Chip and PIN is broken Steven Murdoch, Saar Drimer, Ross Anderson, - - PowerPoint PPT Presentation

chip and pin is broken
SMART_READER_LITE
LIVE PREVIEW

Chip and PIN is broken Steven Murdoch, Saar Drimer, Ross Anderson, - - PowerPoint PPT Presentation

Jun 21, 2023 17 likes •139 views

Faculty of Computer Science Institute for System Architecture, Operating Systems Group Chip and PIN is broken Steven Murdoch, Saar Drimer, Ross Anderson, Mike Bond Europay Mastercard Visa (EMV) 730 million cards worldwide

slide-1
SLIDE 1

Faculty of Computer Science Institute for System Architecture, Operating Systems Group

Chip and PIN is broken

Steven Murdoch, Saar Drimer, Ross Anderson, Mike Bond

slide-2
SLIDE 2

2010-03-03 Chip&PIN is broken Slide 2 von MAXNR

Europay – Mastercard – Visa (EMV)

  • 730 million cards worldwide
  • Solution to all the banks' problems:

– Chip to prevent copying of a card – PIN to prevent abuse of stolen cards

  • PIN to prove customer's liability
slide-3
SLIDE 3

2010-03-03 Chip&PIN is broken Slide 3 von MAXNR

Card Fraud in the UK

slide-4
SLIDE 4

2010-03-03 Chip&PIN is broken Slide 4 von MAXNR

PIN and Chip protocol from 10,000 ft

  • 1. Card authentication

prove that card is correct →

  • 2. Cardholder verification

prove that customer owns the card →

  • 3. Transaction authorization

prove that transaction is valid →

slide-5
SLIDE 5

2010-03-03 Chip&PIN is broken Slide 5 von MAXNR

Card authentication

slide-6
SLIDE 6

2010-03-03 Chip&PIN is broken Slide 6 von MAXNR

Cardholder verification

slide-7
SLIDE 7

2010-03-03 Chip&PIN is broken Slide 7 von MAXNR

Transaction authentication

slide-8
SLIDE 8

2010-03-03 Chip&PIN is broken Slide 8 von MAXNR

The attack

  • TVR only records auth failures
  • IAD may contain info about PIN auth used

– Issuer-specific, terminal cannot check

  • MITM: intercept PIN request and send 0x9000

to terminal

  • Result:

– Terminal: PIN ok – Card: PIN never requested – Bank: no TVR failure, no PIN auth

slide-9
SLIDE 9

2010-03-03 Chip&PIN is broken Slide 9 von MAXNR

Hardware used

slide-10
SLIDE 10

2010-03-03 Chip&PIN is broken Slide 10 von MAXNR

What caused the vulnerability?

  • Closed protocol specification process
  • Huge spec

– 707 pages for core EMV spec – 2,126 pages testing documentation – 810 pages VISA public extensions

  • No documentation of threat / security model
slide-11
SLIDE 11

2010-03-03 Chip&PIN is broken Slide 11 von MAXNR

Fixes?

  • Economic factor:

– Customers can be held liable – No incentive for costly redeployment – Cooperation of banks and terminal vendors

  • Let terminal parse IAD

– As the name says: issuer-specific data

  • Incorporate Cardholder Verification Method

Results into ARQC

– Possible with EMV, requires only cards and issuer backends to be fixed – Will stil take a long time

slide-12
SLIDE 12

2010-03-03 Chip&PIN is broken Slide 12 von MAXNR

Discussion

  • How to educate the uneducated?
  • Is there formal protocol validation?

– Would it have helped?