Harvesting High Value Foreign Currency Transactions from EMV

  • Slides: 16
Download presentation
Harvesting High Value Foreign Currency Transactions from EMV Contactless Credit Cards without the PIN

Harvesting High Value Foreign Currency Transactions from EMV Contactless Credit Cards without the PIN 21 st ACM Conference on Computer and Communications Security Martin Emms, Budi Arief, Leo Freitas, Joseph Hannon, Aad van Moorsel

Structure of presentation • • Brief overview of EMV contactless payments Overview of our

Structure of presentation • • Brief overview of EMV contactless payments Overview of our work Analysis methodology High value foreign currency transaction flaw – Science / Vulnerability / Attack • Why it works – Master. Card vs Visa contactless protocol • Live Demonstration

EMV Contactless Payments 101 Chip & PIN • • Contactless Magnetic Strip Europay Master.

EMV Contactless Payments 101 Chip & PIN • • Contactless Magnetic Strip Europay Master. Card Visa – “Chip & PIN” Used in 76 countries worldwide Dynamic transaction authorisation 3 DES and RSA Contactless payments – Fast / low value (£ 20) transactions - No PIN required • Offline transactions - No card issuer authorisation

Overview of Our Work • Analysis of EMV contactless payment protocol – Contactless cards

Overview of Our Work • Analysis of EMV contactless payment protocol – Contactless cards and mobile payments • Software emulation of the contactless protocol • Z abstract model of contactless protocol • Methodology establishes link between “real world” errors and the EMV specification – Bad implementation by card manufacturer – Fundamental flaw in the specification • Practical demonstrations for general public

EMV Payment protocol specification • • 14 books 2392 pages 1 Chip & PIN

EMV Payment protocol specification • • 14 books 2392 pages 1 Chip & PIN protocol 7 contactless protocols – Visa, Master. Card, American Express, JCB, Union. Pay and Discover • Greater complexity – Greater potential for errors

Analysis Method Interpreting the Specification EMV Specification References Tables UML Diagrams

Analysis Method Interpreting the Specification EMV Specification References Tables UML Diagrams

Analysis Method Modelling the Specification Abstract Model (Z notation) EMV Protocol Emulation Anomalies Test

Analysis Method Modelling the Specification Abstract Model (Z notation) EMV Protocol Emulation Anomalies Test Cases Practical Demonstrations Results

Documenting the Link Error Specification EMV Specification UML Diagrams + Reference Tables Practical Attack

Documenting the Link Error Specification EMV Specification UML Diagrams + Reference Tables Practical Attack

Contactless Foreign Currency: The Science • Abstract Model for Visa f. DDA transaction –

Contactless Foreign Currency: The Science • Abstract Model for Visa f. DDA transaction – Pre-conditions - Amount, Currency and Date – Transaction limit (£ 20) is in card’s home currency – Transactions above the limit require PIN entry • EMV Book 3 (version 4. 3) page 163 – “If transaction is in the application currency and is under X value” - (X = card transaction limit) – What if transaction currency != application currency?

Contactless Foreign Currency: The Vulnerability • In a foreign currency, ALL cards say YES

Contactless Foreign Currency: The Vulnerability • In a foreign currency, ALL cards say YES – Bypasses transaction limits – Max value 999, 999. 99 in any currency • Contactless transactions => NO PIN required – Attack can occur while card still in cardholders’ wallet • Visa f. DDA contactless transactions are offline – No additional checks by the card issuer • “Chip & PIN is broken” shows Application Cryptogram is not checked by the card issuer

Contactless Foreign Currency: The Attack Send Transaction Victim’s Card Capture Transaction € 200 No

Contactless Foreign Currency: The Attack Send Transaction Victim’s Card Capture Transaction € 200 No PIN Store Transaction Rogue Merchant Collect Funds

Why It Works: Chip & PIN Protocol Transaction + AC Card Information Get. Processing.

Why It Works: Chip & PIN Protocol Transaction + AC Card Information Get. Processing. Options() AFL records list Read. Record(AFL) Card public keys Generate. AC(Transaction) Auth Response Cryptogram (ARPC) Verify(PIN) OK / incorrect Generate. AC(ARPC) Application Cryptogram (AC) Credit/Debit Card ARPC + ARC ARQC POS terminal Issuer Bank Select(Application)

Why It Works: Master. Card Contactless Protocol Transaction + AC Card Information Get. Processing.

