How Smartcard Payment Systems Fail

Video Statistics and Information

Video

Captions Word Cloud

Captions

this session is how smart card payment systems fail presented by Professor Massa Anderson he is a professor of security engineering at Cambridge University and author of security engineering so thank you and listen for the greetings Thanks so America is in for a big change in how you pay for stuff since the 1960's people have been using credit cards based on magnetic strip and starting round about now the banks are starting to introduce credit cards which are based on chips instead now we've been using these in the UK for 11 years now and we've got quite a lot of experience of how they break we started off at the beginning figuring out that we understood what the likely shortcuts were that had been taken in design and we thought we knew what the frog would be but reality turned out to be rather different and over the past dozen years my team and I have been monitoring this we've picked up and investigated quite a number of rather ingenious hacks against the system and there are we think some pretty interesting and important lessons for people to learn in America as you start employing as and deploying it here now chip-and-pin is known formally as EMV Europe a MasterCard Visa the car brands basically settled the big smart card patent disputes in 1995 and then spent the late 1990s evolving a specification and testing it and this started being rolled out in the UK in 2003 it became mandatory in the UK for new issued cards to be Chip and PIN cards by 2006 and one by one countries in Europe and Canada followed in theory all banks in the USA have got to start deploying chip and pin for new card issue by 2015 but the unit but the industry isn't that discipline then is going to be interesting to see how things develop now there's an enormous story of failures and frauds and there's a lot of general lack for security engineers and what happened now the concept of operations behind EMV cards is quite simple if you replace the magnetic strip which is easy to copy with a chip which is a lot harder to copy then that makes card copying more difficult the chip authenticates the card at the same time you want to authenticate the card holder using possibly stronger methods and in many countries in all countries in Europe the default way of authenticating a card holder is a pin so when you go to a merchant terminal to do a point-of-sale transaction in Europe usually it asks you to enter a pin and the pin is verified by the chip itself ATM transactions are done as they have always been and some countries have decided not to use pins Singapore for example decided not to use pins because they believe that pins are bad for customer protection that if people are authenticated by pins rather by signatures it's more difficult for a customer to win a dispute issue with the bank and that's an interesting question that we're going to see tried out in the USA because my understanding is that some banks are going to insist on your using your card with a pin at the merchants point of sale whereas other banks are going to go initially at least for a chip and signature card because the retinic will be easier to deploy now one of the other interesting things about EMV is how do you go about deploying it now we all know about the many many many security systems that were beautifully designed by very clever engineers but never gets any transaction in the real world right because they're all the big network effects involved in deploying something who wants to use encrypted email if none of the people you exchange email with encrypt their email yet right we've all seen this problem sometimes we know how we can solve that ssh for example got deployed because it gave you access and teleportation as well as a more secure version of our login and so how can get an incentive for people to actually use this stuff well the idea the bank's come up with is what they call liability shift at present if I as a cardholder dispute a transaction then the bank simply passes that transaction back to the merchant they do a charge back and if the merchant is too many charge backs they could find and if they got even more charge backs then they get their credit card service withdrawn so that's straightforward so what the banks say to merchants is if you adopt EMV if you spend all these millions of dollars and replacing your terminal fleet with Chip and PIN terminals then we guarantee that a properly authorized Chip and PIN transaction will always be good for funds if the customer disputes it then the banking system will take the hit rather than the merchant and this liability shift together with some changes in together with a reduction in the interchange fee that the merchants pay is what has been successful in Europe in inducing merchants to spend billions and billions of dollars over the last ten years in changing all the terminal fleets so here's the fraud history the banks believed that by replacing magnetic strip card payments with a more secure alternative they would be able to cut fraud and as you can see fraud went up and then it went down and now it's going up again so there's some interesting things going on here which I'll talk about briefly in which we'll explain in later slides so the top line is card-not-present fraud that's basically stuff that happens on the internet and as you see the very first thing that the bad guys did when Chip and PIN was introduced as they started doing fraud online rather than in stores the second line the other line that's counterfeit and as you can see what happened is that counterfeit initially went down because it's actually really really hard to counterfeit chip cards if you do it you know by brute force the doorway there are more subtle ways of doing it which we'll discuss later but the villains really haven't industrialized that so what happened is that counterfeit fraud first went down and then it went up again because what the bad guys realized is that now that everybody's using pins everywhere this means that you can harvest card and pin details from dodgy terminals anywhere right because every merchant is now exempting pins from customers previously customers or me used their pins in ATMs so if you wanted to steal card and pin details you basically had to put a skimmer on an ATM you know and risk being seen by the CCTV and detected by the physical alarms and so on but since chip and pin was introduced it became straightforward for people to either deploy dodgy terminals or else to tamper