May 06, 2006

Petrol firm suspends chip-and-pin

Lynn points to BBC on: Petrol giant Shell has suspended chip-and-pin payments in 600 UK petrol stations after more than £1m was siphoned out of customers' accounts. Eight people, including one from Guildford, Surrey and another from Portsmouth, Hants, have been arrested in connection with the fraud inquiry.

The Association of Payment Clearing Services (Apacs) said the fraud related to just one petrol chain. Shell said it hoped to restore the chip-and-pin service before Monday.

"These Pin pads are supposed to be tamper resistant, they are supposed to shut down, so that has obviously failed," said Apacs spokeswoman Sandra Quinn. Shell has nearly 1,000 outlets in the UK, 400 of which are run by franchisees who will continue to use chip-and-pin.

A Shell spokeswoman said: "We have temporarily suspended chip and pin availability in our UK company-owned service stations. This is a precautionary measure to protect the security of our customers' transactions. You can still pay for your fuel, goods or services with your card by swipe and signature. We will reintroduce chip and pin as soon as it is possible, following consultation with the terminal manufacturer, card companies and the relevant authorities."

BP is also looking into card fraud at petrol stations in Worcestershire but it is not known if this is connected to chip-and-pin.

And immediately followed by more details in this article: Customers across the country have had their credit and debit card details copied by fraudsters, and then money withdrawn from their accounts. More than £1 million has been siphoned off by the fraudsters, and an investigation by the Metropolitan Police's Cheque and Plastic Crime Unit is under way.

The association's spokeswoman Sandra Quinn said: "They have used an old style skimming device. They are skimming the card, copying the magnetic details - there is no new fraud here. They have managed to tamper with the pin pads. These pads are supposed to be tamper resistant, they are supposed to shut down, so that has obviously failed."

Ms Quinn said the fraud related to one petrol chain: "This is a specific issue for Shell and their supplier to sort out. We are confident that this is not a systemic issue."

Such issues have been discussed before.

Posted by iang at May 6, 2006 10:08 AM | TrackBack
Comments

some of the details are obscured. it seems that information is being skimmed in a chip&pin transactions to create a counterfeit magstripe cards. possibly both magstripe credit transactions and apparently also magstripe pin-debit transactions (using the pin entered during chip&pin transactions).

what isn't clear is whether the skimming of the magstripe information comes from physically reading the magstripe on a chip&pin card (during a chip&pin transaction) or if there is an image of the magstripe transmitted during the chip&pin transactions (which can be evesdropped). Basically using static data based authentication for replay attacks.

as mentioned in the earlier posts ... there have already been comments about not using chip&pin for internet transactions because of (some) vulnerabilities. internet vulnerabilities tend to either be various kinds of phishing or skimming/harvesting/evesdropping (for replay attacks):
http://www.garlic.com/~lynn/subpubkey.html#harvest

or mitm-attacks
http://www.garlic.com/~lynn/subpubkey.html#mitm

recent posts
http://www.garlic.com/~lynn/aadsm23.htm#16
http://www.garlic.com/~lynn/aadsm23.htm#17
http://www.garlic.com/~lynn/aadsm23.htm#18

as previously noted, the financial standards x9a10 working group in the mid-90s had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments ... this was all as to type of payment (credit, debit, stored-value, e-check, ALL) as well as environment (point-of-sale, face-to-face, non-face-to-face, internet, ALL)
http://www.garlic.com/~lynn/x959.html#x959
http://www.garlic.com/~lynn/subpubkey.html#x959

Posted by: Lynn Wheeler at May 6, 2006 11:46 AM

CHIP AND PIN CARDS IN CHAOS
http://www.tmcnet.com/usubmit/-chip-p-cards-chaos-/2006/05/07/1639879.htm

from above:

Association's spokeswoman Sandra Quinn said: "They have used an old-style skimming device. They are skimming the card and copying the magnetic details.

... snip ...

Eight arrests in GLB1m fraud
http://scotlandonsunday.scotsman.com/index.cfm?id=684712006

from above:

Spokeswoman Sandra Quinn said: "They are skimming the card, copying the magnetic details - there is no new fraud here.

