EMV: Why Payment Systems Fail

Slides:



Advertisements
Similar presentations
Credit Card Processing 101
Advertisements

1 AQA ICT AS Level © Nelson Thornes Safety and security Chip and Pin.
National Bank of Dominica Ltd Merchant Seminar Facilitator: Janiere Frank Fraud & Compliance Analyst June 16, 2011.
Current Fraud Trends Kathy Druckenmiller, CFCI, CIRM, ACT Specialist April 29, /29/2014.
WHAT IS EMV? A joint effort between Europay, MasterCard and Visa It is a security framework that defines the payment interaction at the physical, electrical,
Gareth Ellis Senior Solutions Consultant Session 5a Key and PIN Management.
PRESENTED BY: FATIMA ALSALEH Credit Cards Fraud - skimmers -
The quest to replace passwords Evangelos Markatos Based on a paper by Joseph Bonneau,Cormac Herley, Paul C. van Oorschot, and Frank Stajanod.
©2013 MasterCard. Proprietary and Confidential June 12, 2014 AITEC Banking and Mobile Money COMESA Nairobi, 12 September 2013 James Wainaina, Vice.
Operational Risks Task 13. What is CNP? CNP stands for Card Not Present and is when you order or pay for something online as you are not in front of the.
1.7.6.G1 © Family Economics & Financial Education –March 2008 – Financial Institutions – Online Banking – Slide 1 Funded by a grant from Take Charge America,
HCE AND BLE UNIVERSITY TOMORROWS TRANSACTIONS LONDON, 20 TH MARCH 2014.
RESERVE BANK OF INDIA. Developments in Payment and Settlement Systems Introduction of MICR Introduction of MICR Electronic Funds Transfer.
What happens here: Affects us here and here Have you ever come to work: Cams Alerts – Visa Alerts MasterCard Alerts Fraud Notices and it’s only 8:10.
Credit Card Fraud The Scale of the Problem Michael Moore Regional Security & Fraud Investigation Manager 14 – 17 Nov 2005 Security & Safety – Middle East.
1 U.S. EMV Migration Update and Best Practices Hap Huynh, Senior Director Risk Products April 2015.
Harvesting High Value Foreign Currency Transactions from EMV Contactless Credit Cards without the PIN 21st ACM Conference on Computer and Communications.
Payment Systems The Credit Card System. Basic Concepts.
© 2012 Presented by: Preparation For EMV Chip Technology Keith Swiat.
EMV chip and pin the business case. What is EMV? New Standard in “Chip Card” Technologies Replacing Magnetic Strip Cards New Standard in “Chip Card” Technologies.
IIA Fraud Seminar, Thursday 22 nd January 2009 Card Fraud Update Presented by: Úna Dillon, Head of Card Services, Irish Payment Services Organisation.
Security, Customer Protection and Bank Regulation Ross Anderson, Saar Drimer, Steven Murdoch Cambridge University Computer Laboratory.
Verified by Visa and MasterCard SecureCode – or, How Not to Design Authentication Steven Murdoch and Ross Anderson Cambridge.
EMV’s Impact on U.S. Retailers – It’s Coming! Presented by: Chris Francis VP, Market Development February 21, 2014.
Credit card and Debit card Working and Management.
Emerging Technologies
Opening a bank account.
FINANCIAL SOCCER Module 3 Credit, debit and prepaid cards Collect a quiz and worksheet from your teacher.
PCI PIN Entry Device Security Requirements PCI PIN Security Standards
Security of Electronic Transactions (Theory and Practice) Jan Krhovják, Marek Kumpošt, Vašek Matyáš Faculty of Informatics Masaryk University, Brno.
Payments technology and security
BZUPAGES.COM Electronic Payment Systems Most of the electronic payment systems on internet use cryptography in one way or the other to ensure confidentiality.
Smart Cards By Simon Siu and Russell Doyle Overview Size of a credit card Small embedded computer chip – Memory cards – Processor cards – Electronic.
R U Ready? V M E EUROPAY MASTERCARD VISA EMVco was formed in 1999.
Topic 4 : Know the features of a current account.
Online and Electronic Fraud – Incentives and Regulation Ross Anderson Cambridge.
Confidential – For Discussion & General Information Purposes Only EMV to Card Not Present Fraud Gavin Levin, CTP eReceivables Consultant.
1 Why Cryptosystems Fail Ross Anderson University Computer Laboratory Cambridge
Agenda EMV – What Is It? EMV In The UK EMV Is Coming To The US
Keep Your Enemies Close: Distance Bounding Against Smartcard Relay Attacks Authors: Saar Drimer and Steven J. Murdoch Presented in: Usenix Security Symposium.
The next generation of payments is here. Is your business ready?
Getnationwide.com Let’s Talk about EMV Danielle Rourke.
TransArmorSM A Secure Transaction ManagementSM Solution
e-Learning Module Credit/Debit Payment Card Acceptance and Security
The rising standards of EU Mobile Payments October 2015 Jeremy King, International Director.
SMARTER. TOGETHER. The Mobility of Fraud Michael Loox, CFI Director of Loss Prevention & Safety Coffee Bean and Tea Leaf David Johnston.
Midsouth User Group Annual Conference
Summary of Changes. General These are changes that have come up in many EMV migrations that I have assessed and been involved in. The changes are broken.
Confidential and Proprietary - NOT TO BE DISTRIBUTED WITHOUT THE EXPRESS WRITTEN PERMISSION OF BANK OF AMERICA MERCHANT SERVICES. ASTRA EMV Review/Best.
Online Decision Process
EMV Operation and Attacks Tyler Moore CS7403, University of Tulsa Reading: Anderson Security Engineering, Ch (136—138), (328—343) Papers.
Mar 18, 2003Mårten Trolin1 Agenda Parts that need to be secured Card authentication Key management.
WHAT NEW, WHAT NEXT IN PAYMENT PROCESSING. EMV WHAT IS EMV? 3  An acronym created by Europay ®, MasterCard ® and Visa ®  The global standard for the.
Presented by David Cole Background to Chip. PAYMENT SYSTEMS HISTORY A POTTED HISTORY DINERS LAUNCH 1950 AMEX LAUNCH 1958 BANK AMERICARD 1959 MASTERCHARGE.
Presented by David Cole Changing the Card – Scripts.
Presented by David Cole CVM Methods.  CVM Methods in the End-to-End Process  What is a CVM List?  Risk protection tool  Types of PIN processing 
Risk Policy Considerations.  Floor Limits  Fallback considerations  Domestic v International  Credit control (VSDC+) overview  Fraud reporting 
EMV.
Terminal Risk Management
Security Protocols and Evidence: Where Many Payment Systems Fail
Transaction Flow end-end
EMV Acceptance Training
Make This Document Your Own
Ross Anderson and Khaled Baqer University of Cambridge
EMV & Parking – 6 Months On
EMV® 3-D Secure - High Level Overview
Making a Holiday Special For All The Right Reasons
Founded in 2002, Credit Abuse Resistance Education (CARE) educates high school and college students on the responsible use of credit and other fundamentals.
Presentation transcript:

EMV: Why Payment Systems Fail Ross Anderson Cambridge

The EMV protocol suite Named for Europay-MasterCard-Visa; also known as ‘chip and PIN’ Developed late 1990s; deployed in UK ten years ago (2003–5; mandatory 2006) Europe, Canada followed About to be deployed in the USA (by 2015) Fascinating story of failures and frauds Many lessons for security engineers!

Concept of operations Make forgery harder by replacing the mag strip with a chip, which authenticates card Make authentication of cardholder stronger by replacing the signature with a PIN Keep verifying PINs online at ATMs, but verify on the chip at merchant terminals Encourage deployment by making the merchant liable if PIN not used (‘liability shift’)

Fraud history, UK Cardholder liable if PIN used Else merchant pays Banks hoped fraud would go down It went up … Then down, then up again Swansea 12 Feb 2013

EMV shifted the landscape… Like bulldozing a floodplain, it caused the fraud to find new channels Card-not-present fraud shot up rapidly Counterfeit took a couple of years, then took off once the crooks realised: It’s easier to steal card and pin details once pins are used everywhere You can still use mag-strip fallback overseas Tamper-resistance doesn’t work

Attack the optimisations Cheap cards are SDA (no public key capability, so static certificate) A ‘yes card’ can impersonate in an offline terminal Fairly easy to do, but not seen much

What about a false terminal? Replace a terminal’s insides with your own electronics Capture cards and PINs from victims Use them to do a man-in-the-middle attack in real time on a remote terminal in a merchant selling expensive goods

The relay attack (2007)

Attacks in the real world The relay attack is almost unstoppable, and we showed it in TV in February 2007 But it seems never to have happened! So far, mag-strip fallback fraud has been easy PEDs tampered at Shell garages by ‘service engineers’ (PED supplier was blamed) Then‘Tamil Tigers’ After fraud at BP Girton: we investigate