with existing terminals or even to use things like terminal malware and once you have got credentials then of course you can take them to America or to India or to China and or one of the countries that still does magstripe and use the card in magstripe fallback mode there are various other lower level fraud modes that will that we'll talk about so there's also a moral hazard here because in the old days the system the banks and the merchants were somehow liable but what happened when you introduced the MV was this the deferred transaction is said to have been a chip-and-pin transaction then the merchant doesn't pay for it the bank takes on the liability and then the bank can go to the customer and in many cases does go to the customer and says your card and European were used therefore you were negligent or complicit therefore it's your fault so we won't give your money back if on the other hand a pin wasn't used the bank reverses the transaction back to the merchant so look what's happened the bank isn't liable for fraud anymore and if the bank's not paying for the fraud then why should the bank bust the gut to keep the system secure this is one of the big untold stories of the chip-and-pin scenario so this site basically sums up what I said that EMV was supposed to abolish fraud or at least substantially reduce it and it didn't fraud went up and then down and now it's going up again card not fret present fraud shots up rapidly counterfeit fraud took a couple of years and then shot up once the crooks realized how to do it and the overall effect was as if you had taken a bulldozer and driven it across the landscape the ripples of crime are still flowing they're just flowing in slightly different channels so how might a EMV be broken well but EMV was first deployed we went and looked at it from a technical security point of view in a decade ago for example we were doing research in API security if you have got a cryptographic hardware security module then one of the ways that you attack it is that the security module has maybe hundreds and hundreds of different transactions and so you stare at the manual for a few weeks until you find a combination of them that does something bad and EMV made the transaction sets used by hardware security modules so much more complex that there were a whole lot of new API attacks there was a transaction for example to encrypt a key to send it to a smart card and it turned out that this was badly designed in that there was a variable length field which enabled you to look at the encrypted key block on any byte boundary you wanted so you could guess keys a byte at a time and then you could take master keys and encrypt them using this transaction to send to cards and this meant that a dishonest programmer working in the bank could use the emfe apparatus to extract all the bank's cryptographic keys and thereby break the system so hardware security module vendors had to spend some time working on that and to research students that I had working on that project are now working Foursquare and for Deutsche Bank so you know there was some fun but this was good academic knockabout stuff that got a couple of guys their PhD thesis and worth of jobs in the industry this wasn't something that ended up at least immediately being used by the bad guys the next thing that we thought about was the optimizations no there's two types of EMV card roughly speaking there are cheap ones and expensive ones the cheap ones the static data authentication cards only do theirs or AES and the expensive ones the DD err cards will also do RSA now if you use a cheap card that means that the smart card itself cannot make a digital signature and this means that it when it presents its credentials it's simply presenting a static certificate to the merchants this means that you can make up a forged card which will impersonate a smart card if the terminal is offline because the only way that the merchants are nor can then tell brother you've got a genuine card is if it performs a cryptographic operation with the card and then sends it to the bank for checking because cheap smart cards sta cards simply have a Triple DES key which they share with the card issuing bank now I'm going to describe the protocols in a later slide but at the conceptual level if you've got the public key capability then frige cars will work in offline and people worried at the start that this would be something that would be easy for the crooks to do and there are one or two cases seen in France but the amounts of money were trivial they were just in the hundreds of thousands of dollars and so the industry heaved a big sigh of relief and hey guys we don't actually have to start shipping expensive RSA smart cards any time soon so again the attack that you expected in theory didn't happen in practice next what about a false terminal back in 2005 a couple of my research students got one of these terminals and they took all its guts out and replaced them with some hobby electronics and as you can see this terminal is playing Tetris and if you search on YouTube you can find the video of this thing playing Tetris chip-and-pin terminal playing Tetris should get it and we did this in order to emphasize that it was possible for people to build entirely false terminals or sit by genuine terminals from ebay got them and replaced the electronics with something that would capture cards and pins from victims and we did see a bit of this later on as I'll describe however what you can also do is something a little bit more subtle and this was an attack that we also thought of at the beginning to do a man-in-the-middle attack on a remote terminal in a merchant selling expensive goods so how this kind of attack works is as follows I build a parking meter right and I put some of these parking meters in a vacant lots and you come up with your car and you want to park so okay it's three pounds for two hours so you put your chip and pin card in right and as you put your chip and pin card in an alarm goes off in the headphone of somebody standing at Helsinki Airport and he goes up to the cash machine and takes out 500 euros doing a real-time transaction against your card is this doable well it's perfectly doable we did a demonstration we did it on TV we got two students born with a dodgy terminal in a cafe and the other with a laptop in his backpack and the card wad on his sleeve and as the victim went in and used the terminal in the cafe one of the students went into a bookshop and bought an expensive book so this is a good proof of concept but