Frank's Blog

Chip and PIN is broken 

Today I found an interesting link at Heise.de regarding a major flaw in the implementation of the EMV framework used for PIN-based payment authorization of bank/credit cards. Four researchers from the University of Cambridge describe how the current system can easily be manipulated (PDF). The results must be a major shock for the banking industry, since it is now evident that a customer is not per se liable if a transaction was authorized by PIN.



The approach is a classical man-in-the-middle attack. At some point in the negotiation phase between the terminal and the card, the customer enters his/her PIN into the terminal, which sends the PIN data to the card for verification. Unfortunately, the card returns a simple, unsecured response (0x9000) in case the PIN was entered correctly. Guess what? You can interrupt this communication and return 0x9000 for any PIN entered! Even worse, the terminal believes you authorized the transaction via PIN (and prints a receipt with "PIN authorization"), whereas the card and bank use a fallback mechanism that is used for signature-based authorization. Even worser, most specific protocol implementations do not even log this fallback. Of course, the dealer doesn't have the customer's signature, just a log with "PIN authorization". Still, this was enough to make judges believe that the customer was careless with his PIN. Now, however, it was enough.

The most important fact, however, is the ignorance of the industry regarding open standards and security issues. Seven years ago, in 2003, I wrote my Diploma thesis about the reconfiguration of Smart Cards via open networks (PDF, in German). An important part of my work was the analysis of the security frameworks that were offered at this point in time (Visa Open Platform). One of my key findings (written down in section 6.6.3) was, that the response code of the Smart Card's operating system application (the Card Manager) was not signed or anyhow secured. I found this to be a major bug for updating the content of a Smart Card via open networks, but unfortunately no card vendor was able to deliver something more secure. Luckily, the flaw did not tampered our main application on the card, a campus card application with digital signature functionality. Remarkable, the very same problem is still existing seven years later.


[ view entry ] ( 4304 views ) permalink $star_image$star_image$star_image$star_image$star_image ( 2.9 / 4378 )

<<First <Back | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | Next> Last>>