Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

European Credit and Debit Card Security Broken

timothy posted more than 4 years ago | from the pounding-marks-for-euros dept.

Security 245

Jack Spine writes "With nearly a billion users dependent on smart banking credit and debit cards, banks have refused liability for losses where an idenification number has been provided. But now, the process behind the majority of European credit and debit card transactions is fundamentally broken, according to researchers from Cambridge University. The researchers have demonstrated a man-in-the-middle attack which fooled a card reader into accepting a number of point-of-sale transactions, even though the cards were not properly authenticated. The researchers used off-the-shelf components (PDF), and a laptop running a Python script, to undermine the two-factor authentication process on European credit and debit cards, which is called Chip and PIN."

cancel ×

245 comments

Sorry! There are no comments related to the filter you selected.

Chip and Chip security... wait a second! (3, Insightful)

LostCluster (625375) | more than 4 years ago | (#31105626)

Seems like the problem with this system is that the problem is that the PIN is stored on the chip... and that's just as stupid as writing it on the card! The attacks are simple... either a card that always agrees the PIN given is correct, or a terminal that tries to authenticate all 10000 PINS and then learns the right one.

Payment processors have for years been wanting to have an offline secure system, but it just doesn't work. With cheap enough data systems available everywhere, it's not hard for every Wal-Mart most rural gas stations to see a satellite. Get a $20/mo. dial-up account if you have to... there's no reason for anything that does money to be off the grid.

If the PIN is stored online like traditional ATM cards, then there would be a quick way to be sure there's honest checking of the pin and alarms if somebody fails too many times. The American "contact" systems are actually reasons to not require a signature or a PIN... but those are also designed for small-dollar transactions and keeping the fast food line moving. Sure, they're open to cloning risk, but they're willing to take that downside because there's enough upside to using the system.

Re:Chip and Chip security... wait a second! (1)

Annymouse Cowherd (1037080) | more than 4 years ago | (#31105718)

There are plenty of modern cryptographic systems that could provide offline security, perhaps in the form of a chip.

Unfortunately, credit and debit card systems are not modern.

Re:Chip and Chip security... wait a second! (2, Informative)

LostCluster (625375) | more than 4 years ago | (#31105758)

Citation needed... how do you verify a pin without trusting the card or having online access?

Re:Chip and Chip security... wait a second! (2, Informative)

Anonymous Coward | more than 4 years ago | (#31105884)

Three words: Public Key Encryption.

Re:Chip and Chip security... wait a second! (2, Funny)

Cryacin (657549) | more than 4 years ago | (#31105944)

I bet the guy that signed off on the pin being stored on the chip is the same moron who's password is 1,2,3,4,5,6 and has it written on a post it note stuck to his monitor.

Re:Chip and Chip security... wait a second! (0)

Anonymous Coward | more than 4 years ago | (#31106048)

hey, how did you get my password ?

Re:Chip and Chip security... wait a second! (0)

Anonymous Coward | more than 4 years ago | (#31106252)

Whew, you used commas for a 12 character secure password. Unfortunately, I dont use commas.

Re:Chip and Chip security... wait a second! (1)

socceroos (1374367) | more than 4 years ago | (#31107120)

uh, 11 characters.

Re:Chip and Chip security... wait a second! (0)

Anonymous Coward | more than 4 years ago | (#31107088)

That's amazing! I've got the same combination on my luggage!

Re:Chip and Chip security... wait a second! (1)

jandoedel (1149947) | more than 4 years ago | (#31106370)

and what if people clone the card? then they have a card with the same Key...

Re:Chip and Chip security... wait a second! (1)

MobyDisk (75490) | more than 4 years ago | (#31106298)

The reply about public key encryption is right. But to expand on it, I've seen this called the "digital cash problem" and it is also the same thing as the offline verified voting problem. There's a whole series of problems that boil down to offline verification of something unique. It can be done, but it requires a public key infrastructure and good use of encryption. It's not trivial to do, but it could be done. It's just that... no commercial company so far has had any desire to do it.

Re:Chip and Chip security... wait a second! (2, Insightful)

LostCluster (625375) | more than 4 years ago | (#31106494)

I think voting has been more or less "solved" with paper ballots, and a person and machine that will help you mark a paper ballot should you need assistance.

Re:Chip and Chip security... wait a second! (4, Informative)

Spad (470073) | more than 4 years ago | (#31105792)

RTFA. The problem isn't that the PIN is "stored on the card", it's that the card doesn't send any unique data to the terminal when the correct PIN is entered, it just sends a "Correct PIN was entered" message instead.