again did we see this in the real world it might be tempting it all because people buy very very expensive stuff using chip and pin cards right the banking system in Europe is now completely relaxed about people using their bank cards to buy cars that's now the default way of buying a car in Europe is just using your bank card a full-throttle and bucks or whatever in one transaction and if you're really rich you can go and buy yourself a Learjet you can go spend 8 million dollars in an airplane in one card transaction so surely it would be worthwhile doing targeted attacks and high net worth individuals using this cool well we haven't seen it it was a great student exercise it made a great movie and again you can find it in YouTube but it seems never to have happened so what did happen well the first thing that happened was back in 2006 2007 some bad guys went around shale petrol stations in the UK and they said hi we're the pin entry device maintenance engineer as we come to do maintenance on your terminal and so they took the chip in pincer arm or they did some maintenance on it and there you know chatted very cheerfully to the petrol station operator and you know hundreds of thousands to millions of pounds were stolen from cardholders and the terminal vendor chin tech actually went bust right because shell had to reverse all its filling stations to using the manual address a graft machines remember the old ZipZap machines they had to fall back to that for months and months and months Rolly went out and bought new terminals from another supplier so that was a big deal and then we started seeing a whole host of wiretapping attacks against BP garages and in the UK many of the BP garage franchises are owned by ethnic Tamils and so there was a scare story in the press about how the Tamil Tigers terrorist group in salon was using this to harvest operational funds and what was actually happening here was that guys would put a wiretap on the lion that went from the pin entry device to the gateway in the branch and that would get them the clear text of the transaction since the pin entry devices don't actually encrypt their traffic to the bank and they were then either used the CCTV within the branch or else install a video camera in one of the ceiling tiles so that they would be able to capture the pins at the customer's anthem and this got detected in fact when a policeman in Phuket in Thailand noticed a chap using white plastic in a cash machine so he arrested this guy and he was offered on the spa a bribe of $35,000 to let the guy go but being a dutiful police officer he refused and so this guy's hotel room they found a suitcase with over three thousand and white plastic cards that have been encoded with the details of UK cardholders that had been stolen from BP garages and eventually the police found a mr. Patel in Croydon whose garage contained exactly the sort of equipment that you find in our own sample lab at Cambridge so this is what was going on so how did he get away with it well in the letter stages what the bad guys were doing was pressing wicked electronics inside the pin entry device itself so in EMV the pin entry device that is you know the the chip and pin machine that you see on the retailer's counter is supposed to be tamper resistant because first thing you enter your PIN at it so that's sensitive information which should be protected and second you get the cardholder credentials your account number CVV certificates and so on floor from the card in the other direction and so if you can wiretap into the pin entry device you can get everything right if you simply wiretap into the Shopping Network you don't get the pin because the pin goes from the pin entry device to the card for the where the pin is verified and so if he went and looked at the visa website they they said that an entry devices were supposed to be tamper resistant that they were evaluated under the common criteria and you can go and download the protection profile that they used and according to this protection profile it should cost twenty five thousand dollars to defeat a pin entry device that's not to find a class attack on a particular make of pin entry device that is per physical unit okay so the idea is just as it takes you a lot of money to get your ion beam machine and drill in an individual smart card so it should cost you a huge amount of money to Trojan an individual pin entry device so we went from eBay and we bought a dozen or so pin entry devices and this is the inside of the Ingenico 3300 which is the most commonly used pin entry device in the UK at the time and you can see where the four switches are highlighted in red these are four studs on the keyboard which so long as the device is closed depress or make contact on four switches on the keyboard PCB which you can see above there also outlined in red and also shown on the side here so if you open the shell of the device then these switches go open circuit and that causes the cryptographic key material within the pin entry device to be zeroed in effect it turns it into a brick right once that key material is gone the banking system will bulldonger recognize that as a pin entry device they put various other things in as well to make it suppose it'd be very very difficult so that for example where you have got some of the circuitry that's sensitive they put tamper responding sample sensing meshes around it or little PCBs that stick up and as you can see at the right-hand side of the PCB some of the PCBs also have tamper meshes going through them at Laurel Ayres so if you try and drill through them you will either make something open-circuit there should be closed or something close circulars should be open and again all the cryptographic key material is zero eyes so did this work well if you let a couple of bright research students loose on a tamper-proof terminal it often doesn't stay tamper proof for very long and so once they dismantled a few of these terminals and looked at them a couple of my students are dreamer and Stephen murder observed that if he went in through the back of the terminal and you can see in that compartment in the back there there's a paper clip sticking in a little hole well if you drill exactly there you can evade the tamper detection mechanisms and you can drop a contact on to the serial line that carries the pin from the PIN pad to the card and carries the credentials from the cards of the pin pad so there's one place where you have to drop a paperclip and you get everything and what's more the terminal has got this little