oR2OiX
12.07.2015 Views
Share Embed Flag

oR2OiX

oR2OiX

oR2OiX

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
  • No tags were found...
hackerfantastic

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Practical EMV PIN interceptionandfraud detectionAndrea BarisaniDaniele BiancoCopyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

2007: Unusual Car Navigation TricksInjecting RDS-TMC Traffic Information Signals2009: Sniff Keystrokes With Lasers/VoltmetersSide Channel Attacks Using Optical Sampling OfMechanical Energy And Power Line Leakage2011: Chip & PIN is definitely brokenCredit card skimming and PIN harvesting in an EMV world2013: Fully arbitrary 802.3 packet injectionMaximizing the Ethernet attack surfaceCopyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

What is EMV?EMV stands for Europay, MasterCard and VISA, the globalstandard for inter-operation of integrated circuit cards (IC cardsor "chip cards") and IC card capable point of sale (POS) terminalsand automated teller machines (ATMs), for authenticating creditand debit card transactions.IC card systems based on EMV are being phased in across theworld, under names such as "IC Credit" and "Chip and PIN".Source: WikipediaCopyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

Why EMV?ICC / smartcardimproved security over existing magnetic stripe technology“offline” card verification and transaction approval multiple applications on one card Practical EMV PIN interception and fraud detectionCopyright 2014 Inverse Path S.r.l.

Liability shiftliability shifts away from the merchant to the bank in mostcases (though if merchant does not roll EMV then liabilityexplicitly shifts to it)however the cardholders are assumed to be liable unless theycan unquestionably prove they were not present for thetransaction, did not authorize the transaction, and did notinadvertently assist the transaction through PIN disclosurePIN verification, with the help of EMV, increasingly becomes“proof” of cardholder presenceCopyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

Liability shiftCanadian Imperial Bank of Commerce (CIBC) spokesman RobMcLeod said in relation to a $81,276 fraud case: “our recordsshow that this was a chip-and-PIN transaction. This means [thecustomer] personal card and personal PIN number were usedin carrying out this transaction. As a result, [the customer] isliable for the transaction.”The Globe and Mail, 14 Jun 2011Copyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

EMV is brokenS. J. Murdoch, S. Drimer, R. Anderson, M. Bond, “Chip and PINis Broken” - University of Cambridge (stolen cards can besuccessfully used without knowing the PIN)A. Barisani, D. Bianco, A. Laurie, Z. Franken, “Chip & PIN isdefinitely broken” (PIN harvesting on all kind of EMV cards)M. Bond, O. Choudary, S. J. Murdoch, S. Skorobogatov, R.Anderson“Chip and Skim: cloning EMV cards with the pre-playattack” - University of CambridgeCopyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

ATM skimmersCopyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

EMV skimmers (research)Copyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

EMV skimmers (research)Copyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

EMV skimmerswe predicted that skimming the chip would become anextremely appealing target to fraudstersthe chip interface is inherently accessibleit becomes impossible for the user to verify if the terminal hasbeen tampered as the chip interface is not visible (unlike mostmagnetic stripe one for POS terminals)an EMV skimmer could go undetected for a very long timeand requires little installation effortCopyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

chip skimmer installations dated 2008 have been reported in thewild by law enforcement authorities after our “Chip & PIN isdefinitely broken” presentation was made availableCopyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

EMV skimmers (practice)Copyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

EMV skimmertrivial installation by “hooking” with a special cardpowered by the POS itselfdata can be downloaded with a special card recognized by theskimmer little development effort + cheap Practical EMV PIN interception and fraud detectionCopyright 2014 Inverse Path S.r.l.