So, you stick something between the card and the terminal (the laptop) that intercepts the "Wrong PIN was entered" message from the card and forwards a "Correct PIN was entered" message to the terminal instead.

TBH I'm rather surprised that any information is allowed to be pulled off the chip without the PIN authenticating the user first; if you had to provide the correct PIN before the card would provide any information it would make it much harder to carry out the fraudulent transaction.

Re:Chip and Chip security... wait a second! (5, Informative)

LostCluster (625375) | more than 4 years ago | (#31105914)

No. The problem is that the terminal isn't validating the PIN against anything it can trust... it's sending the entered PIN to the card and trusting the result returned, which can easily be spoofed. If the PIN was server-side, it could trust a results-only message... but that's not what's happening here.

Re:Chip and Chip security... wait a second! (1)

postbigbang (761081) | more than 4 years ago | (#31106002)

Mod parent up. He actually RTFA and surmised the problem.

And given the MitM attack, there's no fixing this one easily at all. 2600 ought to have the details shortly.

Re:Chip and Chip security... wait a second! (1, Interesting)

Anonymous Coward | more than 4 years ago | (#31106328)

Wouldn't this be simple to fix by making the terminal send first wrong pin and then entered one? If you have something sending "OK" answer in the middle to both requests, the terminal can fail the transaction. Or did I misunderstand something...?

Re:Chip and Chip security... wait a second! (3, Insightful)

LostCluster (625375) | more than 4 years ago | (#31106448)

MitM would just learn this and deny once and then accept whatever is sent the second time.

I call the scheme you're promoting as "hut-hut-HIKE" security. Jump offsides on a false call and you're in trouble. If there's a random number of fakes before the real one comes through, then you've got something.

Re:Chip and Chip security... wait a second! (0)

Anonymous Coward | more than 4 years ago | (#31107418)

What?

Re:Chip and Chip security... wait a second! (0)

Anonymous Coward | more than 4 years ago | (#31107336)

The man in the middle attack could be prevented by using either a symmetric or public key type verification system. This establishes trust between the terminal/server or whatever is using the card and the card and vice versa so the card can trust the client accessing it. This is actually how it's done in well designed smartcard systems and is as secure as the cryptography used.

(disclaimer: I try to write well designed smartcard software)

Re:Chip and Chip security... wait a second! (1)

shentino (1139071) | more than 4 years ago | (#31106152)

Far better would be for the card to not give out the card number without a correct pin.

Re:Chip and Chip security... wait a second! (0)

Anonymous Coward | more than 4 years ago | (#31107208)

The terminal doesn't have to trust anyone but the issuer. If the protocol wasn't faulty, the terminal would not need to trust the card. The "PIN OK" message from the card to the terminal is just a way for the terminal to decide how to proceed with the interaction. It is not necessarily critical to the security (although if it were authenticated, that would also solve the problem). The problem is that the records exchanged between the terminal and the issuer do not have the information which authentication method was used in a format that the terminal can understand. That allows the men in the middle to exploit the fact that the card and the terminal have a different view on the transaction: The card knows that no PIN was sent to the card and it generates messages which include this information. The terminal blindly relays these messages to the issuer because the format is opaque to the terminal. The transaction message is accepted by the issuer on the basis that some terminals can't accept PIN authentication for a number of legitimate reasons. An authenticated acceptance message is sent back and that's the point where the terminal gives the go-ahead to the merchant: It still doesn't have any way to know that the issuer accepted a no-PIN authentication method. This is the critical flaw. The PIN could well be inside the card where it would take very sophisticated hardware attacks to read it. As long as the card includes the actual authentication method in its messages (it does) and the terminal has a standard way of getting this in an authenticated fashion (it doesn't), PIN-inside-the-card would be fine.

Re:Chip and Chip security... wait a second! (1)

shentino (1139071) | more than 4 years ago | (#31107326)

The pin should be used to encrypt everything else.

Re:Chip and Chip security... wait a second! (3, Informative)

Spad (470073) | more than 4 years ago | (#31105936)

Replying to myself, if you read the PDF it details the process on page 3; the card actually does almost all of the transaction work before the PIN is entered, all the PIN enables is the "Is this transaction allowed? Yes, it's allowed. OK" part of the process.

Re:Chip and Chip security... wait a second! (1)

LostCluster (625375) | more than 4 years ago | (#31106234)

Yep... and the "attack" is that anybody, the chip or anybody else can send the in-the-clear "OK" message and the terminal goes through with the transaction. Essentially, the PIN check is a "feel good" level of security that doesn't protect against much.