compartments in the back where you can conveniently put your wicked electronics now we understand that the manufacturers offered the banks the option of putting a separate encryption unit in the back of the device there so that the traffic from the pin entry device to the bank could be encrypted the banks could have be bothered and instead that provided a wonderful place for you to put bad stuff so we came to the conclusion that this pin entry device which supposedly cost twenty five thousand dollars to tap could actually be tapped with ten minutes work and a few dollars worth of components so we went to GCHQ which runs the Common Criteria scheme in the UK and we said listen pal let's hear a common criteria evaluated pin pad it's a lot of fur all dangerous droppings isn't it what are you going to do with the commercial license evaluation facility that's inspected it and GCHQ scratched its head and said this isn't one of our problems met this thing was never Common Criteria certified oh but these are claims it's common criteria evaluated well why don't you speak to visa so we did and we went to spoke and spoke to visa and they said well we agree it's not Common Criteria certified because to get it certified we'd have to share the evaluation report with GCHQ and that would be bad for security okay fine so what did you do I said well they said we evaluated it according to common criteria principles and procedures using a clef just as if it had been a common criteria evaluation but then we kept the evaluation reports ourselves all I said so we're back to GCHQ and we said listen man these guys are passing off your brand they're undermining your trademark who the hell is gonna believe in Common Criteria if this sort of rubbish gets advertised as a Common Criteria valuation and I said to GCHQ look you've got the Digital Millennium Copyright Act why don't you just put a notice on Visa and MasterCard and Barclays and so on for passing off your trademark and tell them to stop it otherwise you love their website second down although they said we could never do anything as aggressive as that well hey so following a responsible disclosure period we went public with this in 2008 and the banks trades union said that it wasn't a problem you know most bad guys aren't as clever as these Cambridge students and they won't be able to do an attack like this but in fact the bad guys were already doing an attack like this and in July 2008 there's a couple of brothers called Khan were arrested in Birmingham for having had access to the warehouse in Dubai where these terminals went on route from the factory in China to the distribution network and they were putting wicked electronics of them and so for a period of time in 2008 you could go into a store in Britain or a bank branch in the Netherlands and you could put your chip and pin card in a pin entry device that they had just ordered from the factory in China they took it out the wrapping they put it on the table in their branch and they started doing business with it right and this pin entry device contained wicked electronics that would take your card and PIN details and would then SMS them to a guy in Karachi so the card brothers got their collar felt and there were supposed eventually to be tried in October of 2011 but they got off because the bank's wouldn't provide any evidence against them because it was too embarrassing so they not only got to steal a few million they got away with it and they got a brag about it next attack with noir pin attack roundabout 2009 after mr. Khan had been arrested we got a number of people coming to us saying you know help my card and PIN have been used and you know after my car was stolen and the bank says I must have compromised my pin but I didn't I never wrote it there and they won't give me my money back what could be going wrong so we investigated what could possibly be happening how could you use a stolen chip and pin card without knowledge of the pin and the responsible disclosure in this case involved us causing us on that news night which is the UK's main late evening news programme and let's see if we can roll the video we will stay with the question of money because most of us don't think twice about paying for something in a high street shop by keying in our pin it's easy as fast in the most cases it works but scratch a little under the surface and there are persistent avoids the people who say they've been the subject of fraud of one kind or another on their credit card or their debit card now a team of computer scientists at Cambridge University has found a flaw in Chip and PIN so serious they think it shows the whole system needs a rewrite our science editor Susan Watts has the story we have to question the the entire architecture that surrounds you it really is time for a closer look to be taken in this whole area but this floor is really a popper what we think this is one of the biggest flaws that we've ever uncovered that has ever been uncovered against payment systems and you know I've been in this business 25 years this is a flaw on a system that's used by hundreds of millions of people by tens of thousands of banks by millions of merchants so how did the attack work essentially what it does is exploit a flaw in the chip and pin system that allows the terminal to think that a correct pin was entered and the card to think that a signature authorized the transaction so at the end the receipt says verified by pin the bank is gonna think that the pin was entered correctly but the criminal actually did not know the pin Cambridge University gave us permission to see if the attack works in real life the team set up in one of the universities cafeterias we obviously don't want to give up too much detail but in simple terms SAR is hooking up the stolen card to a chip this is controlled from a laptop and run software written by the team all of this is hooked up to a fake card which slots into the actual shop terminal the kit wouldn't have to be this big the teams already working on miniaturizing it into a unit the size of a remote control tsaah had a trick up his sleeve his dummy card has a concealed cable running up his arm to the kid in his backpack so will it work he doesn't need to know the actual pin from the stolen card any combination should do the stolen card is getting a message that the purchase has been authorized by signature this mismatch should allow the transaction to go ahead and yes it does the printout state has been verified by pin in fact SAR tried a handful of high street debit and credit cards