...that it stores on its chip. If the PIN is correct, the card sends a verification code — 0x9000 — back to the terminal, which completes the transaction.
The researchers succeeded in building a man-in-the-middle device that reads a card and — at the appropriate time in the verification process — sends a 0x9000 code to the terminal, regardless of the PIN that has been entered.
As a demonstration, the researchers inserted a genuine card into a standard smartcard reader from Alcor Micro, which was connected to a laptop running a Python script. The laptop was connected to an FPGA board via a serial link. The FPGA board the researchers used was a Spartan-3E Starter Kit, which was used to convert the interfaces for the card and PC.
The FPGA board was connected to a Maxim 1740 interface chip, which was linked via thin wires to a fake card, used for insertion in the terminal.
Once the fake card was inserted, the Python script running on the laptop relayed the transaction, suppressed the verify PIN command issued by the terminal, and responded with the 0x9000 code.
The researchers said that attackers could carry similar kit in a backpack, with the wires trailing down a sleeve, for use with a stolen valid card.
Consumer liability
Anderson noted that in disputed transactions, if the transaction has been verified by PIN, the liability for the loss rests on the consumer rather than on the bank or merchant.
The UK Payments Administration, which represents the interests of payments-card companies, said that the overwhelming majority of point-of-sale card transactions in the UK — over 90 percent — are conducted via chip and PIN. In 2008, UK debit, credit and charge cards were used to make 7.4 billion purchases worth a total of £380bn, but this includes all types of card transactions, the organisation said.
Read this
Chip-and-PIN flaw to be investigated by industry body
EMVCo, the organisation that oversees the technology used in bank-card transactions, is to investigate claims that chip-and-PIN security is broken
Mark Bowerman, spokesman for UK Payments Administration, acknowledged the Cambridge researchers' paper, but rejected their conclusions.
"We are taking this paper very seriously, as maintaining excellent levels of card security is paramount," he said. "However, we strongly refute the allegation that chip and PIN is broken."
There is no evidence that the type of attack outlined in the Cambridge paper is happening in UK shops, Bowerman noted. He added that the research will help the UK Payments Administration map out the direction criminals may move in.
Chip-and-PIN authentication has contributed to significant reductions in card-based scams, Bowerman said. "Last year, we announced that card fraud had dropped, and we are expecting next month's release of the full 2009 figures to follow this trend," he said. "Existing security practices are clearly working."
Talkback
Surely, they could have managed something like:
Fortunately, the hardware rig and access is pretty difficult to set up for the average card thief, even when you've figured out how to do this. For this reason, this flaw hasn't yet caused a major problem.
But the Cambridge researchers do appear to have stumbled across a blatant and embarrassing flaw in the protocol, which has the potential to cause real damage. Therefore, it would be a good idea if we took some reasonably urgent action to correct it. We'll get onto it straight away.
But no, that isn't the sort of honesty level that our industry finds acceptable...
Indeed very well put, besides it's only a matter of time before some one reduces the means to a fake card, and then they can move onto cracking the wireless cards.
Oh and I like the way the end user gets left to pick up the financial peaces after the purverable hits the fan.
This is an excellent article - many thanks
Good company response - if the whole world believes everything they hear! What about the thousands of people who lost money only to be told that they MUST HAVE "leaked" their PIN? There are loads of people who reckon they never let anyone get their PIN but still bogus transactions are blamed on them with lines like: "You maybe even let someone see the buttons being pressed at the ATM or Tesco's till."
If PIN authentication is done locally rather than by a secure database transaction, then there is absolutely no way whatsoever that anyone can say this scam hasn't been perpetrated.
So if you lose your card or if it gets cloned in a swipe pass, it turns out it's no safer than any of the old type. How do you feel now?
Calling EMV broken is laughable. First EMV supplys a variaty of options that are scalable in complexity and security. For example SDA, EMV covers the possibility of a static authentication, is it safe? not realy. Replay attacks are super easy.
About the attack this guys use. DDA, that means dynamic authentication ,where unlike SDA the cryptogram is not static, meaning that replay attacks are not possible. HOWEVER it does not prevent WEDGE attacks or man in the middle, whatever you want to call it. This DDA weakness, as the SDA weakness are documented, reading it right now in one famous card issuer company (TOP3), that even don't allow cards issued with DDA and SDA , this document is 4 years old.
There is a 3º option CDA, this avoids both MITM and Replay attacks. It very similiar to DDA, but adds one level of security, it puts all the sensitive data INSIDE the crytogram, including the PIN OK verification, this guaranties that the PIN OK comes from the card, as the card is the only one that can generate the cryptogram (Private Key). Making this kind of attack impossible without cracking the private keys .
Concluding, Its the issuers responsability to implement the best options for the level of security to their needs.
The weakness here is TOTALY the issuers fault.
PS. this is not a genius attack, it's a well none fact to EMV, it's not a dirty secret. Making news of this is just.. wierd.
It amazes me that everyone argues over the (usually technical) detail without ever mentioning the much bigger flaw in the Chip and PIN system. Four digits, or any number of digits for that matter, are simply not a reliable mandate. They are not inextricably linked to the individual. Any person or any device that comes up with the numbers, or their abstracted equivalent, can authorise the transaction. How can that possibly be a reliable manadate?
Try proving you didn't look after your PIN to a bank who has lobbied to get legislation on its side and is determined to cut it's losses through fraudulent use. Then you see the whole point of the system - it is your loss now not the banks.
Even more staggering is they say it was an authorised transaction based on their secretive assessment so, therefore, you didn't look after your PIN. Try proving otherwise.
The reason it is taking so long for EMV cards to come to the U.S. is that credit card companies have been willing to tolerate mag-stripe related losses. Switching to EMV would cost U.S. issuers about $3 billion, according to one estimate, and merchants would have to pay not much less to upgrade their point-of-sale equipment.
Now that Visa has made it mandatory for all U.S. processors to support acceptance of chip-based transactions by April, 2013 (http://blog.unibulmerchantservices.com/nfc-ascent-pushes-visa-to-speed-up-adoption-of-smart-credit-cards), the dynamics have changed completely. The banks have no option but to build the infrastructure, so once that's done, they might as well start using it. After all, if the U.K. chip-and-PIN experience is anything to go by, switching to it would result in hundreds of millions of dollars in savings from lower fraud losses. U.S. banks would certainly take the windfall if it comes their way.