Comments: Naked Payments IV - let's all go naked

"naked transactions" and their vulnerabilities make up a major portion of the "data breaches" that have been in the news (orthogonal to lost/stolen card issue or individual related attakcs) ... this is also much of the source of the studies that claim something like 70% of the fraud involves insiders.

as i've previously claimed, x9.59 originally worked on in the mid-90s, goes a long way to eliminating such naked transactions and related vulnerabilityes
http://www.garlic.com/~lynn/x959.html#x959
http://www.garlic.com/~lynn/subpubkey.html#x959

and the subsequent aads chip strawman work
http://www.garlic.com/~lynn/x959.html#aads

was for hardware that was more secure that the most expensive DDA technology, less expensive than the cheapest SDA technology, and could meet the transit industry contactless transaction requirements for elapsed time and power consumption.

just for the fun of it:

UK bank card security flaws warning
http://euronews.net/create_html.php?page=detail_eco&article=363719&lng=1

from the above:

Fraud victim Alex Harvey, said she no longer trusts the system: "I am horrified and I think that banks are no longer secure; and that chip and pin certainly doesn't make cards more secure, it makes customers have to accept liability."

... snip ...

in any case, as previously mentioned, this "yes card" scenario was described in 2002 and possibly first appeared in various chip&pin trials as early as 1999.

past posts mentioning the "yes card" vulnerability:
http://www.garlic.com/~lynn/aadsm15.htm#25 WYTM?
http://www.garlic.com/~lynn/aadsm17.htm#13 A combined EMV and ID card
http://www.garlic.com/~lynn/aadsm17.htm#25 Single Identity. Was: PKI International Consortium
http://www.garlic.com/~lynn/aadsm17.htm#42 Article on passwords in Wired News
http://www.garlic.com/~lynn/aadsm18.htm#20 RPOW - Reusable Proofs of Work
http://www.garlic.com/~lynn/aadsm22.htm#20 FraudWatch - Chip&Pin, a new tenner (USD10)
http://www.garlic.com/~lynn/aadsm22.htm#23 FraudWatch - Chip&Pin, a new tenner (USD10)
http://www.garlic.com/~lynn/aadsm22.htm#29 Meccano Trojans coming to a desktop near you
http://www.garlic.com/~lynn/aadsm22.htm#33 Meccano Trojans coming to a desktop near you
http://www.garlic.com/~lynn/aadsm22.htm#34 FraudWatch - Chip&Pin, a new tenner (USD10)
http://www.garlic.com/~lynn/aadsm22.htm#39 FraudWatch - Chip&Pin, a new tenner (USD10)
http://www.garlic.com/~lynn/aadsm22.htm#40 FraudWatch - Chip&Pin, a new tenner (USD10)
http://www.garlic.com/~lynn/aadsm22.htm#47 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
http://www.garlic.com/~lynn/aadsm23.htm#2 News and Views - Mozo, Elliptics, eBay + fraud, naïve use of TLS and/or tokens
http://www.garlic.com/~lynn/aadsm23.htm#15 Security Soap Opera - (Central) banks don't (want to) know, MS prefers Brand X, airlines selling your identity, first transaction trojan
http://www.garlic.com/~lynn/aadsm23.htm#20 Petrol firm suspends chip-and-pin
http://www.garlic.com/~lynn/aadsm23.htm#25 Petrol firm suspends chip-and-pin
http://www.garlic.com/~lynn/aadsm23.htm#27 Chip-and-Pin terminals were replaced by "repairworkers"?
http://www.garlic.com/~lynn/aadsm23.htm#30 Petrol firm suspends chip-and-pin
http://www.garlic.com/~lynn/aadsm23.htm#43 Spring is here - that means Pressed Flowers
http://www.garlic.com/~lynn/aadsm23.htm#55 UK Detects Chip-And-PIN Security Flaw
http://www.garlic.com/~lynn/aadsm24.htm#0 FraudWatch - Chip&Pin, a new tenner (USD10)
http://www.garlic.com/~lynn/aadsm24.htm#1 UK Detects Chip-And-PIN Security Flaw
http://www.garlic.com/~lynn/aadsm24.htm#2 UK Banks Expected To Move To DDA EMV Cards
http://www.garlic.com/~lynn/2003o.html#37 Security of Oyster Cards
http://www.garlic.com/~lynn/2004g.html#45 command line switches [Re: [REALLY OT!] Overuse of symbolic constants]
http://www.garlic.com/~lynn/2004j.html#12 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
http://www.garlic.com/~lynn/2004j.html#13 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
http://www.garlic.com/~lynn/2004j.html#14 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
http://www.garlic.com/~lynn/2004j.html#35 A quote from Crypto-Gram
http://www.garlic.com/~lynn/2004j.html#39 Methods of payment
http://www.garlic.com/~lynn/2004j.html#44 Methods of payment
http://www.garlic.com/~lynn/2005u.html#13 AMD to leave x86 behind?
http://www.garlic.com/~lynn/2006d.html#31 Caller ID "spoofing"
http://www.garlic.com/~lynn/2006e.html#3 When *not* to sign an e-mail message?
http://www.garlic.com/~lynn/2006k.html#1 Passwords for bank sites - change or not?
http://www.garlic.com/~lynn/2006l.html#27 Google Architecture
http://www.garlic.com/~lynn/2006l.html#32 Google Architecture
http://www.garlic.com/~lynn/2006l.html#33 Google Architecture