keying in zero zero zero zero as a pin and it works every time so is this attack happening in the real world the consumers association thinks Chip and PIN has helped to bring down instances of card crime but many cases remain unexplained it's very difficult to quantify exactly how big this problem is what we do know from our investigations is that say around forty percent of consumers on the representative basis will have said that they have suffered some kind of financial loss which they believe is through fraud the percentage of that which is actually from their this type of potential problem with Chip and PIN is something that's a lot less clear what we do know is that we do have cases that are brought forward from individuals which seem quite persuasive we understand that behind the scenes some of the banks are already working on fixing this flaw but they obviously haven't all fixed it yet because the banks didn't alert any of us to the purchases we made using the Cambridge attack our cards and a pin zero zero zero zero so that's in theory a pretty simple attack you just put a device between the card and the pad and you tell the ped that the card accepted the pin and you tell the card that it was a chip and signature of transaction now it is possible to detect that this attack went on if you compare in detail with logs produced by the card with the logs produced by the pad because they have different flag set in the various clusters of bits that get reported back but it's harder than you might think because where are you going to do this checking to do this in the pad that means reprogramming tens of millions of heads in the field and they're run by acquiring Bank it's not by the issuing banks or blaming their customers for this fraud do you do it in the network switches well visa doesn't want to admit that it was at fault in miss designing the system so that this could happen the specifications are very very obscure on the point if you're an acquiring bank then in theory if all the transactions are online you should be able to spot this but again how much of an incentive do you have if you can just blame your customers for the fraud and so while those publicity about it while there's an active attack in progress you might want to try and do something about this but the problem there is that if you turn on strict checking in your system then it causes a very high rate of false alarms because payment services networks are as crusty as every other artifact that people like us build they've been pulled together with string and sealing-wax until the only just work and there are lots and lots of clutches that have been put together to make things work and so with strict checking you may end up finding suddenly that you can't accept any transactions from egypt's or hungary or china for example and that's just too painful so if you're not aware of transactions in progress then it's simpler to just not fix it so let's look again at how this happens an oral EMV transaction using the card sends the card details and the digital signature on these details to the pin entry device the merchant then gets the pin entered by the customer and the amount of the transaction and other things that describe the transaction and then the card sends back a signal which says the pin is or KS or Lord on an AR QC and authorization request cryptogram the merchant terminal then sends the transaction with the cryptogram to the bank which then says basically yes or no it checks the cryptogram it checks that the cryptogram was computed using the Triple DES key that was installed in that card and it checks that there are funds available the card wasn't reported stolen and so on and so forth so all you have to do is basically arrays the pin from a transaction number three and that's basically three lines of code and the attack then basically runs from there so all you need to do is to find a simple compact and reliable way of filtering the transaction between the card and the pin entry device and that's basically that accessorizing in diagrammatic format so what happened well as I mentioned after we revealed this on TV in February 2010 there was some activity in the banking sector of the bank's said initially that this was an industry problem rowling their individual problem one of the UK banks Barclays started blocking it in July 2010 they actually sent their suppliers orbital to meet us and there was a firm from Chicago that was actually writing the relevant software came over and sat down with us and discussed options and so for a period of almost six months if your card was issued by Barclays so that you were vulnerable to this attack but when we checked it again in December of 2010 we found that in the run-up to Christmas the defenses had been turned off we believe simply because it was costing too much business in terms of false alarms the real problem here is that the EMV specification has become vastly too complex those four big volumes that we worked with you know something like 1600 pages of specifications and then there are individual national specifications which describe the local hacks that various banks have put onto the EMV spec and the information that we needed to implement the law pin attack was gathered you know was available but it was in about 16 different places scatter that scattered throughout these four volumes and the four volumes were more or less a documentation of the system that they'd eventually got working it wasn't in any sense structured there wasn't a clear description at the beginning of what they were trying to do about what the threat model was about what their security policy was about the attacks they considered and what the various mitigations that they had designed to deal with that what's more the the banks had set up a company EMV core that was jointly owned by Europe a MasterCard and Visa which designed this in the 1990s but once their job was done they appear to have you no longer very much in the way of either political close or technical expertise and the spec is now being driven by the vendor community a hundred dog vendors plus national banking associations have got their own little hack so they put on top of this and of course when you've got an ecosystem with a hundred or vandals and 20,000 banks and millions of merchants you've got a governance problem you end up at the tragedy of the Commons in that nobody sees it as their job to step up to the plate and say hey guys it's about time that we refactored all this and Ross a proper EMV 5.0 specification I did try and suggest