Re:Chip and Chip security... wait a second! (4, Insightful)

spun (1352) | more than 4 years ago | (#31106324)

It seems this system was designed expressly to limit bank's liability by providing the illusion of security. "Oh, fraudulent charges, are they? But you entered your PIN... Can you prove your PIN was compromised? no? Tough then, pay up."

I work in the fraud department of a UK bank (5, Informative)

Anonymous Coward | more than 4 years ago | (#31107270)

and this actually happens quite a bit, we usually pay out unless

it matches the customers spending pattern,
they tell us they kept the pin with the card,
a family member was doing it.

Re:Chip and Chip security... wait a second! (1)

shentino (1139071) | more than 4 years ago | (#31107354)

And you're stuck with 50 dollars no matter what, thanks to the banks lobbying.

I will never ever use a debit or credit card again, thanks to what I have found out today.

Re:Chip and Chip security... wait a second! (0)

Anonymous Coward | more than 4 years ago | (#31107486)

Prejudices and conspiracy theories. The actual attack defrauds the merchant. It creates bank records indicating that the merchant accepted signature authentication and gives the merchant a printout indicating PIN authentication. To detect this mismatch, merchants would have to compare their transaction records to a list of charged-back transactions. And then there's a problem: Whom do you trust? The bank with a cryptographically authenticated record of "No PIN authentication" or a merchant with a paper receipt indicating PIN authentication. Prior to the publication of this attack vector, banks would easily be able to claim that the merchant accepted an insecure authentication method and faked the paper record to shift liability back to the bank.

Re:Chip and Chip security... wait a second! (1)

jonbryce (703250) | more than 4 years ago | (#31106880)

The information isn't being pulled off the chip. That's the point. You have something that simulates a chip saying the PIN was correct, regardless of what you enter.

Re:Chip and Chip security... wait a second! (0)

Anonymous Coward | more than 4 years ago | (#31107572)

Its much worse, the system is fundamentally broken by design. The fact that it even has a VERIFY PIN command is utterly, and completely, insane.

The PIN needs to be used to unlock the crypto process inside the chip, and/or used to authenticate the transaction back to the bank. Otherwise it is worthless. The paper describes how the only use of the PIN is to ask the card if it is correct!!!

Everyone should be enraged by this. The banks have externalized all their risk on the assertion that chip+pin cards are un-clonable and if stolen cannot be used without the PIN. BOTH THESE STATEMENTS ARE FALSE.

Even worse the paper discloses cases where the bank simply falsely asserts that the PIN was used, when in fact it never was.

Re:Chip and Chip security... wait a second! (1)

Conorflan (1651239) | more than 4 years ago | (#31105916)

"The American "contact" systems are actually reasons to not require a signature or a PIN" I may have misunderstood this statement, but by stating it you appear to be implying that the European system is contactless. Or is "contact" meant to mean something other than physical contact?

Re:Chip and Chip security... wait a second! (1)

LostCluster (625375) | more than 4 years ago | (#31106010)

Yep. That was a typo... I was referring to the "contactless" systems like Blink and the such where you waive your card at a designated point and your card number is read.

Re:Chip and Chip security... wait a second! (1)

brainiac ghost1991 (853936) | more than 4 years ago | (#31106224)

They have that in the UK too, visa paywave, my debit card has it. Though I do have to enter my PIN one in ~ every 10 attempts!

Re:Chip and Chip security... wait a second! (1)

DotNM (737979) | more than 4 years ago | (#31106720)

In Canada, the MasterCard version is called PayPass [bmo.com] and I do have one of these PayPass-enabled cards and haven't had any problems with PayPass specifically (although my MasterCard was compromised just before Christmas but the bank reversed all the fraudulent transactions)

Re:Chip and Chip security... wait a second! (2, Interesting)

mlts (1038732) | more than 4 years ago | (#31106622)

How about storing the PIN similar to how TrueCrypt validates a hash? One value is a random salt, which is decrypted by the PIN the user types in, and that is compared to the second value. Add in a number of rounds to help deter brute forcing.

However, what really is needed is for the smart card to either delay access with an exponentially increasing time, or after 3-5 bad guesses, the card blocks access to the PIN, until released by the provider, similar to how GSM SIM cards work.

Best of all worlds is if the European banks just went with a true smart card system in the first place, where offline transactions were signed/decrypted on chip by the card, and the card readers presented the transaction to be signed or declined.