Posted by Lynn Wheeler at June 12, 2006 05:41 PM

digitaltransactions June "paper" edition, available here as PDF file:
http://www.digitaltransactions.net/files/DTv3n5.pdf

has an article "The New Risk in PIN Debit" .. that mentions growing fraud involving PIN'ed transactions. PINs have been deemed more secure than signature transactions, but as "static data", they have been vulnerabilble to skimming/harvesting and "replay attacks" going back possibly nearly two decades.
http://www.garlic.com/~lynn/subpubkey.html#harvest

in fact, some of the skimming/harvesting technology used for skimming static data magstripe PIN'ed transaction are also applicable to the chip&pin static data "yes card" vulnerability. Related posting touching on some of the issues
http://www.garlic.com/~lynn/aadsm24.htm#8 Microsoft - will they bungle the security game?

part of this has been that multi-factor authentication (PIN as "something you know" and card as "something you have") has been considered to be more secure than single factor authentication ... based on implicit assumption that the different factors have different vulnerabilities/exploits; aka PIN has been considered countermeasure to lost/stolen card. misc. past posts mentioning 3-factor authentication model
http://www.garlic.com/~lynn/subpubkey.html#3factor

However skimming/harvesting (going back possibly two decades) of "static" data has made the magstripe (as well as chip&pin SDA) and PIN vulnerable to a common exploit ... invalidating the assumption regarding multi-factor authentication being more secure (assumption that the different factors aren't vulnerable to common exploits).

The article also makes some comments about just focusing on securing any specific point in the infrastructure isn't going to make the problems go away. This could be construed as supporting the observation that naked transactions can be extremely vulnerable at a large number of different points in the infrastructure (requiring that the total end-to-end business process be heavily armored w/o even the smallest chinks in the protection).

Posted by Lynn Wheeler at June 18, 2006 09:35 AM

some recent news articles

Visa Says ATM Breach May Have Exposed Data (data breach)
http://www.washingtonpost.com/wp-dyn/content/article/2006/06/20/AR2006062001526.html
Visa says ATM breach may have exposed data (data breach)
http://www.businessweek.com/ap/financialnews/D8ICADK00.htm?sub=apn_news_down&chan=db
Visa acknowledges ATM security breach may have exposed consumer data (data breach)
http://news.moneycentral.msn.com/provider/providerarticle.asp?feed=AP&Date=20060620&ID=5812107
Data theft affects 88 million-plus Americans
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1195270,00.html
Data Theft | A Million Identities Stolen From Two Financial Services Firms
http://www.informationweek.com/showArticle.jhtml?articleID=189501128
Staff key to stealing your data
http://www.nzherald.co.nz/section/11/story.cfm?c_id=5&ObjectID=10387484

in the mid-90s, the x9a10 financial standards working group had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments.

some of the other efforts from the period were looking at providing heavy "hiding" armoring .... equivalent of something like 250lb body suit for use in infantry 120degree hostile battle zone, but w/o any power assist or air conditioning; aka 100 times payload bloat and possibly 100-1000 times processing bloat.

part of x9a10 activity was looking at a major threat model being replay attacks (involving static data; aka insiders or outsiders skimming existing transactions would have enough information to perform fraudulent transactions). x9.59 provided for changing the paradigm and eliminating replay attack vulnerability by providing complete end-to-end dynamic transaction authentication that was extrodinarily lightweight in both payload and processing.

for the replay attack threat ... that shows up in all sort of insider as well as outsider data breaches ... x9.59 instead of attempting the approach infantry 250lb body armor with no power assist and no heating/cooling ... to constantly hide the information (even recognizing that the body armor might have to be removed or opened periodically) .... changed the paradigm and eliminated the replay attack threat altogether. it was no long necessary to completely hide all transactions in order to be invulnerable to replay attacks ... since there was no information that an (insider or outsider) attacker could skim that would be sufficient to enable fraudulent transactions.

leaving the paradigm vulnerable to replay attacks can lead to the enormously heavily armoring requiring 100 times processing and payload bloat to complete hide the information. however, transaction processing still requires that the heavy armoring has to be removed frequently as part of standard business processing ... leaving the transaction exposed and vulnerable in the standard business processing points (studies that claim 70percent of fraud in these types of environments involve insiders; skimming and various sorts of breaches).