the Federal Reserve that they insist on this as a condition of letting EMV be deployed in the USA but you know the Fed doesn't have the kind of that you would need to force the banks to do that so how did the industry respond to our stuff well less of that year the Roth's our University's PR department asking for the master's thesis of one of our guys or March Audrey had been involved in this project to be taken offline in case it was of too much help to the bad guys and we brought back to them saying hey you know the bad guys know this stuff already because after all it was the bad guys who discovered this attack we merely followed in their footsteps and figured out what they were doing when the bank's couldn't be bothered to do that and at present you know we guess our machinery from science and Simon we check this in the university cafeteria and at present last time we looked a few months ago only HSBC appears to be blocking this attack in the UK now is not just the UK there's a case that's been dragging through the courts in France for about three years and what happened there is that some guys got stolen EMV cards from high net-worth individuals and they put individual electronics little components in the card and I'll show you something similar in a few slides time to implement this attack and they managed to steal hundreds of thousands of euros and the guys in that case have been tried but the trial is currently at Appeal and so the relevant materials are sealed so this is a real attack and it's a protocol failure and it's one that should have been detected at the start if people have been systematic about specifying what they were doing and why it's a really really trivial attack thus part of things are written down properly but it's one that people overlooked because there isn't proper documentation our things another problem that we then came across is with the card authentication protocol you remember from the graph that the initial response the deployment of EMV was that we get a huge spike and muscle mail or telephone order online stuff and so there was a push towards mechanisms that can be used online for online merchant transactions and in online banking and one of the things has been deployed in the UK is the card authentication protocol here you've got a little calculator and you stick your bank card in the calculator and the calculator asks for your PIN and then they ask for a challenge that your bank has displayed on your screen or it may just generate a one-time authentication code that you used to log on to a system it can even work out a message authentication code on some transaction data for you now this sort of thing has been around for or the first one was the reptile watch world in 1980 and in a good design what you do is you proceed your PIN plus the challenge with which you want to compute the response and the card then uses its key material to compute the response even if the pin is wrong you just get the wrong response but the implementation failure that EMV did is that the card first tells you whether the pin UN sword is right or not and then it enters the Challenger then it computes the response now millions of these devices have been manufactured and put into general distribution banks like HSBC and the NatWest hand these out to many of their customers and this means that if you get mugged at knifepoint in London now and you hand over a chip and pin card the nice young gentlemen can ask you what your PIN is and he can check it on the spot with his cap device and if you give him the wrong pin then he might for example contra here off and invite you to try again and this is you know not always a job because we had a couple of students a few years ago got basically tortured to death by robbers so putting in the hands of millions and billions of people the meanness to check bank pins is not a good idea in the old days the bad guy would have to frog-marched you to an ATM now he can check your PIN in the back alley where he mug you the next problem that you have is that if you are going to use your Chip and PIN cards to log onto an online banking system then presumably what you're trying to do is to prevent phishing attacks are there interesting things that you can do to defeat this as a protection mechanism well it's pretty suspicious if somebody puts up a phishing page which asks for your bank pin but what happens if they simply ask you to do a transaction with your cap reader when they present stuff to you with a man-in-the-middle attack well it looks perfectly normal and so you've got what appears to be a stronger means of protection but actually ends up as something that's liability on you and there's another thing that the thing that can go wrong as well again this is not something we've seen in the wild with something that we've demonstrated you can do cap attacks through wicked shops because some banks but not all implemented the EMV system in such a way that if I'm a bad Marchant with a Trojan chip in pin terminal and you come to me with your bank card I could not only do an EMV transaction to pay for your coffee I can also then get my terminal to pretend that it's a cap reader and to get a few authentication codes from you to authenticate your next few bank logins and if I can then somehow for example by social engineering find out other relevant information that I may need to access your online bank account then of course I can go online and pretend to be you now we haven't seen this in the wild yet because the sort of things that people likes used to do with man the middle of man and the browser attacks are easier but again this is an example of how truly implements and stuff can give just the appear of security and the curious thing is that some banks implemented their cap system in such a way as to be vulnerable to this such as Barclays whereas other banks such as the NatWest didn't and it was all a matter of I suppose luck you know the way stuff ended up being written because I'm sure that nobody actually tested this now the final attack that I'm going to discuss is EMV and random numbers this is what we've been doing most recently and what's basically happening here is that a high-level view of the EMV protocol is that the terminal sends a random number end to the card along with the date D and the amount X there's a lot more stuff but abstracting a way of what's relevant for this attack this is what's happening and the card then computes the authentication request cryptogram the AR QC on ND and x so what happens if I could predict the random