July 30, 2014

Chip and PIN bank cards have serious vulnerabilities

chip-and-pin(LiveHacking.Com) – A new research paper [PDF], by a group of security experts from the University of Cambridge, has proven that current implementations of the EMV protocol (named after its original developers, Europay, MasterCard and Visa), which is more commonly known as “Chip and PIN”, has serious vulnerabilities. These weaknesses might leave customers at risk of fraud. The most devastating aspect of the new research is that it reveals vulnerabilities which make it possible to create clone chip cards which look like the real thing to the bank.

“Our new paper shows that it is possible to create clone chip cards which normal bank procedures will not be able to distinguish from the real card,” wrote Steven J. Murdoch.

If the terminal, which is processing a Chip and PIN transaction, has a bad random number generator or the communications back to the bank can be modified, then an attacker can use a cloned card rather than the original. Both of these weaknesses (bad random numbers and modified communications) have been seen in the wild.

As part of the research, the team identified a weak random number generator in an ATM which was made up of  a 17 bit fixed value where the lower 15 bits were simply a counter that is incremented every few milliseconds, cycling every three minutes. This was back in 2012. The team followed a responsible disclosure policy and informed bank industry organisations so that the ATM software could be patched. Only now are they able to reveal the results of their research.

According to the paper, “The first flaw is that some EMV implementers have merely used counters, timestamps or home-grown algorithms to supply this nonce. This exposes them to a “pre-play” attack which is indistinguishable from card cloning from the standpoint of the logs available to the card-issuing bank, and can be carried out even if it is impossible to clone a card physically. Card cloning is the very type of fraud that EMV was supposed to prevent.”

The good news is that because of the research the banks have started working on a certification program for random number generators in Chip and PIN terminals. However the bad news is that attacks that tamper with the random number generators or communications are harder to prevent and have yet to be addressed.

In brief: Chip and pin random numbers not random enough

(LiveHacking.Com) – A vulnerability in the chip and pin payment system has been discovered by Cambridge University researchers. The chip and pin system is used throughout Europe and much of Asia, and is starting to be introduced in North America too.

As part of the system the payment card contains a chip that understands the system’s authentication protocol. As part of the protcol the point-of-sale (POS) terminals or the ATMs need to generate a random number for each transaction. However the team have discovered that some POSs and ATMs merely  used counters, timestamps or home-grown algorithms to generate this number.

The vulneravility leaves the system open to “pre-play” attacks which are indistinguishable from card cloning attacks.

The team’s research was presented at a cryptography conference in Leuven, Belgium, on Tuesday.

“If you can predict [the UN], you can record everything you need from momentary access to a chip card to play it back and impersonate the card at a future date and location,” said researcher Mike Bond in a blog post. “You can as good as clone the chip. It’s called a pre-play attack.”

The Cambridge team have been in contact with leading banks to explain the risks to them, but they discovered that some had been “explicitly aware of the problem for a number of years”.

“The sort of frauds we’re seeing are easily explained by this, and by no other modus operandi we can think of,” researcher Prof Ross Anderson told the BBC. “For example, a physics professor from Stockholm last Christmas bought a meal for some people for 255 euros ($326, £200), and just an hour and a half later, there were two withdrawals of 750 euros made from a nearby cash machine used by what appears to have been a clone of his card.”