Do you trust chip and Pin payment systems?
http://www.computerweekly.com/Articles/2006/06/20/216501/Do+you+trust+chip+and+Pin+payment+systems.htm

... from above

A contractor working for a major high street bank pointed to banks’ sensitivity on the issue. “We got an e-mail telling us not to talk to anyone about the chip and Pin fraud issues,” he said.

... snip ...

misc.
http://www.garlic.com/~lynn/aadsm24.htm#6
http://www.garlic.com/~lynn/aadsm24.htm#7
http://www.garlic.com/~lynn/aadsm24.htm#9

Posted by Lynn Wheeler at June 21, 2006 02:13 PM

Chip and SPIN; The switch to Chip and PIN may be for the benefit of banks rather than consumers, suggests Gervase Markham
http://business.timesonline.co.uk/article/0,,9075-2247493,00.html

from above ...

In reality, the clouds are gathering. One security research group at the University of Cambridge has successfully developed a prototype "skimmer", which could be miniaturised and built into any one of the hundreds of thousands of Chip and PIN terminals that UK consumers use every day.

... however, in the "yes card" scenario (from late 90s), the PIN doesn't actually have to be skimmed, just the chip equivalent of the magstripe information, since the terminal asks the (potentially counterfeit) card whether the entered PIN was correct or not (and if you were programming a counterfeit chip, what response would you be likely to program?).

note that the referenced article goes on to mention that the mechanics
of liability has also changed in the switch to chip and pin.

earlier "yes card" comments, including reference to chip and pin trials in the UK as early as 1997.
http://www.garlic.com/~lynn/aadsm24.htm#8

Posted by Lynn Wheeler at June 28, 2006 10:53 AM

'Banks Pass Buck On Fraud'
http://www.sky.com/skynews/article/0,,30100-13530753,00.html

from above ...

Chip and PIN was hailed as a breakthrough in card fraud but a Sky News investigation has shown the system may not be as secure as is claimed.

... snip ...

recent posts mentiong "yes card":
http://www.garlic.com/~lynn/aadsm23.htm#20 Petrol firm suspends chip-and-pin
http://www.garlic.com/~lynn/aadsm23.htm#25 Petrol firm suspends chip-and-pin
http://www.garlic.com/~lynn/aadsm23.htm#27 Chip-and-Pin terminals were replaced by "repairworkers"?
http://www.garlic.com/~lynn/aadsm23.htm#30 Petrol firm suspends chip-and-pin
http://www.garlic.com/~lynn/aadsm23.htm#43 Spring is here - that means Pressed Flowers
http://www.garlic.com/~lynn/aadsm23.htm#55 UK Detects Chip-And-PIN Security Flaw
http://www.garlic.com/~lynn/aadsm24.htm#0 FraudWatch - Chip&Pin, a new tenner (USD10)
http://www.garlic.com/~lynn/aadsm24.htm#1 UK Detects Chip-And-PIN Security Flaw
http://www.garlic.com/~lynn/aadsm24.htm#2 UK Banks Expected To Move To DDA EMV Cards
http://www.garlic.com/~lynn/aadsm24.htm#7 Naked Payments IV - let's all go naked
http://www.garlic.com/~lynn/aadsm24.htm#8 Microsoft - will they bungle the security game?
http://www.garlic.com/~lynn/aadsm24.htm#9 Naked Payments IV - let's all go naked
http://www.garlic.com/~lynn/aadsm24.htm#12 Naked Payments IV - let's all go naked

Posted by Lynn Wheeler at June 30, 2006 11:31 AM

French Banks Upgrade Security Of EMV Cards
http://www.cardtechnology.com/article.html?id=2006070569TSQ1WX

from above:

The DDA cards store an encryption key that generates a unique number, or signature, for each transaction. This signature is read by the point-of-sale terminal, which has a corresponding encryption key, so a transaction from a counterfeit card is unlikely to be approved. The DDA technology allows banks to more securely approve transactions at the terminal without having to send the transactions over the network for authorization.