number n for the debt D the answer is that if I have access to your card I can pre-compute some AR qc4 amount X and D okay so random numbers matter if random numbers are weak or if they could be manipulated afterwards then there's an attack in the system and how we discovered this was that a guy mister Gambon came to us he's a Maltese and he'd been on holiday in Majorca and he went and ate at a restaurant that is suspected of having been owned by organized crime and the following day in the 28th from June 2011 for transactions appear that a nearby ATM against his account and HSBC Julie paired up and then held him liable for the funds so he disputed this and we got the transaction logs and if you look at the right hand side there you can see what the random numbers are that's all generated by the ATM f1 to 406 e 0 for f1 2 4 1 3 5 4 and hey this looks a little bit like a cancer doesn't it you know it looks like in fact when you look at a number of more to such transactions it looks like a 17 bit constant followed by 15 bit counts of the cycles every three minutes so what we then did was to run some tests and so we went and bought three ATMs on eBay which was an interesting experience you could buy ATMs for a hundred bucks or so and we did and we went down to East London to take delivery from this warehouse that was full of dead ATMs dead gambling machines all sorts of other stuff like that and we handed over our cash to a couple of guys who look like they were al-qaeda terrorists from central casting lorded this ATM into the van and went back to Cambridge took it to pieces disassembled what we could found all sorts of strange stuff but we didn't actually find the random number generator so what we then did following what the criminals in France had done was to prove some electronics into genuine bank cards so here we have got a genuine working bank card that was issued to one of member of our team and what we've done is to instrument it with a CPU and some extra memory and one or two other glue components so that we can take a log of all the transactions that it does and this enables us to log with great precision all the bits that went into and out of the car as it does a transaction with an ATM and get a high precision timestamp on them and our modus operandi was then to go to an ATM and do a dozen balanced inquiries one after another followed by a small withdrawal of 20 pounds or so and this enabled us for one ATM after another to go and get good data on what the random number generators look like and what we found is that about half of ATMs are using consoles but the council's are mostly going fairly quickly and so it would be rather hard to exploit this possible but difficult again it's one of these academic attacks but you don't actually see in the field but what we have seed and this we described it a pepper which appeared at I Tripoli security and privacy in May what we have got since then is a live case of what happened in this case is that a sailor a British sailor who works on the Med went ashore to have a party and he went to that's fancy streets in Barcelona where they've got all the lovely topless bars and he went into a bar and he spent 33 euros and a round of drinks and the terminal appears to have recorded to have done not just one transaction but 10 anticipatory future transactions because thereafter every hour on the are the terminal done them for 3,300 euros and these transactions were filed through three different acquiring banks in one case the transaction appears to have been sort of repeated because you've got two transactions with the same application transaction counter because in addition to the random number generated by the pin entry device those are council generated by the card itself which is also supposed to make transactions unique and sometimes if it fails this is good forensic evidence so what appears to be happening here is that rather than going to the trouble of predicting the random numbers that you'll get at a particular terminal you simply Trojan the terminal or you get the terminal to save up future of transactions for its future use and if the transaction we did earlier was done with a random number of n and the terminal now wants to generate a random number of n Prime you just throw away n Prime and you follow the transaction with the random number n that you first thought of and this works what's the significance of this well has cast a law pointed out once you have got an attack on a system like this then if you have got malware infestations of large numbers of terminals and there's been other tops at this conference which described how that's sadly rather feasible then your mafiosi can sit in the center and kind of a number of terminals where he harvest transactions from high-value cardholders and he can have a number of terminals where he replays them now these could be terminals and places like the in crime or they could be high value terminals diamond dealer and Bond Street guys selling rolls-royce motor cars in Berkeley Square wherever if you manage to Trojan a terminal where in a merchant where you can get negotiable value away then of course use that as a cash out place and you can make all sorts of speculations about how a gang might efficiently go about doing this now we've not seen that yet but we have now seen a number of cases where somebody who goes and uses their transaction at some mildly criminal premises and in this sailors case this is some kind of pole dancing bar right so there's possibly some kind of mafia involvement in its ownership we've seen also cases in Krakov in Poland for a people on a stag night went and drank at a particular pub and there was another pub a brothel next door and the transactions appeared on the to come from the brothel next door and there was another case where people went on a stag night in this Urania and again transactions that he didn't recognize appeared later on which had obviously been gathered by means of some kind of Trojan terminal so this is now an attack that's clearly starting to be deployed and modus operandi is there are the kits obviously there obviously the somebody probably in Eastern Europe will make you a pin entry device or Trojan you a pin entry device that will do this and it's starting to be done back hand failures case RV Parsons mark Manchester Crown Court last year another vulnerability with EMV is that authorization and settlement are different floors so what Parsons did was he opened a number of bank accounts and he'd put say five thousand pounds in a bank account he'd get a