EMV smartcardsinformation is stored on a filesystem organized in applications,files and recordsthe terminal talks to the card via APDU messages for readingrecords and issuing commandsExamples:00A404000E315041592E5359532E4444463031

Terminal command/data exchange Card------- INITIATE APPLICATION PROCESSING ---------get application list -->-------------- CARD AUTHENTICATION --------------read data (SDA) | internal authenticate (DDA) PAN: Primary Account Number if offline PIN is present and ARQC when online PIN

The main design flaws of EMV1. reading data, authenticating the card, authenticating thecardholder, authorizing a transaction are separate steps notsecurely tied together2. the amount of unencrypted and unauthenticated dataexchanged between the card and the terminal is excessive3. the backend relies on the correct and secure operation of theterminal (which cannot be guaranteed)Copyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

EMV application data - magstripe cloneThe CVV (228) matches the magstripe one only for cards that donot use iCVV (a different stored value to protect against thisattack, introduced in January 2008)Copyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

EMV application data - magstripe clonewhile the service code on the magstripe might indicate thatthe chip must be used, inserting a card without a readablechip will trigger magstripe fallback on all tested terminalsEMV skimmers cannot clone successfully to magstripe as iCVVis usedthe possibility of massive harvesting + being protected by a 3digits code is not a comforting scenarioCopyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

EMV application data - online usageapplication data can be used to perform Card Not Presenttransactions (online, phone, ...) with parties that do not checkCard Security Code (CVV, CVV2, ...) and do not employ 3-Dsecure (Verified by Visa, MasterCard SecureCode)the amount of websites that do not check the security code isnot negligible (Amazon)annoying but customer has very high chances to always getrefunded, fraudster theoretically cannot cash out (only goods& services, practice is a little different however)Copyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

Forging Offline Transactionsthe EMV standard enables the possibility of performing offlinetransactions without the need of immediate online interactionwith the backendSDA and DDA fail to provide any security for offlinetransactions as they can be either cloned (SDA) or tamperedwith (DDA)the CDA standard has been specifically created to addresssuch flaws but it is assumed ineffective due to backwardcompatibility supportCopyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

The pre-play attack - theorydiscovered by the fine people at Cambridge.it highlights the poor design choices made in the EMVprotocolthe Terminal generates the Unpredictable Number (UN) andnot the backendUN prediction or manipulation effectively results in a clone fora specific transactionCopyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

The pre-play attack - implementationan attacker collects the transaction data (ARQC) from agenuine transactiondata is re-played when the UN matcheslimitation: country, amount, currency and date must match theoriginal transactiona valid PIN is, theoretically, only required for ATMs (forcedonline verification)Copyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

The pre-play attack - detectiontransaction backends should validate the freshness of UNs anddetect implementation errors and/or pre-playsthe implementation of Application Transaction Counter (ATC)validation would raise an alarm in case of re-usethe specific attack limitations ease, however not conclusively,its detectionCopyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

The PIN Verification “wedge” attack - theoryan EMV skimmer and/or “shim” manipulates the PINverification stepTerminal: “is this a valid PIN ?”

clean runMITM runREADER : 00 B2 02 0C 00 00 B2 02 0C 00CARD : 6C 54 6C 54READER : 00 B2 02 0C 54 00 B2 02 0C 54CARD : 70 52 5F 25 03 11 08 12 70 52 5F 25 03 11 08 125F 24 03 14 09 30 5A 08 5F 24 03 14 09 30 5A 08██ ██ ██ ██ ██ ██ ██ ██5F 34 01 01 9F 07 02 FF██ ██ ██ ██ ██ ██ ██ ██5F 34 01 01 9F 07 02 FF00 8E 10 00 00 00 00 00 00 8E 10 00 00 00 00 0000 00 00 01 03 02 03 1E 00 00 00 01 03 02 03 1E CVM List preferred method03 1F 00 9F 0D 05 B8 78 03 1F 00 9F 0D 05 B8 78 01 = plaintext PINAC 80 00 9F 0E 05 00 00 AC 80 00 9F 0E 05 00 00... ...READER : 80 CA 9F 17 00 80 CA 9F 17 00 read PIN try counterCARD : 6C 04 6C 04READER : 80 CA 9F 17 04 80 CA 9F 17 04 read PIN try counterCARD : CA 9F 17 01 04 90 00 CA 9F 17 01 04 90 00READER : 00 20 00 80 08 intercepted verify PINCARD : 20 --READER : 25██ ██ █F FF FF FF FF intercepted APDU verify PIN command blockedCARD : 90 00 90 00 ADPU response spoofed (0x9000 == PIN OK)READER : 80 AE 80 00 1D 80 AE 80 00 1D generate AC (ARQC)CARD : AE AEREADER : 00 00 00 00 08 00 00 00 00 00 00 00 08 00 00 00 generate AC (data)00 00 00 00 03 80 00 00 00 00 00 00 03 80 00 0000 80 00 09 78 14 05 22 00 80 00 09 78 14 05 2200 FC 37 B5 CE 00 FC 37 B5 CECARD : 61 20 61 20READER : 00 C0 00 00 20 00 C0 00 00 20 get responseCARD : C0 77 1E 9F 27 01 80 9F C0 77 1E 9F 27 01 80 9F36 02 00 28 9F 26 08 7F 36 02 00 28 9F 26 08 7F76 50 22 B4 E2 0A C9 9F 76 50 22 B4 E2 0A C9 9F CVR in the IAD (tag 9F 10) indicates that the card10 07 06 01 0A 03 A4 A0 10 07 06 01 0A 03 A0 A0 did not perform any PIN verification in the MITM run04 90 00 04 90 00 b3 in byte 5 => 06 01 0A 03 A0 A0 04... ... ^^Copyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

