- We present a formal model for security protocols of smart card applications using Abstract State Machines (ASMs) and a suitable method for verifying security properties of such protocols. The main part of this article describes the structure of the protocol-ASM and all its relevant parts. Integrated in the ASM are all relevant aspects of the scenario: The agents participating in the application (static and dynamic aspects), the attacker and the possible communication between all those involved in the application. Our modeling technique enables an attacker model exactly tailored to the application under consideration, instead of only an attacker similar to the Dolev-Yao model. We also introduce a proof technique for security properties of the protocols. For proving properties the ASM is represented as a Dynamic Logic (DL) program in the KIV system. Properties are proved using symbolic execution and invariants. Our formal approach is exemplified with a small e-commerce application. WeWe present a formal model for security protocols of smart card applications using Abstract State Machines (ASMs) and a suitable method for verifying security properties of such protocols. The main part of this article describes the structure of the protocol-ASM and all its relevant parts. Integrated in the ASM are all relevant aspects of the scenario: The agents participating in the application (static and dynamic aspects), the attacker and the possible communication between all those involved in the application. Our modeling technique enables an attacker model exactly tailored to the application under consideration, instead of only an attacker similar to the Dolev-Yao model. We also introduce a proof technique for security properties of the protocols. For proving properties the ASM is represented as a Dynamic Logic (DL) program in the KIV system. Properties are proved using symbolic execution and invariants. Our formal approach is exemplified with a small e-commerce application. We use an electronic wallet to demonstrate the ASM-based protocol model and we also show how the proof obligations of some of the security properties look like.…