... snip ...

this looks to close the "yes card", "replay attack" scenario with existing static data (skim static data in manner similar to skimming magstripe static data, using it to create counterfeit card).


an issue raised in the "naked transaction" scenario ... is whether the actual transaction is signed ... ala x9.59
http://www.garlic.com/~lynn/x959.html#x959
http://www.garlic.com/~lynn/subpubkey.html#x959

or is it an upgrade of the existing static data card authentication to dynamic data card authentication ... aka an end-point authentication ... but leaving the actual transaction otherwise naked ... and possibly vulnerable to things like man-in-the-middle attacks
http://www.garlic.com/~lynn/subpubkey.html#mitm

misc. past "yes card" and/or "naked transaction" postings:
http://www.garlic.com/~lynn/aadsm17.htm#13 A combined EMV and ID card
http://www.garlic.com/~lynn/aadsm17.htm#25 Single Identity. Was: PKI International Consortium
http://www.garlic.com/~lynn/aadsm17.htm#42 Article on passwords in Wired News
http://www.garlic.com/~lynn/aadsm18.htm#20 RPOW - Reusable Proofs of Work
http://www.garlic.com/~lynn/aadsm22.htm#20 FraudWatch - Chip&Pin, a new tenner (USD10)
http://www.garlic.com/~lynn/aadsm22.htm#23 FraudWatch - Chip&Pin, a new tenner (USD10)
http://www.garlic.com/~lynn/aadsm22.htm#29 Meccano Trojans coming to a desktop near you
http://www.garlic.com/~lynn/aadsm22.htm#33 Meccano Trojans coming to a desktop near you
http://www.garlic.com/~lynn/aadsm22.htm#34 FraudWatch - Chip&Pin, a new tenner (USD10)
http://www.garlic.com/~lynn/aadsm22.htm#39 FraudWatch - Chip&Pin, a new tenner (USD10)
http://www.garlic.com/~lynn/aadsm22.htm#40 FraudWatch - Chip&Pin, a new tenner (USD10)
http://www.garlic.com/~lynn/aadsm22.htm#47 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
http://www.garlic.com/~lynn/aadsm23.htm#2 News and Views - Mozo, Elliptics, eBay + fraud, naïve use of TLS and/or tokens
http://www.garlic.com/~lynn/aadsm23.htm#15 Security Soap Opera - (Central) banks don't (want to) know, MS prefers Brand X, airlines selling your identity, first transaction trojan
http://www.garlic.com/~lynn/aadsm23.htm#20 Petrol firm suspends chip-and-pin
http://www.garlic.com/~lynn/aadsm23.htm#25 Petrol firm suspends chip-and-pin
http://www.garlic.com/~lynn/aadsm23.htm#27 Chip-and-Pin terminals were replaced by "repairworkers"?
http://www.garlic.com/~lynn/aadsm23.htm#30 Petrol firm suspends chip-and-pin
http://www.garlic.com/~lynn/aadsm23.htm#43 Spring is here - that means Pressed Flowers
http://www.garlic.com/~lynn/aadsm23.htm#55 UK Detects Chip-And-PIN Security Flaw
http://www.garlic.com/~lynn/2003o.html#37 Security of Oyster Cards
http://www.garlic.com/~lynn/2004g.html#45 command line switches [Re: [REALLY OT!] Overuse of symbolic constants]
http://www.garlic.com/~lynn/2004j.html#12 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
http://www.garlic.com/~lynn/2004j.html#13 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
http://www.garlic.com/~lynn/2004j.html#14 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
http://www.garlic.com/~lynn/2004j.html#35 A quote from Crypto-Gram
http://www.garlic.com/~lynn/2004j.html#39 Methods of payment
http://www.garlic.com/~lynn/2004j.html#44 Methods of payment
http://www.garlic.com/~lynn/2005u.html#13 AMD to leave x86 behind?
http://www.garlic.com/~lynn/2006d.html#31 Caller ID "spoofing"
http://www.garlic.com/~lynn/2006e.html#3 When *not* to sign an e-mail message?
http://www.garlic.com/~lynn/2006k.html#0 Passwords for bank sites - change or not?
http://www.garlic.com/~lynn/2006l.html#27 Google Architecture
http://www.garlic.com/~lynn/2006l.html#32 Google Architecture
http://www.garlic.com/~lynn/2006l.html#33 Google Architecture
http://www.garlic.com/~lynn/2006m.html#15 OpenSSL Hacks
http://www.garlic.com/~lynn/2006m.html#24 OT - J B Hunt
http://www.garlic.com/~lynn/aadsm24.htm#0 FraudWatch - Chip&Pin, a new tenner (USD10)
http://www.garlic.com/~lynn/aadsm24.htm#1 UK Detects Chip-And-PIN Security Flaw
http://www.garlic.com/~lynn/aadsm24.htm#2 UK Banks Expected To Move To DDA EMV Cards
http://www.garlic.com/~lynn/aadsm24.htm#5 New ISO standard aims to ensure the security of financial transactions on the Internet
http://www.garlic.com/~lynn/aadsm24.htm#6 Securely handling credit card transactions earns Blackboard kudos
http://www.garlic.com/~lynn/aadsm24.htm#7 Naked Payments IV - let's all go naked
http://www.garlic.com/~lynn/aadsm24.htm#8 Microsoft - will they bungle the security game?
http://www.garlic.com/~lynn/aadsm24.htm#9 Naked Payments IV - let's all go naked
http://www.garlic.com/~lynn/aadsm24.htm#12 Naked Payments IV - let's all go naked
http://www.garlic.com/~lynn/aadsm24.htm#14 Naked Payments IV - let's all go naked
http://www.garlic.com/~lynn/aadsm24.htm#21 Use of TPM chip for RNG?