The PIN Verification “wedge” attack - detectionthe attack can be detected on the backed by correlating theCardholder Verification Method Results (CVMR) generated bythe Terminal, and the Issuer Application Data (IAD) generatedby the cardthe IAD includes the Card Verification Results (CVR) thatprovides the card view of the transaction, unfortunately thisfield is vendor dependentCopyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

CVM Downgrade attack - theorydescribed in our presentation “Chip & PIN is definitely broken”the CVM List is used by the Card to announce to the Terminalits cardholder verification support and preferencesthe CVM List is signed and is part of the Offline AuthenticationDataa failure in signature verification still results in Terminalapplication of the passed CVM ListCopyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

Cardholder verificationthe card advertises to the terminal the cardholder verificationmethod preference via the CVM List (tag 8E)Cardholder Verification Method (CVM) Condition Codes-----------------------------------------------------------------------------------------------------------------------------Bits Meaning Value8 7 6 5 4 3 2 10 RFU N/A0 Fail cardholder verification if this CVM is unsuccessful N/A1 Apply succeeding CV rule if this CVM is unsuccessful N/A0 0 0 0 0 0 Fail CVM processing 00 or 400 0 0 0 0 1 Plaintext PIN verification performed by ICC 01 or 410 0 0 0 1 0 Enciphered PIN verified online 02 or 420 0 0 0 1 1 Plaintext PIN verification by ICC and signature (paper) 03 or 430 0 0 1 0 0 Enciphered PIN verification by ICC 04 or 440 0 0 1 0 1 Enciphered PIN verification by ICC and signature (paper) 05 or 450 0 0 1 0 1 Enciphered PIN verification by ICC and signature (paper) 05 or 450 x x x x x Values in range 000110 – 011101 reserved for future use 06-1D/16-5D0 1 1 1 1 0 Signature (paper) 1E or 5E0 1 1 1 1 1 No CVM required 1F or 5F1 0 x x x x Values in range 100000 – 101111 reserved for future use 20-2F/60-6F1 1 x x x x Values in range 110000 – 111110 reserved for future use 30-3E/70-7E1 1 1 1 1 1 Not available 3F or 7FCopyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

Action Codesassuming a scenario with DDA only cards and a “secure” CVMList can we still harvest the PIN ?Issuer Action Codes (card) and Terminal Action Codes(terminal) specify policies for accepting or rejectingtransactions (using TVR specifications)Issuer Action Codes and Terminal Action Codes are OR'edthree kinds: Denial, Online, Default; the Online Action Codesspecify which failure conditions trigger online transactionsCopyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

