MasterCard and Cryptographic Research: an International Retail - - PowerPoint PPT Presentation

▶

Nov 20, 2022 41 likes •131 views

MasterCard and Cryptographic Research: an International Retail Financial Services Industry perspective Michael Ward VP, Emerging Technologies Product Security MasterCard International STORK Cryptography Workshop, Bruges, 27 November 2002

SLIDE 1

MasterCard and Cryptographic Research: an International Retail Financial Services Industry perspective

Michael Ward VP, Emerging Technologies Product Security MasterCard International

STORK Cryptography Workshop, Bruges, 27 November 2002

SLIDE 2

2 of 10

Emerging Technologies and New Payment Channels Durable and Evolvable Cryptography Compound Mechanisms

SLIDE 3

3 of 10

Emerging Technologies and New Payment Channels

Smart Cards: EMV, Electronic Purse, Data Storage Contact, Contactless E-commerce Internet M-commerce Mobile Phones Cardholder Verification

SLIDE 4

4 of 10

Cardholder Verification

My body is my password

Iris scan
Facial recognition
Speaker / Voice
Fingerprint
Key strokes
Hand geometry
Signature verification

“My PIN is 1234”

SLIDE 5

5 of 10

Threats

Registration Replay Identity theft Ease of use

SLIDE 6

6 of 10

Durable & Evolvable Cryptography

International Standards ISO/IEC JTC1 SC17 Identification Cards ISO/IEC JTC1 SC27 Security Techniques ISO TC68 SC2 and SC6 Financial Services IEEE P1363 IETF PKIX NESSIE

SLIDE 7

7 of 10

Durable & Evolvable Cryptography

Continued Research into Proofs of Security Security Models Proof Models (ROM, Generic Group) International Standards (ISO, IEEE, IETF) Asymmetric encryption (OAEP, PKCS)

SLIDE 8

8 of 10

Compound Mechanisms

Authenticated Encryption Symmetric Key Exchange using Asymmetric cryptography Incremental cryptography Random number generation and key generation Mix and matching DPA-resistant hash using DES or RSA

SLIDE 9

MasterCard and Cryptographic Research: an International Retail Financial Services Industry perspective

Michael Ward VP, Emerging Technologies Product Security MasterCard International

STORK Cryptography Workshop, Bruges, 27 November 2002

2 of 10

Contents

Emerging Technologies and New Payment Channels Durable and Evolvable Cryptography Compound Mechanisms

3 of 10

Emerging Technologies and New Payment Channels

Smart Cards: EMV, Electronic Purse, Data Storage Contact, Contactless E-commerce Internet M-commerce Mobile Phones Cardholder Verification

4 of 10

Cardholder Verification

My body is my password

“My PIN is 1234”

5 of 10

Threats

Registration Replay Identity theft Ease of use

6 of 10

Durable & Evolvable Cryptography

International Standards ISO/IEC JTC1 SC17 Identification Cards ISO/IEC JTC1 SC27 Security Techniques ISO TC68 SC2 and SC6 Financial Services IEEE P1363 IETF PKIX NESSIE

7 of 10

Durable & Evolvable Cryptography

Continued Research into Proofs of Security Security Models Proof Models (ROM, Generic Group) International Standards (ISO, IEEE, IETF) Asymmetric encryption (OAEP, PKCS)

8 of 10

Compound Mechanisms

Authenticated Encryption Symmetric Key Exchange using Asymmetric cryptography Incremental cryptography Random number generation and key generation Mix and matching DPA-resistant hash using DES or RSA