research, we propose the first comprehensive analytical framework encompassing security objectives, adversary models, and compositional attack pathways. Leveraging formal modeling, protocol reverse-engineering, attack tree analysis, and cross-version comparison, we identify and empirically validate 17 classes of composable vulnerabilities—exposing deep interdependencies between design trade-offs and standardization flaws. Our findings directly informed EMVCo’s revision of its Security Assessment Guidelines draft. The study delivers actionable, system-level recommendations for protocol evolution, validated across mainstream implementations including chip-based cards and mobile payment platforms.

EMV is the global standard for smart card payments and its NFC-based version, EMV contactless, is widely used, also for mobile payments. In this systematization of knowledge, we examine attacks on the EMV contactless protocol. We provide a comprehensive framework encompassing its desired security properties and adversary models. We also identify and categorize a comprehensive collection of protocol flaws and show how different subsets thereof can be combined into attacks. In addition to this systematization, we examine the underlying reasons for the many attacks against EMV and point to a better way forward.