Download presentation
Presentation is loading. Please wait.
Published byOsbaldo Brasier Modified over 10 years ago
2
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Electronic Payment Systems 20-763 Lecture 8 Smart and Stored-Value Cards
3
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Outline Smart card types Operating systems Wireless cards Card manufacture and issuance Security Octopus Mondex Mobile systems
4
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS ePayment by Smart Card Objective: replace cash Cash is expensive to make and use –Printing, replacement –Anti-counterfeiting measures –Transportation –Security Cash is inconvenient –not machine-readable –humans carry limited amount –risk of loss, theft Additional smart card benefits
5
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Smart Cards Magnetic stripe –140 bytes, cost $0.20-0.75 Memory cards –1-4 KB memory, no processor, cost $1.00-2.50 Optical memory cards –4 megabytes read-only (CD-like), $7-12 Microprocessor cards –Imbedded microprocessor (OLD) 8-bit processor, 16 KB ROM, 512 bytes RAM Equivalent power to IBM XT PC 32-bit processors now available
6
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Smart Card Costs NEW: RW Optical 500 MB 32-bit $15 Reader: $200 SOURCE: SUNSUN
7
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Laser Optical Memory Card Capacity: 1MB - 1GB
8
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Microprocessor Card Adoption SOURCE: DATAQUEST (10/2000) 1999: 500 M microprocessor cards 2004: 1750 M microprocessor cards MILLIONS OF CARDS WORLDWIDE
9
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Card Taxonomy SOURCE: BURGER, CAROLL & ASSOCIATESBURGER, CAROLL & ASSOCIATES
10
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Multi-Application Smart Card Digital Certificates Private Key(s) ACE (Active Customer Enrollment) Authentication Biometric Data Employee Data Magnetic Stripe or RF Door Access Employee Picture Encryption Key Password Cache S/Mime Secure Mail SSL Secure Web Customer PKI Application Single Sign-On Local File Encrypt Secure Screen Saver BiometricAuthentication Application Login SOURCE: SECURITY DYNAMICS
11
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Smart Card Structure Contacts (8) SOURCE: SMART CARD FORUM Epoxy Microprocessor Contacts Card (Upside-down) Contacts:
12
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Old Smart Card Architecture SOURCE: SMART CARD FORUM EEPROM: Electrically Erasable Programmable Read-Only Memory
13
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Cyberflex Java Smart Card Complete 32-bit Java run-time environment on a card Utilities for compiling and loading cardlets onto the card from a PC OPERATING SYSTEM MICROPROCESSOR JAVA VIRTUAL MACHINE 1 2 3 CARDLETS
14
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Smart Card Architecture File structure (ISO 7816-4) –Cyclic files Database management on a card –SCQL (Structured Card Query Language) –Provides standardized interface –No need to know file formatting details
15
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Contactless Cards Communicates by radio –Power supplied by reader –Data rate 106 Kb/sec –Read 2.5 ms, write 9 ms –8 Kb EEPROM, unlimited read, 100,000 writes –Effective range: 10 cm, signals encrypted –Lifetime: 2 years (data retention 10 years) –Two-way authentication, nonces, secret keys –Anticollision mechanism for multiple cards –Unique card serial number SOURCE: GEMPLUSGEMPLUS
16
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS How RFID Works Tag enters RF field RF signal powers tag Tag transmits ID, plus data Reader captures data Reader sends data to computer Computer determines action Computer instructs reader Reader transmits data to tag RFID Reader Antenna Computer Tag SOURCE: PHILIPS
17