chip and pin card he'd send his guy out to John Lewis or whatever to buy a big TV you know 4,000 pound transaction on the card they would then get the receipt which showed all the data pertaining to the transaction the time the serial number and so on and Parsons would then go online from his computer and pretend to be the merchant and he would reverse the transaction now the reversals weren't authenticated so he go into the bank system and he could make that card good to go out in an hour's time and buy another TV and another TV and another TV and there was an interesting trial last year at Manchester Crown Court I was one of the defense experts and the banks said he stole into two and a half billion and my joint expert saw stirred up the numbers and found it was seven and a half million and so our barrister had fun with the bank witnesses saying and tell me mr. bank the extra five million pounds that mr. Parsons got away with did this come from the accounts of the merchants or from the accounts of ordinary cardholders like mr. and mrs. juror the trial was ended in a funny way when mr. Parsons decided to become a fugitive all of a sudden and so the jury didn't get a chance to return a verdict in that case so anyway this is the sort of thing that goes on I'm beginning to run out of time so most the last couple of slides I think that one of the things we have to think about it which academic security researchers are prone to forget about is that this is to a large extent about how attacks kill if you've got something like the man in the middle attack then a couple of students can implement this in a few weeks and you can demonstrate it to a TV journalist you can get a good five-minute video shot and it's all good fun for everybody involved but how do you go about industrializing that you really have to have a high-value target a well-thought-out scenario and you know there may be better returns on your time if you're a crook then there's a medium scale stuff where a gang of crooks can take a few million before they get caught the noir pin attack in France for example and then there's the large-scale stuff which scales to nine or ten figures and forces industry action and so far most of the attacks that we've discussed that we've seen in the field or medium scalar tanks what last skill attacks could happen well if you had a real malware infestation in the EMV protocol fleet that might be a big deal you might be able to contain it using analytics I don't know are any of the analytics firms working on that I suspect not maybe it's a possibility something to work with it's worth thinking about it what does EMV hold for the USA well the effects of liability shift here might be mitigated by the fact that in America you generally get better consumer protection rhaggy for credit cards reg Z for debit cards and of course the Fed second many cars here proposed to use chip and signature and they're you're just getting the technical counterfeiting protection that you get from the card you're marketing the liability shift and Singapore went down this route and so we're about to see an interesting natural experiment if you end up with a hundred million Americans using chip and pit and a hundred million Americans using chip and signature then it's going to be very interesting in three or four years time to look at the fraud statistics and the statistics of consumer complaints and that should teach us all quite a lot in the meantime there's an awful lot of interesting stuff for people in this community to do because EMV isn't a single protocol that's cast in stone it's rather a big rambling crafty toolkit for you to build payment protocols and depending on how competent you are and how much attention you pay to the detail you can either come up with a protocol that's really rather secure or something that is really bloody awful and this applies not just to the mainstream protocol but the various things that get bolted on the site such as using EMV cards as authentication tokens and online banking broader lessons governance at global scale is hard nobody is a big enough bull in this crowd to push everybody else around not even the Fed and EMV cause largely been superseded by the vendor lobby another is that feature itis can break anything most people start using EMV for all sorts of new platforms and products and protocols it's gonna break again and again and again the security economics also matter issuers and acquirers of different interests even if their departments of the same bank the acquirer wants to get as many merchants as possible and the issuer is the person who ends up carrying a lot of the cost of fraud but the issuer isn't the person who's in a position to dictate exactly what systems the merchants use no one represents the pure consumer except perhaps in a half-hearted way the Fed or the other regulator in your country so what's the key to building such systems better well proper documentation reach notification responsible vulnerability disclosure all helped the approach we're taking in Europe with our NIS director for by breach has simply get reported to national intelligence agencies is not helpful because national intelligence agencies simply do not care about retail level fraud they've got other concerns and so long as governments put their capable geeks in places like the NSA rather than in the Fed you can't expect governments to be the frustra chorus for a solution to problems of this kind so an awful lot of interesting history an awful lot of fascinating attacks a lot of lessons the pre-play attacks in our 2014 Auckland pepper the dopin attacks appeared in Auckland in 2012 we've got a blog light blue touch paper dot-org where we publicize all sorts of new attacks that we get up with from time to time I've got a page at my home page on all the stuff that we've done on fraud which pulls together all the material that we've got some banking security of the security economic side the workshop and economics and information security is the annual event for people interested in this and the next edition will be in the Netherlands in June 2015 and finally there's my book security engineering a guide to building dependable distributed systems which gives a whole lot of the background to this and is available free online thank you

Info

Channel: Black Hat

Views: 46,546

Rating: 4.9154077 out of 5

Keywords: BlackHat, InfoSec, Black Hat USA 2014, Information Security, Black Hat

Id: ET0MFkRorbo

Channel Id: undefined

Length: 58min 56sec (3536 seconds)

Published: Tue Mar 17 2015

Reddit Comments