Anonymous Payments using Payment Proxies

In this recent work, we address a long-standing limitation of EMV contactless payments:
they are not private. Current EMV deployments expose persistent payer identifiers to merchants, acquirers, and sometimes passive observers. Although this aligns with AML, KYC and SCA regulations, it creates a significant privacy deficit for ordinary users.

At USENIX Security 2025, we introduced two new EMV-compatible, law-abiding payment protocols, PrivBank and PrivProxy, designed to bring anonymity, unlinkability, and payer/merchant privacy to real-world EMV systems without changing the EMV infrastructure.

These designs offer privacy guarantees reminiscent of e-cash and anonymous shopping vouchers, yet remain fully deployable in today’s EMV environment.

The Essence.

PrivBank restructures the EMV transaction so that the bank, not the merchant, learns the payer’s identity.
Merchants receive authorization but no linkable identifiers, preventing customer profiling.

PrivProxy extends the design to protect both sides: a lightweight EMV-compatible proxying flow ensures that payer and merchant identities remain private, while the issuing bank still satisfies AML, KYC and SCA obligations.

Both protocols work entirely within the existing EMV architecture, no new hardware, no new cryptographic primitives, and no changes to the secure element.

Technical Details.

The protocols achieve privacy through EMV-consistent engineering rather than heavy cryptography:

  • Card identifiers are replaced with fresh, unlinkable tokens.
  • Banks perform KYC/AML checks but do not leak payer identity to merchants.
  • Merchants receive authorization proofs without persistent identifiers.
  • Observers cannot correlate multiple payments to the same customer.

Formal models in the paper show that PrivBank and PrivProxy satisfy unlinkability, anonymity, and merchant privacy under realistic EMV threat models.

Implementation & Practicality.

PrivBank and PrivProxy were designed to require only minimal EMV-layer adjustments:

  • No secure-element modifications
  • No changes to EMV kernels
  • No new cryptographic operations unsupported by existing payment cards

This ensures compatibility with deployed PoS terminals and enables incremental rollout.

Reception.

As part of this research, we worked with Curve, who evaluated the practicality of PrivBank and PrivProxy within a modern payment-provider infrastructure.

Curve provided a statement (included in the paper) confirming that:

  • the protocols are practicable,
  • adoptable within existing EMV processing pipelines, and
  • compatible with regulatory obligations and issuer–acquirer flows.

Their industry feedback underscores that privacy-preserving EMV payments are feasible today, without redesigning global payment hardware.

Further reading.

More can be read at
”Who Pays Whom? Anonymous EMV-Compliant Contactless Payments”
by published at USENIX Security 2025.