Re:Chip and Chip security... wait a second! (0)

Anonymous Coward | more than 4 years ago | (#31106966)

Seems like the problem with this system is that the problem is that the PIN is stored on the chip... and that's just as stupid as writing it on the card! The attacks are simple... either a card that always agrees the PIN given is correct, or a terminal that tries to authenticate all 10000 PINS and then learns the right one.

A fake card fails because the cards also contain a secret key that cannot be read. The key is used to sign transactions. Therefore a fake card that agrees the PIN is correct won't have a valid key and the transaction won't be correctly signed so will fail.

Secondly, the card tracks how many incorrect PINs have been tried and stops working after 3 tries. So scheme 2 fails.

Perhaps you might want to read the article.

Re:Chip and Chip security... wait a second! (4, Interesting)

shentino (1139071) | more than 4 years ago | (#31107296)

The problem is that the server storing your account information is trusting the terminal.

If the terminal can get away with trusting the signal it's getting from the card, then it's actually possible for a counterfeit terminal to rob you without even having the card.

Re:Chip and Chip security... wait a second! (1)

bangthegong (1190059) | more than 4 years ago | (#31107358)

I wish I had mod points for you. It's buried at the end of the first page of the article but you're exactly right - they clearly state that the pin you enter is compared to the pin on the card... These researchers didn't even break that comparison mechanism, they just impersonate the chip to tell the payment processor "yup all is well, pin is verified!"

Re:Chip and Chip security... wait a second! (0)

Anonymous Coward | more than 4 years ago | (#31107562)

and that's just as stupid as writing it on the card

Isn't it the old way of printing the signature on the back ?

At least chip and pin makes things more complicated... It's always been vulnerable to man in the middle attacks anyway. How do you know you can trust the trust the terminal and it doesn't have circuitry to record you PIN (which is, by the way, worse than a terminal that authorises any card, since it can't be tracked to the owner of the hacked terminal)

No, I don't work in banking security in any way. I'm just saying that this doesn't make the problem any worse than it was.

Re:Chip and Chip security... wait a second! (1)

tomtomtom (580791) | more than 4 years ago | (#31107628)

Given that it's trivial for people to shoulder-surf your PIN anyway (especially for people with "inside" access like security camera operators), the system is fundamentally broken.

The more interesting question is how hard it is to duplicate a Chip and PIN card; without this, criminals would need to physically steal the card (which of course can and does also happen, often without the victim realising for a few hours). At the moment, (at least from my understanding), the most common form of fraud involves them taking your card away, copying down the details including the CVV2 number then using it online.

Man in the middle is Greece! (2, Funny)

Orga (1720130) | more than 4 years ago | (#31105672)

They finally figured out how to bail themselves out

Re:Man in the middle is Greece! (0)

Anonymous Coward | more than 4 years ago | (#31105794)

If they were smart enough to do that they wouldn't be in the mess to start with. Fucking wops.

If the were a Nobel Prize for ignorance ... (2, Insightful)

Anonymous Coward | more than 4 years ago | (#31106156)

If they were smart enough to do that they wouldn't be in the mess to start with. Fucking wops.

Thank you for confirming the stereotype of American

1) arrogance,
2) redneck-ism,
3) ignorance of domestic issues,
4) ignorance of foreign issues, and
5) racism

in a mere 19 words. If there was a Nobel Prize for dumbest twat, you'd be a shoe-in.

Re:Man in the middle is Greece! (0)

Anonymous Coward | more than 4 years ago | (#31106602)

Wow... you did not even get the slur right... "wop" is "An epithet used for those of Italian descent" (urban dictionary).

Re:Man in the middle is Greece! (0)

Anonymous Coward | more than 4 years ago | (#31107456)

Italians are wops
Puerto Ricans are spics
The Japanese are a bunch of midgets
The Irish are boozers...

And you Pollocks are meatheads...

Re:Man in the middle is Greece! (2, Insightful)

LostCluster (625375) | more than 4 years ago | (#31105820)

They finally figured out how to get someone to bail them out

There... fixed that for you.

Ambiguous data as vali (2, Funny)

Anonymusing (1450747) | more than 4 years ago | (#31105696)

FTA: "The central problem with the EMV protocol is that it allows the card and the terminal to generate ambiguous data about the verification process, which the bank will accept as valid... while a PIN must be entered, any PIN code would be accepted by the terminal."

That's a serious flaw. You've got to insist on data being valid if you are going to record it as valid.

It's a good thing that we don't rely on ambiguous data in any other part of life.

Re:Ambiguous data as vali (0)

Anonymous Coward | more than 4 years ago | (#31105774)

It's a good thing that we don't rely on ambiguous data in any other part of life.