... snip ...

Petrol firm suspends chip-and-pin
http://news.bbc.co.uk/1/hi/england/4980190.stm

however, from above:

A Shell spokeswoman said: "Shell's chip-and-pin solution is fully accredited and complies with all relevant industry standards.

Chip and pin machine Chip and pin cards are designed to prevent fraud

We have temporarily suspended chip-and-pin availability in our UK company-owned service stations.

This is a precautionary measure to protect the security of our customers' transactions.

You can still pay for your fuel, goods or services with your card by swipe and signature.

... snip ...

??? so if it is ok to swipe your magstripe ... where is the information being skimmed (for production of a counterfeit magstripe card) ... is it possible an image of the magstripe is also in the chip and is being skimmed by evesdropping the chip protocol.

Posted by: Lynn Wheeler at May 7, 2006 09:27 AM

Shell PINpads have an integrated chip and magstripe reader.
So it follows that the magstripe info is gathered from the (tampered-with) PINpad.

Posted by: Matt P at May 8, 2006 04:52 AM

Shell PINpads have an integrated chip and magstripe reader.
So it follows that the magstripe info is gathered from the (tampered-with) PINpad.

Posted by: Matt P at May 8, 2006 04:52 AM

Who makes the PINPad's for their solution? Presumably they must have been tested / certified to be compliant with appropriate standards - so is it the standard or the validation that is at fault I wonder...?

Posted by: robb english at May 8, 2006 09:05 AM

Trintech - probably the Smart 5000 PED.

Posted by: Rog. at May 8, 2006 10:47 AM

this shows a picture of a smart 5000 ped
http://linuxdevices.com/articles/AT5376216178.html

it seems that if you do a magstripe op ... the card goes in horizontal(?) but if you want to do a chip, the card goes in veritically(?). if that is the case, the magstripe wouldn't be read if doing a pin operation?

a possible question was whether chip&pin had an image of the magstripe in the chip which is transferred to the terminal embedded in some protocol. somebody might have specified such a protocol since it would minimize the impact of deploying of chip&pin on the rest of the infrastructure (i.e. after some amount of the chip protocol chatter at the terminal ... a payment transaction could go thru a lot of backend processing with the emulated track1&track2 data).

this might account for one of the news items where Shell said that chip&pin was being disabled ... but that transactions could still be done with magstripe swipe.

also this was the chip&pin "yes card" scenario mentioned in the previous thread, the chip/terminal communication was evesdropped and the skimmed information was used to create a counterfeit chip&pin card
http://www.garlic.com/~lynn/aadsm22.htm#20 FraudWatch - Chip&Pin
http://www.garlic.com/~lynn/aadsm22.htm#23 FraudWatch - Chip&Pin
http://www.garlic.com/~lynn/aadsm22.htm#34 FraudWatch - Chip&Pin

this however shows a more traditional ATM looking card reader
http://www.openpaynews.com/downloads/datasheets/openpayUPT-4000.pdf

another picture (again looks like it is capabile of reading both the magstripe and chip in same transaction)
http://www.trintech.com/Unattended-Payment-Terminals-OpenPay-UPT-4000.html

how does it select between doing a magstripe operation vis-a-vis chip operation ... if the card has been inserted in such a way that it reads both?

i found a webpage describing a hybrid emv/magstripe reader that talks about simultaneously reading the magstripe and the emv chip and validating the two sets of information being consistent.

This article dated feb. 7, 2006 talks about being able to skim magstripe on a emv card and using the information to create counterfeit magstripe cards
http://australianit.news.com.au/articles/0,7204,18033140%5E15397%5E%5Enbv%5E,00.html

Posted by: Lynn Wheeler at May 8, 2006 06:23 PM

Chip and pin hack exposed
http://www.theinquirer.net/?article=31547

According to our source, a team of shysters has been turning up at petrol stations posing as engineers and taking the Trintech Smart5000 Chip and Pin units away for repair. They have then bypassed the anti-tamper mechanisms and inserted their own card skimmer.