Action Codes Example9f0e Issuer Action Code - Denial (5 bytes): 00 00 00 00 009f0f Issuer Action Code - Online (5 bytes): f0 78 fc f8 009f0d Issuer Action Code – Default (5 bytes): f0 78 fc a0 00translation: “do not deny a transaction without attempting togo online, if offline SDA fails transmit the transaction online”in all tested terminals / cards we were able to manipulate theaction codes (when necessary) so that tampering with theCVM List would not result in offline rejectionCopyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

clean runMITM runREADER : 00 B2 02 0C 00 00 B2 02 0C 00CARD : 6C 54 6C 54READER : 00 B2 02 0C 54 00 B2 02 0C 54CARD : 70 52 5F 25 03 11 08 12 70 52 5F 25 03 11 08 125F 24 03 14 09 30 5A 08 5F 24 03 14 09 30 5A 08██ ██ ██ ██ ██ ██ ██ ██5F 34 01 01 9F 07 02 FF██ ██ ██ ██ ██ ██ ██ ██5F 34 01 01 9F 07 02 FF00 8E 10 00 00 00 00 00 00 8E 10 00 00 00 00 0000 00 00 02 03 01 03 1E 00 00 00 01 03 01 03 1E CVM List modification (01 > plaintext, 02 > enciphered)03 1F 00 9F 0D 05 B8 78 03 1F 00 9F 0D 05 B8 78AC 80 00 9F 0E 05 00 00 AC 80 00 9F 0E 05 00 0000 00 00 9F 0F 05 B8 78 00 00 00 9F 0F 05 B8 78BC 98 00 5F 28 02 03 80 BC 98 00 5F 28 02 03 809F 4A 01 82 90 00 9F 4A 01 82 90 00... ...READER : 80 CA 9F 17 00 read PIN try counterCARD : 6C 04READER : 80 CA 9F 17 04 read PIN try counterCARD : CA 9F 17 01 04 90 00READER : 00 20 00 80 08 verify PINCARD : 20READER : 25 ██ ██ XF FF FF FF FF forced plaintext PIN interceptionCARD : 90 00 PIN OKREADER : 80 AE 80 00 1D 80 AE 80 00 1D generate AC (ARQC)CARD : AE AEREADER : 00 00 00 00 08 00 00 00 00 00 00 00 08 00 00 00 generate AC (data)00 00 00 00 03 80 00 00 00 00 00 00 03 80 08 00 TVR indicates a DDA failure in the MITM run00 80 00 09 78 14 05 22 00 80 00 09 78 14 05 22 b4 in byte 1 => 03 80 08 0000 FC 37 B5 CE 00 FC 37 B5 CE ^^CARD : 61 20 61 20... ...Copyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

CVM Downgrade attack - detectionthe Terminal Verification Results (TVR) indicate offline dataauthentication failureevery backend we have tested accepts failures in offline dataauthentication without raising an alarm, additionally it is quitecommon to witness the lack of offline data processingsuch markers however are not conclusive evidence, as theterminal can be reset before any communication to thebackend. POS firmwares must be updated to refuse offline andplaintext PIN verification in case of signature invalidation.Copyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

The PIN Verification “wedge” attack"We have observed variations between countries. While cardsfrom Belgium and Estonia work like British cards, we havetested cards from Switzerland and Germany whose CVM listsspecify either chip and signature or online PIN, at least whileused abroad. The attack described here is not applicable tothem."Turns out it actually is...Copyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

CVM Downgrade + PIN Verification “wedge”the combination of the two attacks allows using stolen cardsregardless of their configurationthis has been successfully tested on European productionsystems in the summer of 2014.it works regardless of card configuration, it has been eventested with cards that do not store any PIN on the smartcard(online only)Copyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