Indeed. Fortunately, it's only money. :)

Re:Ambiguous data as vali (1)

Atryn (528846) | more than 4 years ago | (#31107262)

It's a good thing that we don't rely on ambiguous data in any other part of life.

You aren't married, are you? Atryn

Sigh! Go ahead, (4, Funny)

kclittle (625128) | more than 4 years ago | (#31105736)

... blame Python! :)

Re:Sigh! Go ahead, (0)

Anonymous Coward | more than 4 years ago | (#31105844)

Way to end society as we know it Python.

This would never have happened in Ruby.

Re:Sigh! Go ahead, (2, Funny)

FooAtWFU (699187) | more than 4 years ago | (#31106044)

You know, they say a lot of things about Python, but at least it doesn't name two of the most basic and important language operations after the contents of address register and contents of decrement register like some (otherwise-spiffy (if you overlook the (numerous) parentheses)) languages out there.

(Just the contents of cash register, apparently.)

Re:Sigh! Go ahead, (0)

Anonymous Coward | more than 4 years ago | (#31106086)

blame = False

def BlamePython():
        global blame
        blame = True

BlamePython()
if blame == True:
        print "it was me"
else:
        print "not me"

Re:Sigh! Go ahead, (1, Funny)

Anonymous Coward | more than 4 years ago | (#31106888)

All I know is that the script could have been done in Ruby on rails in 1/2 a line. THAT'S HOW GOOD RUBY IS!!!

RFID passports (0, Flamebait)

Gothmolly (148874) | more than 4 years ago | (#31105750)

Isn't Europe the same place where you can check yourself onto a plane with your RFID passport, even if you've cloned the chip and replaced the identity with Mickey Mouse?

Re:RFID passports (4, Informative)

Spad (470073) | more than 4 years ago | (#31105888)

Only because America decided they wouldn't let any of us into the country if we didn't implement RFID passports.

Re:RFID passports (1)

John Hasler (414242) | more than 4 years ago | (#31107154)

How did the USA force you to use the RFID inside Europe?

Re:RFID passports (0)

Anonymous Coward | more than 4 years ago | (#31107444)

Umm... because the USA likes forcing other countries to do stupid things. What the hell rock have you been hiding under the past decade or so?

Re:RFID passports (0)

Anonymous Coward | more than 4 years ago | (#31107506)

they required that other countries who wanted their citizens to come to America implement RFIDs, so now all our passports have RFIDs in them

Strike at the heart of the problem (5, Funny)

OglinTatas (710589) | more than 4 years ago | (#31105806)

The researchers used off-the-shelf components (PDF), and a laptop running a Python script...

It is long past time for governments to criminalize the use of Python.

Re:Strike at the heart of the problem (3, Funny)

spun (1352) | more than 4 years ago | (#31106350)

The researchers used off-the-shelf components (PDF), and a laptop running a Python script...

It is long past time for governments to criminalize the use of Python.

Or at least criminalize its use... on a plane.

Don't worry (1)

Colin Smith (2679) | more than 4 years ago | (#31106680)

The python developers will change the interpreter and libraries, everyone will get fed up and just use the next big thing instead.

I predict. lua.

 

Not really surprising... (4, Insightful)

davebert (98040) | more than 4 years ago | (#31105808)

Chip & Pin has never been about minimising fraud - it's about pushing the responsibility from the banks onto the customers. And they're doing the same thing with the ridiculous Verified By Visa programme which just trains people to fall for phishing scams.

Re:Not really surprising... (1)

LostCluster (625375) | more than 4 years ago | (#31105950)

Like I said elsewhere, this is from the branch of security known as "false sense of". If you're constantly troubled for a PIN it means you'll feel safer... but when that PIN isn't needed by the fraudster we're back to the same point we were with "dumb" cards.

Re:Not really surprising... (0)

Anonymous Coward | more than 4 years ago | (#31107178)

A.k.a. security theatre. The horrible thing is that the flaw is so obvious (the reader asks the card if the pin was okay - returns yes or no) that this obviously isn't just some oversight in a system designed for security. No, the designers didn't care about security at all, they just wanted to build a system that allows users to enter their pin, then approve the transaction, and so on. In other words, they were knowingly designing a system that was meant to look secure but not meant to be secure.