Why It Works: Master. Card Contactless Protocol Transaction + AC Card Information Get. Processing. Options() AFL records list Read. Record(AFL) Card public keys Generate. AC(Transaction) Auth Response Cryptogram (ARPC) Verify(PIN) OK / incorrect Generate. AC(ARPC) Application Cryptogram (AC) Credit/Debit Card ARPC + ARC ARQC POS terminal Issuer Bank Select(Application)

Why It Works: Visa f. DDA Contactless Protocol Transaction + AC Card Information Get.

Why It Works: Visa f. DDA Contactless Protocol Transaction + AC Card Information Get. Processing. Options(Transaction) Application Cryptogram (AC) + AFL Read. Record(AFL) Card public keys Generate. AC(Transaction) Auth Response Cryptogram (ARPC) Verify(PIN) OK / incorrect Generate. AC(ARPC) Application Cryptogram (AC) Credit/Debit Card ARPC + ARC ARQC POS terminal Issuer Bank Select(Application)

Demonstration 1. Set the transaction amount - Same amount from each card 2. Set

Demonstration 1. Set the transaction amount - Same amount from each card 2. Set the transaction currency - UK = 0826, USA = 0840 3. Search for a contactless card - Audible alert when card found 4. Harvest the transaction - Transmit over Internet http: //www. bbc. com/news/uk-england-tyne-29862080

Summary • • • Bypasses contactless transaction limits NO PIN required to authorise the

Summary • • • Bypasses contactless transaction limits NO PIN required to authorise the transaction Attacked while the card is in the wallet Android attack platform - NOT just in the lab Visa f. DDA approved offline no Issuer checks Application Cryptogram (AC) is not checked – Bad transactions accepted by issuing bank martin. emms@newcastle. ac. uk

Chapter Nine Foreign Currency Transactions and Hedging ForeignChapter Nine Foreign Currency Transactions and Hedging Foreign
Chapter 10 Foreign Currency Transactions C 10 ForeignChapter 10 Foreign Currency Transactions C 10 Foreign
Chapter Nine Foreign Currency Transactions and Hedging ForeignChapter Nine Foreign Currency Transactions and Hedging Foreign
Foreign Currency Transactions and Hedging Foreign Exchange RiskForeign Currency Transactions and Hedging Foreign Exchange Risk
xxx Frequenzumrichter und EMV xxx Frequenzumrichter und EMVxxx Frequenzumrichter und EMV xxx Frequenzumrichter und EMV
EMV Solutions SLIM CD INC EMV Liability ShiftEMV Solutions SLIM CD INC EMV Liability Shift
EMV Erik Poll Digital Security Overview The EMVEMV Erik Poll Digital Security Overview The EMV
Descripcin EMV Mobile DVRs EMV200 EMV 400800 EMV1200Descripcin EMV Mobile DVRs EMV200 EMV 400800 EMV1200
EMV Impacts Migration 04012022 EMV Impacts Migration 2005EMV Impacts Migration 04012022 EMV Impacts Migration 2005
Currency Conversion What is currency What is currencyCurrency Conversion What is currency What is currency
RAINWATER HARVESTING WHAT IS RAINWATER HARVESTING Rainwater harvestingRAINWATER HARVESTING WHAT IS RAINWATER HARVESTING Rainwater harvesting
FOREIGN BODIES FOREIGN BODIES FOREIGN BODY ASPIRATION FOREIGNFOREIGN BODIES FOREIGN BODIES FOREIGN BODY ASPIRATION FOREIGN
FOREIGN BODIES FOREIGN BODIES FOREIGN BODY ASPIRATION FOREIGNFOREIGN BODIES FOREIGN BODIES FOREIGN BODY ASPIRATION FOREIGN
FOREIGN BODIES FOREIGN BODIES FOREIGN BODY ASPIRATION FOREIGNFOREIGN BODIES FOREIGN BODIES FOREIGN BODY ASPIRATION FOREIGN
Chapter 28 Foreign currency translation Currency conversion RequiredChapter 28 Foreign currency translation Currency conversion Required