clean runMITM runREADER : 00 B2 02 0C 00 00 B2 02 0C 00CARD : 6C 54 6C 54READER : 00 B2 02 0C 54 00 B2 02 0C 54CARD : 70 52 5F 25 03 11 08 12 70 52 5F 25 03 11 08 125F 24 03 14 09 30 5A 08 5F 24 03 14 09 30 5A 08██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██5F 34 01 01 9F 07 02 FF 5F 34 01 01 9F 07 02 FF00 8E 10 00 00 00 00 00 00 8E 10 00 00 00 00 0000 00 00 02 03 01 03 1E 00 00 00 01 03 01 03 1E CVM List modification (01 > plaintext, 02 > enciphered)03 1F 00 9F 0D 05 B8 78 03 1F 00 9F 0D 05 B8 78... ...READER : 80 CA 9F 17 00 read PIN try counterCARD : 6C 04READER : 80 CA 9F 17 04 read PIN try counterCARD : CA 9F 17 01 04 90 00READER : 00 20 00 80 08 verify PINCARD : 20READER : 25 12 34 5F FF FF FF FF APDU verify PIN command blockedCARD : 90 00 ADPU response spoofed (0x9000 == PIN OK)READER : 80 AE 80 00 1D 80 AE 80 00 1D generate AC (ARQC)CARD : AE AEREADER : 00 00 00 00 08 00 00 00 00 00 00 00 08 00 00 00 generate AC (data)00 00 00 00 03 80 00 00 00 00 00 00 03 80 08 00 TVR indicates DDA failed in the MITM run00 80 00 09 78 14 05 22 00 80 00 09 78 14 05 22 b4 in byte 1 => 03 80 08 0000 FC 37 B5 CE 00 FC 37 B5 CE ^^CARD : 61 20 61 20READER : 00 C0 00 00 20 00 C0 00 00 20 get responseCARD : C0 77 1E 9F 27 01 80 9F C0 77 1E 9F 27 01 80 9F36 02 00 28 9F 26 08 7F 36 02 00 28 9F 26 08 7F76 50 22 B4 E2 0A C9 9F 76 50 22 B4 E2 0A C9 9F CVR in the IAD (tag 9F 10) indicates that the card10 07 06 01 0A 03 A0 A0 10 07 06 01 0A 03 A0 A0 did not perform any PIN verification in the MITM run04 90 00 04 90 00 b3 in byte 5 => 06 01 0A 03 A0 A0 04... ... ^^Copyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

Transaction Certificate & Receiptsthe Transaction Certificate (TC) represents a “proof oftransaction” signed by the card, in the very last phase (2ndGENERATE AC)the TC is not immediately sent to the backend and, in ourexperience, never parsed until a dispute arisestampering with the TC does not invalidate the transactionin fact the TC, IAD and ATC of the last phase can all betampered with, receipts cannot be trustedCopyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

Copyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

Fraud & LiabilityInverse Path consulted several fraud victims in the past 4 years.To defend their claims against cardholders, banks typicallyleverage on the following arguments:PIN verification cannot be compromised with EMVenciphered PIN guarantees securityon-line PIN cannot be interceptedplaintext PIN is kept for backwards compatibility and canonly be forced with “terminal tampering” and on “specificconfigurations”Copyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

Fraud & LiabilityThe CVM downgrade attack invalidates claims concerning PINprotection. The PIN can always be covertly intercepted leaving notraces in the backend logs.The PIN verification “wedge” attack, and its combination with theCVM downgrade one, require careful terminal/backend logcorrelation to prove the absence of malicious EMV protocolmanipulations.In case of fraud and disputes the bank should providecomprehensive transaction logs, including the UN, TVR, IAD andATC.Copyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

What to ask for?Attack Effect Markerpre-play transaction cloning Unpredictable Number (UN)Application Transaction Counter (ATC)CVM downgrade PIN interception Terminal Verification Results (TVR)PIN verification “wedge”PIN spoofing onoffline PIN selectedCardholder Verification Method (CVM) ResultsIssuer Application Data (IAD)CVM downgrade +PIN verification “wedge”PIN spoofingTerminal Verification Results (TVR)Cardholder Verification Method (CVM) ResultsIssuer Application Data (IAD)It is essential to acquire backend data opposed to solely theterminal one.Copyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

What to ask for?MarkerInformationUnpredictable NumberApplication TransactionCounterTerminal VerificationResultsCardholder VerificationMethod ResultsThe freshness of affected terminal UNs must be proved,additionally no matching UNs from comparable transaction withinthe same day must be present.Gaps in the ATC must be accounted for.TVR must not show offline data authentication failures.CVM Results must agree with the CVR, included in the IAD, inrelation to PIN verification.Issuer Application DataThe CVR, included in the IAD, must agree with the CVM Results inrelation to PIN verification.Copyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

Typical dispute outcomes1. Arbiter rules that “The burden of proof in fraud claims shall fallin the owner of the payment infrastructure”. In addition it is ruledthat the PIN “can be acquired in many ways that are outside thecardholder control”.2. Refund of fraudulent charges is processed as soon as detailedlogs are requested.Copyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

Q&AThanks!www.inversepath.comCopyright 2014 Inverse Path S.r.l.Practical EMV PIN interception and fraud detection

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!