Re:Not really surprising... (1)

GrievousMistake (880829) | more than 4 years ago | (#31106540)

I see this attitude a lot on /., but I don't understand where it comes from? It seems obvious to me that having a strong verification system in place is a good thing for everybody but the fraudsters.
In this case it turns out that it wasn't actually secure, which raises concern about whether the protocol was subject to adequate public scrutiny before it was decided to employ on such a massive scale. But do you have any reason to say that they aren't actually interested in preventing fraud?
Are there more secure methods that they are refusing to employ? Or are you saying that the problem of secure authentication is inherently unsolvable, and that they should just give up and resign themselves to laughable measures like signatures and card numbers?

Re:Not really surprising... (0)

Anonymous Coward | more than 4 years ago | (#31106862)

From looking at the band aids applied every time they get a report their system is hacked, their main concern seems to be that all these measures are only implemented to survive a court trial by playing the blame game.
So they're not looking for safe methods in the first place, they look for cheap methods that look safe enough to please the judge.

Once they stop shifting the responsibilities to the customer because "it can't be our fault", I'll believe them when they claim it's about the customer's security. What currently happens is only for the security of the company. They can still go through discovery to look who's at fault, I don't expect them to cover every claimed hack, but right now, they get away really cheap with those "security measures".

Re:Not really surprising... (3, Insightful)

Tanktalus (794810) | more than 4 years ago | (#31107290)

But do you have any reason to say that they aren't actually interested in preventing fraud?

Because they keep outsourcing the development of a mission-critical security system to the lowest bidder instead of the most qualified. They probably throw in laughable constraints, too, such as having to work on existing POS terminals.

If they were truly interested in preventing fraud instead of denying liability (while still getting to say in marketing that they protect you from fraud), they would contract the design of this system out to some real security experts - and, given the obvious quality of their design team in matters of security, they could post the job offer on slashdot to get some reasonable candidates - who would then use a public-private key encryption scheme where the POS terminal's public key would have to be signed by the credit card authority's private key, which could be verified by the chip by using the public key therein, and then the chip would use that public key to encrypt its own public key, which would be used by the POS terminal to encrypt the PIN that the user typed in, and send it back. And then, no matter whether the PIN is valid or not, the chip would send back some sort of data encrypted with the POS' public key again. That data would decrypt to something that was encrypted with the credit card company's public key, so that the POS terminal would then have to send it back to the credit card center (Visa, MC, Amex, whatever) to get it decrypted (along with its own public key so the credit card company could re-encrypt its response) to validate. The data sent back to the credit card company would include: the encrypted confirmation from the card (plus some random data that can get chopped off, e.g., some JSON-like data: '{verified:true,defeat-listeners:"adsh65ouhdsakljt"}' would be easy enough for the credit card company to get what it needs while discarding the rest while resulting in the packet changing every time), the amount of the transaction, the public key of the POS terminal, all encrypted again with the upstream public key. Upstream could decrypt, extract, and decrypt again. Oh yeah, and before the chip gets printed, its own public key would have to be signed by the credit card company, just to make it that tiny bit more difficult to forge.

For a laptop to sit in the middle and get anything out of such a system would be practically impossible. And, if done right, defeating it once won't mean easy-sailing after that. Maybe an electron-microscope on an exposed chip might help ... but even then, I'm not sure it'd help enough.

And before real security experts jump on me, this is just something I thought up over the last ten minutes. If I were given a $50,000 consulting contract to design this, I'd spend far more than 10 minutes on it, and might find some of the kinks that are likely obvious to much more experienced people than I.

Re:Not really surprising... (0)

Anonymous Coward | more than 4 years ago | (#31107194)

If people think chip and pin is secure, wait for all the fraud to occur with the new RFID embedded in all the UK's credit and debit cards that the banks are rolling out "for your convenience", in reality, it makes it easy to defraud you, and as a bonus the government could put readers where they like and track people.

Most interesting is a leaflet from my bank on the new cards, it says that you MAY be asked to key in a PIN for a RFID swipe transaction, but not necessarily and usually not. A fraudster could potentially get a lot of cash out of you before you know it. NOW how do you dispute a transaction when the card was with you all the time AND there was no pin needed to be entered?

Buy an RFID credit card shield, or make one from cooking foil or crisp / chip packets.

Re:Not really surprising... (1)

Wowsers (1151731) | more than 4 years ago | (#31107294)

I don't know why it was anon posted, but I claim this as mine damn it!

Not News (5, Informative)

sexconker (1179573) | more than 4 years ago | (#31105838)

This is not news.
This is the way the system was designed.

It was designed to be shitty and insecure so fraud could continue.
It was sold as being highly secure in order to get them into widespread use and to get the laws set up to remove all liability from the banks as long as the system says the card is good.

The banks profit off of fraud.