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS SOURCE: SANJAY SARMA RFID
18
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Low-Cost RFID Antenna Manufacture Antenna/IC Assembly Conversion to Package End users IC Manufacture 20 ¢ 5¢5¢ 5¢5¢ IC Design Millions of tags Total ~ 40 ¢ 1-2 ¢ 1¢1¢ 1¢1¢ 1¢1¢ Billions of tags Total ~ 4 - 5 ¢ SOURCE: SANJAY SARMA
19
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Java Ring Java-enabled iButton Communicates by contact at 142 Kbps 64 KB ROM and 134 KB RAM Stores 30 digital certificates with 1024-bit keys Uses: authentication, epayment, access Cost: $15-30 in unit quantity SOURCE: IBUTTON.COMIBUTTON.COM
20
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS OpenCard Framework (OCF) SOURCE: OPENCARD.ORGOPENCARD.ORG CardService Layer CardTerminal Layer (TALKS TO CARD) (TALKS TO READER)
21
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS SOURCE: L. M. CHENG, CUHK CVC = Card Verification Code PVV = PIN Verification Value
22
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS ATM and Debit Card Cryptography PIN cannot be stored anywhere in plaintext PIN cannot be reverse-engineered from the card or any database Generate a random 4-digit number (the PIN) Combine PIN with other data (account number) to form a data block Encrypt the data block using 3DES and secret bank keys Select several digits from the encrypted data to use as the Pin Verification Value (PVV)
23
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Forming the Pin Verification Value 4-DIGIT PIN ACCOUNT NUMBER SECRET BANK KEYS 3DES ENCRYPTED DATA BLOCK CARD HAS ACCOUNT NUMBER AND PVV PIN VERIFICATION VALUE (PVV) SELECT 4-6 DIGITS FROM ENCRYPTED DATA BLOCK TO FORM PVV
24
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Using the Card CARD HAS ACCOUNT NUMBER AND PVV ATM MACHINE READS ACCOUNT NUMBER AND P V V 4-DIGIT PIN ACCOUNT NUMBER P V VP V V USER TYPES PIN MACHINE NOW HAS: SECRET BANK KEYS 3DES DECRYPTED DATA BLOCK MACHINE HAS BANK KEYS IN HARDWARE: P V VP V V COMPUTE P V V COMPARE CARD P V V WITH COMPUTED P V V P V Vs MATCH? USER IS AUTHENTIC P V Vs DIFFERENT? USER IS REJECTED
25
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Credit Card Fraud Stealing A legal card may be stolen and used in ATMs or EPOSs. Altering and re-embossing a genuine card, modifying visual features. Skimming or altering data on the magnetic stripe, e.g. expiration date or credit limit, stored value. Copying data from a genuine card to another online white plastic fraud Counterfeiting color plastic fraud encoding information from one card to another card off-line SOURCE: L. M. CHENG, CUHK
26
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS OP Security Assumptions OP card is merely a component Need to trust: –back-office systems –cryptographic key management –card/chip operating environment (COE) –off-card security procedures (actors and roles) There are vulnerabilities the OP card cannot protect itself against SOURCE: GAMMAGAMMA
27
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS OP Card Security Threats Group 1 Group 2 Group 4 Group 5 Group 6 Group 7 CAD Clone Future Past Current Group 3 DIRECT ATTACKS ON CHIP CIRCUITRY INDIRECT ATTACKS ON CHIP CIRCUITRY ATTACKS USING CARDS NOT YET ISSUED, OLD CARDS, CLONES ATTACKS ON CARDS INTERFACE TO THE OUTSIDE, E.G. PREMATURE REMOVAL ATTACKS ON THE RUN-TIME ENVIRONMENT THROUGH THE CARD ACCEPTANCE DEVICE (CAD) THREATS FROM CARD APPS AND NEED TO SHARE RESOURCES THREATS BASED ON RTE IMPLEMENTATION SOURCE: GAMMAGAMMA
28
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Smart Card Security Observers Active defenses Attacks: Microprobing, microscopy Differential fault analysis –(Boneh et al. 1997) –Induce errors, observe output differences Differential power analysis SOURCE: cryptography.com SOURCE: Kömmerling et al.