Posted by Lynn Wheeler at July 5, 2006 11:07 AM

France To Prioritize EMV DDA Cards By Mid-2007
http://www.epaynews.com/index.cgi?survey=&ref=browse&f=view&id=11521775048614134132&block=

from above

The mask in question supports all bank card applications in France, EMV and Moneo, and is certified to EAL 4+ level, the toughest card security standard in existence.

... snip ...

some comments about EAL4+ and higher evaluations
http://www.garlic.com/~lynn/aadsm24.htm#23 Use of TPM chip for RNG?

one of the issues for X9.59 standard
http://www.garlic.com/~lynn/x959.html#x959
http://www.garlic.com/~lynn/subpubkey.html#x959

and "signing" the transaction directly and avoiding "naked transactions" involved various kinds of MITM-attacks
http://www.garlic.com/~lynn/subpubkey.html#mitm

some that might even involve a pair of cards, one counterfeit and one valid.

a few past chip&pin posts happening to mention MITM
http://www.garlic.com/~lynn/aadsm23.htm#19 Petrol firm suspends chip-and-pin
http://www.garlic.com/~lynn/aadsm23.htm#34 Chip-and-Pin terminals were replaced by "repairworkers"?
http://www.garlic.com/~lynn/aadsm23.htm#56 UK Detects Chip-And-PIN Security Flaw
http://www.garlic.com/~lynn/aadsm24.htm#1 UK Detects Chip-And-PIN Security Flaw
http://www.garlic.com/~lynn/aadsm24.htm#22 Naked Payments IV - let's all go naked

Posted by Lynn Wheeler at July 6, 2006 11:43 AM

re:
http://www.garlic.com/~lynn/aadsm24.htm#22 Naked Payments IV - let's all go naked

notes:

French Banks Upgrade Security Of EMV Cards
http://www.cardtechnology.com/article.html?id=2006070569TSQ1WX

that the terminal can approve transactions at the terminal w/o having to send the transactions over the network.

however
http://www.garlic.com/~lynn/aadsm24.htm#24 Naked Payments IV - let's all go naked

notes:

France To Prioritize EMV DDA Cards By Mid-2007
http://www.epaynews.com/index.cgi?survey=&ref=browse&f=view&id=11521775048614134132&block=

mentions that the DDA card can be authenticated at the terminal w/o having to send a separate transaction over the network (leaving it open whether the terminal will authorize the transaction or the transaction is set over the network for authorization, separate from the card authentication).

this EMV DDA article:

Banks urged to use new technology for combating credit card frauds
http://www.gulf-times.com/site/topics/article.asp?cu_no=2&item_no=91869&version=1&template_id=36&parent_id=16

mentions the following:

However, the DDA technology would give the optimum results only if the transactions were done online

...

the issues about

1) whether the transaction is authorized online or offline (at the terminal) and

2) pros & cons of having authentication of the card as opposed to transaction authentication

have been discussed in some detail in the various naked payment/transaction threads
https://financialcryptography.com/mt/archives/000745.html
https://financialcryptography.com/mt/archives/000744.html
https://financialcryptography.com/mt/archives/000747.html
https://financialcryptography.com/mt/archives/000749.html

Posted by Lynn Wheeler at July 16, 2006 01:22 AM
Post a comment









Remember personal info?






Hit Preview to see your comment.
MT::App::Comments=HASH(0x55a027bb5680) Subroutine MT::Blog::SUPER::site_url redefined at /home/iang/www/fc/cgi-bin/mt/lib/MT/Object.pm line 125.