This is all intentional, and it has been going on in criminal circles with these cards before day one. The only difference now is that some group has publicly revealed the sordid details.

There's a work-around! (2, Funny)

SpaceLifeForm (228190) | more than 4 years ago | (#31106364)

Use Cash.

Re:There's a work-around! (1)

LostCluster (625375) | more than 4 years ago | (#31106592)

Cash doesn't come with a "Zero Liability Promise" should it be stolen or lost.

Re:There's a work-around! (2, Funny)

DotNM (737979) | more than 4 years ago | (#31106754)

Yes it does. Zero liability will be assumed by anyone... and that's a promise!

Elementary (0)

Anonymous Coward | more than 4 years ago | (#31105852)

"The researchers said the engineering and programming skills necessary to make a man-in-the-middle device to conduct the attack are elementary."

Why a four year old child could understand this.
Run out and get me a four year old child,
I can't make head or tail out of it.

Groucho in Duck Soup (movie)

Re:Elementary (1)

haderytn (1232484) | more than 4 years ago | (#31106362)

Elementary means something other than what you think it means.

Re:Elementary (1)

ShinmaWa (449201) | more than 4 years ago | (#31107654)

Wooooooosh!

Figures... (4, Funny)

DoofusOfDeath (636671) | more than 4 years ago | (#31105864)

Leave it to an English university to focus on phish and chips...

Tinfoil, where is it? (0)

Anonymous Coward | more than 4 years ago | (#31105904)

Slashdot: the only place which will make you wear a tinfoil hat with truths only.

BANKS are not a fault its VISA and MASTERCARD (1)

johnjones (14274) | more than 4 years ago | (#31105956)

well done Steven J. Murdoch, Saar Drimer, Ross Anderson, Mike Bond

please dont sell out now !

make sure that they publish and do so in a Open and transparent their new system !

regards

John Jones
http://www.johnjones.me.uk

p.s. i wonder what they 'purchased'

Re:BANKS are not a fault its VISA and MASTERCARD (0)

Anonymous Coward | more than 4 years ago | (#31106866)

They bought a bottle of water from a university cafeteria, there's a video on the BBC news website.

Incidentally, articles like this are exactly the reason I continue to read Slashdot. There's a link to the paper, when the BBC didn't provide one.

It's just a shame hardly anyone bothered to read it before posting incorrect statements and false speculation, but they've all just gained a -1 Overrated / Offtopic :-) (hence I'm posting anonymously).

Dear Botnet Masters: (0)

Anonymous Coward | more than 4 years ago | (#31105982)

You got the WRONG continent [slashdot.org] .

Yours In St. Petersburg,
Kilgore Trout

withdrawal blues (1)

harvey the nerd (582806) | more than 4 years ago | (#31105988)

Agree that these "security systems" are about dodging liability rather than providing good security. Of course, another big benefit to the bank is that it makes it much harder to transfer money over small amounts, say $1000, if you can't go to the office physically or don't use their "verification card". Money that the banks won't give back easily.

Canada too? (2, Informative)

the_flyswatter (720503) | more than 4 years ago | (#31105990)

According to http://www.visa.ca/chip/cardholders/emvstandard/index.jsp [www.visa.ca] , the EMV Chip & PIN standard is also used in Canada, not just Europe.

Re:Canada too? (1)

TheSpoom (715771) | more than 4 years ago | (#31106532)

VISA et al seem to be trying to break into the Canadian market, which is fundamentally dominated by Interac [interac.ca] , another PIN-based debit system run by a coalition of banks. Almost every merchant in Canada (or at least Ontario) have Interac POS readers. It should also be noted that most Canadian bank cards aren't backed by VISA / MasterCard (like they are in the United States), they're simply debit cards, linked directly to bank accounts.

Re:Canada too? (1)

TheSpoom (715771) | more than 4 years ago | (#31106548)

(Note that this applies only to bank cards; credit cards are still run by VISA and MasterCard primarily.)

Re:Canada too? (1)

DotNM (737979) | more than 4 years ago | (#31106640)

Yes, this is in effect in Canada too. I have a BMO Bank of Montreal MasterCard and BMO Bank of Montreal debit card, and both are chip and PIN enabled. There's even a website with a bunch of information and FAQs on chip and PIN: http://www4.bmo.com/chip/questions.html [bmo.com] Full disclosure: I am a Bank of Montreal employee, but from my understanding, all major Canadian banks will be following suit if they haven't started already.