29
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Differential Power Analysis Send different inputs to the Smart Card to learn details of its encryption key When a correct key value is tried, the algorithm responds Incorrect keys have zero average response SMART CARD POWER CONSUMPTION DURING DES ENCRYPTION SOURCE: cryptography.com 16 DES ROUNDS INITIAL PERMUTATION FINAL PERMUTATION EXPANDED VIEW OF ROUNDS 2 & 3
30
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Smart Card Optical Vulnerabilities SOURCE: ROSS ANDERSONROSS ANDERSON PIC16F84 DEPACKAGED SRAM ARRAY, MAGNIFIED (STATIC RANDOM ACCESS MEMORY) MANUAL PROBER WITH PHOTOFLASH LAMP
31
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Smart Card Sales Leaders (2000) VENDOR # OF CARDS SHARE Gemplus185,000,00029% Schlumberger152,000,000 24% Oberthur Smart Cards 85,000,000 14% Giesecke & Devrient 76,000,00012% Orga Card Systems 53,000,000 8% TOTAL628,000,000 SOURCE: CARDWEB.COMCARDWEB.COM
32
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Octopus Transaction time < 300 milliseconds Transaction fees: HK$0.02 + 0.75% –$10 transaction costs $0.095 (0.95%) Applications –Transit –Telephones –Road tolls –Point-of-sale –Access control Anonymous / personalized How does money get to service providers? –Net settlement system operated by Creative Star
33
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Octopus SOURCE: SONYSONY SONY RC-S833 CONTACTLESS SMART CARD I/O SPEED: 211 Kbps SONY READER/WRITER
34
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Octopus System SOURCE: WORLD BANKWORLD BANK
35
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Bus Smart Card Systems SOURCE: MITSUBISHIMITSUBISHI
36
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS
37
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Mondex Subsidiary of MasterCard Smart-card-based, stored-value card (SVC) NatWest (National Westminister Bank, UK) et al. Secret chip-to-chip transfer protocol Value is not in strings alone; must be on Mondex card Loaded through ATM –ATM does not know transfer protocol; connects with secure device at bank Spending at merchants having a Mondex value transfer terminal
38
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Mondex Overview SOURCES: OKI, MONDEX USA
39
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Mondex Security Active and dormant security software –Security methods constantly changing –ITSEC E6 level (military) VTP (Value Transfer Protocol) –Globally unique card numbers –Globally unique transaction numbers –Challenge-response user identification –Digital signatures MULTOS operating system –firewalls on the chip
40
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Payment Cards 8-128 Kb Data rate 115 Kb/sec ISO 7816 compliant Visa-certified PIN management and verification 3DES algorithm for authentication, secure messaging ePurse with payment command set (debit, credit, balance, floor limit management) SOURCE: GEMPLUSGEMPLUS EMV = EUROPAY INTL, MASTERCARD, VISA MPCOS = MULTI PAYMENT CHIP OPERATING SYSTEM
41
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Mobile Card Systems MOTOROLA P7389 TRIBAND WAP PHONE WITH SMARTCARD READER
42
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS WAP or i- Mode SET or SSL/TLS Mobile EMV Chip Debit/Credit Merchant Acquirer Clearing & Settlement Card Issuer s Acquiring Payment Engine Merchants Gateway Wallet Server Voice or IP Browsing & Offer Request OPTION 1: Multi-app: SIM + EMV (CEC) Option 2: Dual slot phone with full size EMV Merchant Offer Purchase Request Authorisation Request / Response Shipment Confirmation M/CHIP transaction with ARQC and ARPC / ARC data classed as Card Present Transaction Wallet simply forwards cardholders address details SOURCE: MAOSCO
43
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Comparison of Payment Methods PAYMENT TYPE ADVANTAGESDISADVANTAGES CashAnonymous, universal, free Risk of theft/loss, bulky Credit CardAlmost universalHigh transaction cost, fraud/forgery EFTPOSDirect access to cashMust be online, security only moderate Disposable smart card Fast, privateRisk of loss, limited to small amounts Personalized smart card Long useful life, security, like eCash Not anonymous, lack of international standards
44
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Major Ideas Potential of cards is unexplored; new uses every day Powerful microprocessors allow –cryptography –certificates, authentication –secure purses Wireless (contactless) cards enable new business models Huge capacity laser CD-DVD cards allow large databases of personalized information
45
20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Q A &
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.