... snip ...

this is also could be considered from the angle of my old security proportional to risk theme
http://www.garlic.com/~lynn/2001h.html#61

Posted by: Lynn Wheeler at May 8, 2006 06:48 PM

Bingo! This bears parallels with the old one-way-triangle chipmoney designs. They used in general a diversified key arrangment so if you cracked a user card then you could only duplicate that one card. This threat was addressed by blacklisting within the system (there were all sorts of secret instructions and capabilities in these chip money products, some of which got them into hot water from time to time because of the secrecy).

So, with the diversified key design, the limitation was that the upstream merchant card had to hold the full key, only the downstream user card would hold the diversified key. (Think of it as k and H(k). One can prove the other, but not the other prove the one.)

Which simply shifts the burden of the attack to the merchant, so the merchant in theory had to secure the card more carefully than a user card. I pointed this out on occasion, but it was not considered a grave risk, mostly because I suspect it was actually a _shifting of the burden_ pattern, a la Senge. That is, cognitively, the story had an answer, and going the extra distance to analyse the new story was beyond saturation point.

Posted by: Iang at May 9, 2006 05:33 AM

some of the comments in the news today:

Security Expert Says Chip-And-PIN Facilitates ATM Fraud
http://www.cardtechnology.com/article.html?id=20060510KWGALG2S
'Fraudproof' cards attract scammers
http://www.channel4.com/news/content/news-storypage.jsp?id=447024
'Fraudproof' cards attract scammers
http://www.itn.co.uk/news/index_447024.html
'Fraudproof' cards attract scammers
http://www.itv.com/news/index_447024.html
Old technology aiding identity fraud
http://www.smh.com.au/news/national/old-technology-aiding-identity-fraud-keelty/2006/05/10/1146940613348.html

as mentioned previously, the comment from 2002 on pin&chip "yes card"
http://www.garlic.com/~lynn/aadsm23.htm#27 Chip-and-Pin terminals were replaced by "repairworkers"

fraud (which had been going up to that time), was with respect to compromised or counterfeit terminals skimming the chip&pin protocol chatter ... not (necessarily also) skimming the magstripe.

the chip&pin specification here mentions "track1" and "track2" (i.e. the components of the magstripe) in the chip protocol chatter
http://gsho.thur.de/gsho/technik/download/cardspec.pdf
http://www.ttfn.net/techno/smartcards/termspec.pdf

... this is in addition to having the PIN in the chip protocol chatter.

so one question is whether that information (in the chip protocol) sufficiently similar to that used for the magstripe, that it enables the creation of counterfeit magstripes?

the specification also talks about about the signed static application data ... which was what was used for authentication in the "yes card" scenarios.

the "dynamic data" (authentication option) in the specification is supposedly a countermeasure to the replay attacks found with the counterfeit (static data) "yes cards". one issue may be that since "static data" is part of the specification, 1) can sufficient data be skimmed in a "dynamic data" transaction; and 2) then can that data be used to build counterfeit "yes card"; and 3) can such a "yes card" convince terminals to downgrade from "dynamic data" to "static data" operation?

other details in the specification talks about the chip containing sufficient business rules for authorizing offline transactions ... which also contributed to the rise of the "yes card" label ... aka the terminal would ask an "authenticated" card whether to do an offline transaction, and if "yes", also ask the card if the transaction should be approved.

Posted by: Lynn Wheeler at May 10, 2006 05:59 PM

So in the following scenario: If it was proven that the retailer had poor internal controls surrounding the operation and maintenance of their CHIP and PIN machines and that a customer would be unaware at the time of transaction that their details were being skimmed, would the customer have a case for claiming any losses incurred from the retailer? Has APACS issued any guidance on this? Likewise can APACS withdraw the retailer from using Chip and Pin until the processes have been tightened up?

Posted by: Daz C at May 15, 2006 07:33 AM
Post a comment









Remember personal info?






Hit preview to see your comment as it would be displayed.