Cambridge University researchers Mike Bond, Omar Choudary, Steven J Murdoch, Sergei Skorobogatov and Ross Anderson have exposed major security flaws in the chip-and-pin payment card. On Monday they talked at the 2014 IEEE Symposium on Security and Privacy in San Jose California about the fact that although more than two years have passed since they first reported, the banks still didn’t fix all of them.
Their paper is called ‘Chip and Skim: Cloning EMV Cards with the Pre-Play Attack’ and details how easy is for the thieves to clone the payment card and make purchases as if they were you. This is made possible by the flawed implementation of the EMV chip-and-pin standard in all the widely-used ATMs.
One of the problems is the generation of random code numbers used to secure the transactions. The algorithm is very simple and can be predicted, making the “secret” numbers not so secret after all. The researchers certified that these attacks are invisible to the banks, so we should not put the blame on them if they refuse to refund the victims or “claim that EMV cards cannot be cloned”.
Due to a design flaw in the EMW specs PIN codes could also be vulnerable to ‘man-in-the-middle’ attacks. The PIN could be intercepted with a malware software installed in an ATM or POS and replaced with one known by the hackers.
The researchers say, in a 19 May blog about the problem, that both attacks are used “in the wild”. “Our paper shows that chip and pin, as currently implemented, still has serious vulnerabilities, which might leave customers at risk of fraud.”, said the Cambridge researchers.
The EMV standard designed to protect the worlds 1.62 billion payment cards is commonly used in Europe and Asia, but just now – following the hacks at Target and other retail stores – it’s starting to be introduced in the United States.
Although this is a good thing, the researchers say that more could have been done: “Almost two years after our disclosure of the protocol flaw, nothing appears to have been done. The world’s fleet of EMV terminals remain vulnerable to attacks involving either terminal malware or man-in-the-middle manipulation of communications.”
“We are now publishing the results of our research so that customers whose claims for refunds have been wrongly denied have the evidence to pursue them, and so that the crypto, security and bank regulation communities can learn the lessons.”
Some positive signs could be observed, as the bank regulators started responding to their numerous warnings: “It is welcome that the US Federal Reserve is now paying attention, and time for European regulators to follow suit.”
Dr Guy Bunker, a senior vice president with data loss prevention product vendor Clearswift, is supporting the researchers’ and is demanding a more active involvement of the banks:
“It’s critical that the security flaw found with EMV payments is made clear to cyber security professionals, consumers and banks. If banks are under the misconception that incidences of fraud are ‘impossible’ due to clone-proof EMV cards, then both the bank and the consumer are at risk.”
Bunker added: “It’s crucial that the extent of this flaw and the extent of information loss is analysed in depth to create a robust policy and the right technology to mitigate further risk. The fight against cyber-criminals is not a battle, it’s a war – and as time goes on new vulnerabilities will be found and then exploited; organizations cannot afford to let down their guard, or put their heads in the sand.”
Graeme Batsman, security director at independent UK-based IT security investigations company EncSec, says that the users are at risk because of the continuous delays between the manufacturers trying to fix the problems and the banks:
“Similar to Heartbleed, the flaws have been around for years and the good guys may not be the first ones to find them. Still, to this day, a sizable percentage of OpenSSL implementations are still flawed. Chip and pin will be the same, a number would have been replaced or patched and a number will still remain flawed.”
The researchers further state in their paper that “the shocking fact that many ATMs and point-of-sale terminals have seriously defective random number generators” seems to be overlooked by the banks, “perhaps reasoning that it is difficult to scale up an attack that involves access to specific physical cards and also the installation of malware or wiretaps on specific terminals”.
But they say: “We disagree. The Target compromise shows that criminals can deploy malware on merchant terminals widely and exploit it to earn serious money. The move to terminals based on mobile phones may expose this flaw to industrial-scale exploitation by malware that can be spread through the mobile phone population much more easily than through the terminal fleet.”