We Already Know This (3, Insightful)

segedunum (883035) | more than 4 years ago | (#31106172)

This has been known for years. The machines and man-in-the-middle attacks are obvious, simply because you cannot verify the authenticity of any machine that you stick your card into and type your PIN. You have no clue that any one of them is doing what you think it should be doing. ATM machines are bad enough, but at least there is some sort of trust over the fact they are at a fixed point and there is some form of physical security around them. With chip and pin machines all you have is utterly blind faith that you have no choice but to accept, and then you get blamed for being insecure by the banks when the inevitable happens.

What have we heard about this in the mainstream press and media? Nothing. People, and those with a vested interest, obviously just want to deny that it can happen.

No, you actually don't know (2, Insightful)

spun (1352) | more than 4 years ago | (#31106440)

You know what helps you sound informed and intelligent? Reading the article. You know what makes you sound, well, silly? Not reading the article. Here's a clue to spark your interest: it isn't the card readers that are performing the man in the middle, it is the person in possession of the card performing the attack against a standard card reader.

Re:No, you actually don't know (0)

Anonymous Coward | more than 4 years ago | (#31106500)

Dude, a mitm attack is an mitm attack. The attacks against Chip and Pin are well known and obvious. These researchers are just proving what everybody already knows--Chip and Pin does not provide any real security, and is just a mechanism for banks to push the fraud liabilities off onto their consumers.

I'm waiting for the first big lawsuits where bank customers sue their banks for effectively stealing their money from them (by allowing fraudsters to take it, and not reimbursing them).

Re:We Already Know This (2, Interesting)

verbalcontract (909922) | more than 4 years ago | (#31106702)

This doesn't seem like the average attack we see in the United States, where a false card reader and camera copy a victim's credit card stripe and PIN respectively. I'm by no means an expert in Chip and PIN, but Wikipedia indicates that the smart card chip is much more difficult to copy than the US's magnetic stripes:

http://en.wikipedia.org/wiki/Chip_and_pin [wikipedia.org]

From the text:

"Once the card has been verified as authentic, the customer enters a 4-digit PIN..."

It doesn't say whether all the credit card information is passed during this handshake, but if it's not, it wouldn't be possible to copy the card just by reading it.

Re:We Already Know This (1)

spinkham (56603) | more than 4 years ago | (#31106816)

Chip and pin is definitely better then card swipe, or card swipe and pin.

The only problem is the banks are treating the increase in security as absolute security, and refusing to handle any fraud concerning a chip and pin transaction.

Re:We Already Know This (4, Insightful)

russotto (537200) | more than 4 years ago | (#31106986)

Chip and pin is definitely better then card swipe, or card swipe and pin.

Card swipe and PIN appears to be better. While I can easily copy a card, there's no way I can manufacture a card which will work with any PIN.

The only problem is the banks are treating the increase in security as absolute security, and refusing to handle any fraud concerning a chip and pin transaction.

This is one of the areas where the US is actually ahead of the game. For credit cards, there's $50 liability maximum for the cardholder. For ATM/debit cards, it's also $50 if you notify them within 2 days, but $500 if you notify them within 60 days, of finding out about it. They can't just say "Impossible" and have you jailed for having the temerity to claim a charge was fraudulent (as has happened in the UK).

Re:We Already Know This (1)

T Murphy (1054674) | more than 4 years ago | (#31107316)

I see the importance of this not to be what kind of attack they used (other than being relatively simple), but the fact that they are proving these cards aren't as secure as they're claimed to be. It's the difference between knowing Capone did it and finally getting evidence that will stick.

Another simple terminal solution (0)

Anonymous Coward | more than 4 years ago | (#31106582)

Is to include the PIN entered in the data encrypted and MAC'd by the card (this is sent to the bank.)

Then the bank could verify that the correct PIN was entered when authorising the transaction.

so, we'll have to hand over our card for the cashi (1)

HonTakuan (1743436) | more than 4 years ago | (#31107070)

"The FPGA board was connected to a Maxim 1740 interface chip, which was linked via thin wires to a fake card, used for insertion in the terminal." so, we'll have to hand over our card for the cashier to swipe.

Yup, in 2000 when banking data was given to USA. (0)

Anonymous Coward | more than 4 years ago | (#31107228)

Security was broken when EU agreed to give all European banking data to USA ;-)

Thankfully this was discovered in 2006 by Press, and EU governement decided to stop this.

Simple Solution (1, Redundant)

bill_mcgonigle (4333) | more than 4 years ago | (#31107250)

and a laptop running a Python script

So, classify Python as a criminal tool, problem solved.

(the rule that you have to mention Python at every possibility cuts both ways).

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>