Tamper-proofing of the PED In EMV, PIN sent from PIN Entry Device (PED) to card Card data flow the other way PED supposed to be tamper resistant according to VISA, APACS (UK banks), PCI ‘Evaluated under Common Criteria’ Should cost $25,000 per PED to defeat

Tamper switches (Ingenico i3300)

… and tamper meshes too

TV demo: Feb 26 2008 PEDs ‘evaluated under the Common Criteria’ were trivial to tap Acquirers, issuers have different incentives GCHQ wouldn’t defend the CC brand APACS said (Feb 08) it wasn’t a problem… Khan case (July 2008)

The ‘No-PIN’ attack How could crooks use a stolen card without knowing the PIN? We found: insert a device between card & terminal Card thinks: signature; terminal thinks: pin TV: Feb 11 2010

A normal EMV transaction

A ‘No-PIN’ transaction

Blocking the ‘No-PIN’ attack In theory: might block at terminal, acquirer, issuer In practice: may have to be the issuer (as with terminal tampering, acquirer incentives are poor) Barclays blocked it July 2010 until Dec 2010 Real problem: EMV spec vastly too complex With 100+ vendors, 20,000 banks, millions of merchants … a tragedy of the commons! Later bank reaction: wrote to university PR department asking for Omar Chaudary’s thesis to be taken down from the website Currently only HSBC seems to block it in the UK!

Card Authentication Protocol Lets banks use EMV in online banking Users compute codes for access, authorisation A good design would take PIN and challenge / data, encrypt to get response But the UK one first tells you if the PIN is correct This puts your personal safety at risk …

Crime victims tortured for PINs

Phishing attacks?

Less suspicious than this …

CAP attacks through wicked shops

EMV and Random Numbers In EMV, the terminal sends a random number N to the card along with the date d and the amount X The card computes an authentication request cryptogram (ARQC) on N, d, X What happens if I can predict N for d? Answer: if I have access to your card I can precompute an ARQC for amount X, date d Swansea 12 Feb 2013

ATMs and Random Numbers (2) Log of disputed transactions at Majorca: N is a 17 bit constant followed by a 15 bit counter cycling every 3 minutes We test, & find half of ATMs use counters! 2011-06-28 10:37:24 F1246E04 10:37:59 F1241354 10:38:34 F1244328 10:39:08 F1247348 Swansea 12 Feb 2013

ATMs and Random Numbers (3) Swansea 12 Feb 2013

ATMs and Random Numbers (4) Swansea 12 Feb 2013

The preplay attack Collect ARQCs from a target card Use them in a wicked terminal at a collusive merchant, which fixes up nonces to match Paper accepted at Oakland this year Since then, we have a live case… Sailor spent €33 on a drink in a Spanish bar. He got hit with six transactions for €3300, an hour apart, from one terminal, through three different acquirers, with ATC collisions

Back end failures too … Interesting case in R v Parsons, Manchester crown court, 2013 Authorisation and settlement are different systems with different transaction flows Authorisation reversals not authenticated How to take the banks for maybe £7.5m (and the banks only noticed £2.5m of it …) Parsons now a fugitive from justice Swansea 12 Feb 2013

In the UK we have no Reg E, and no breach reporting laws…

Attack scale Small: a specialist team can demonstrate it to a TV journalist Medium: a gang of crooks can take a few million before they get caught Large: scales to nine / ten figures and forces industry action Most of the discussed attacks are ‘medium’ ‘Large’ might be contained using analytics

What does EMV hold for the USA? It looks like the effects of the liability shift will be mitigated by Reg E, Reg Z, & the Fed Many banks may use chip-and-signature, as in Singapore Consumer protection might still be undermined by payment innovation, e.g. move from credit cards to PIN debit, or phone payments EMV with less liability shift will be an interesting natural experiment! Swansea 12 Feb 2013

Broader lessons Governance at global scale is hard EMVCo largely superseded by vendor lobby … Featuritis can break anything! Issuers, acquirers have different interests (even if departments of the same bank) No-one represents the poor consumer Key: proper documentation, including breach notification and responsible vulnerability disclosure (NOT the NIS Directive!)

More … Steven Murdoch’s talk on evidence, this morning Our Oakland paper on the preplay attack (based on arxiv paper but with new material) See www.lightbluetouchpaper.org for our blog And http://www.cl.cam.ac.uk/~rja14/banksec.html Workshop on Economics and Information Security (WEIS): Penn State, June My book ‘Security Engineering – A Guide to Building Dependable Distributed Systems’ Swansea 12 Feb 2013

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.