I have an amusing defence. Inspired by the “Laser-printed PIN
Mailer Vulnerability Report”, Mike Bond, Steven J. Murdoch, and
Jolyon Clulow, I found it trivial to extract the PIN my bank sent
me this month without ‘tampering’ with the letter. If I were to
retain the intact letter, someone steals money from my account
using the PIN and the bank claims their security is infallible
I say “Good. Here is your security that proves I don’t know the
PIN.”, if they admit their security is fallible I say “Good. Give
me my money back.” The customer is always right.
Ok, erm, PIN observed via shoulder surfing or false facia with WiFi and Webcam. The IC hasn’t been compromised and cloned to produce a fake yes signal to the pos has it? Is this the old fallback to magstripe for a cloned card problem? Where are the suggestions of solutions? This is economics!
Fallback has to be in place until the US moves to Smart Cards and away from the Magstripe. Think about all the tourists, what’s all this chip and spin thing, all I wanted is fish and chips, and I can’t even use my Amex!
Moving the game on a little, the UK plastic money movement now seek “contactless cards” for small transactions. Money is on the way out !!
The BBC news page contains perhaps the most ironic quote I’ve seen this week::
If it is lost or stolen then Mr Rockcliff said that as with other cards the issuer would bear the liability: “Once we introduced this concept of the random security check being a chip and pin transaction then people are pretty comfortable with it.”
It appears to be common in France now that the bad guys clone chips. If they steal your card they copy the data to a card whose PIN they know and use that. The new card doesn’t know the right MAC key but it will still work in offline transactions – and lots of French businesses work offline. As the PIN is locally checked a UK bank will just blandly say that the PIN was correct so you’re liable.
I have another case where a UK bank customer got cloned this way while in Paris on business. It is inevitable that the French criminals’ tools will find their way across the channel, and the Harvie case seemed a possible candidate
Contactless smart cards, so the point of the Chip is in essence to provide a tamper proof environment for some asymmetric or symmetric keys and other artifacts that may need protecting. Opening up the card to contactless induction, opens even more security problems such as realy attacks (MITM). This was proven by Cambridge Labs and Israel University – conjectured as I can’t remember the links.
Application layer psuedo-tls/ssl type communications crypto fails in the relay side of things. Any ideas?..
For MITM, I was under the impression that, where only server-side authentication was employed, the SSL session was able to be exploited by the Mallorys of this world. On the other hand, mutually authenticated SSL sessions (ie where both client and server exchange certificates) are resistant to MITM because the session key setup methods effectively drop out MITM.
(however all of this assumes the integrity of the trust point, the CA issuing both certificates)
However, the standard response I find is that client-side SSL cetificates are “too expensive” for normal use. The few commercial implementations of this also seem “window dressing” for high spending corporates.
I recognise where you are coming from with regards to SSL/TLS Client/Server mutal authentication, I was thinking more from the perspective of secure communication of the air-gap between the contactless sc and a reader (a lot less circtuary then your standard pentium xeon server! đŸ˜‰ ).Some manufactuers are using pseudo-ssl/tls within a java applet frame work, JCOP cards from infineon/philips to secure the air-gap. However this stills fails with the relay/store and forward attacks (the java applet is functioning at the application layer, not at the physical/data-link/transport layer). i.e. Briefcase with contactless reader, Oyster London Underground card is read near the reader, and the brief case, the comms traffic is intercepted and replayed to the top-up terminal via Wi-Fi to a PDA with an SC card wanded over the machines reader(think RF range),
Anyway, it’s the business leaders that need convincing, as they have the monetary purse strings. If the risk isn’t easily quantified for them to understand, they won’t buy-in to security mitigation, they just see it as a product rather than a method of applying mitigation to the risk.
Just over a week ago I was in Victoria St London where there is a Sainsburys with a cash machine. Guess what it had a card skimmer on it. The store manager was informed but was not interested eventually I called the police.
In the meen time as it had a small TV cammera (probably TXing on 2.4GHz) Two extreamly large thugs pushed their way into the machine leavered the card skimmer and cammer off and ran away up the road.
Two thoughts spring to mind,
1, Either Chip-n-Pin is as a lot of people suspect insecure.
2, Tourists are getting targeted as they still use mag stripe.
More interesting was the reponse of the Police when they finally arived, apart from being polite they where not realy interested, even though I and a friend had prevented other people touching the unit to protect any evidence. It was also clear that we where being watched from a shop across the road, which is the direction the two thugs arived from (gift shop left hand side of the entrance of Victoria Underground Station) and this was not just curious watching.
When the Police spoke to the manager it became clear that the store CCTV cammer over looking the machine was not working unlike all the other cammers in the store (which is odd).
Finnaly around two hours later I passed the machine again and guess what the skimmer was back in place and the sme people where watching over it….
MY conclusion is that the Police are realy uninterested in card skimming as a crime, even though the amount that could be stolen in a two hour skimm period would easily exceed that of a conventional smash and grab raid on a jewlers (which the Police would most definatly be interested in).
Also there is no joined up thinking, in that if Chip-N-Pin is invulnerable to this type of attack then it was definatly targeting tourists. How long before London gets the reputation of “Rip-Off-London” and tourists start once more to avoid the place (and the UK in geneneral). In either case the loss to the London echonomy is way greater than a mere smash and grab raid. So as a crime it should receive specialised targeting by the Met Police.
Why do you assume that chip and pin cards are not vulnrable? They have a magnetic strip containing all the data that the skimmer needs to make a working copy. Thy just need to use it in non-chip and pin atms..of which there are hundreds of thousands worldwide and a good many in the UK too.
Sorry to disturb but… The link to the text version is missing its “href” attribute, what makes it quite useless.
@Anne Onymous
Thanks for pointing that out; it should be fixed now.
I have an amusing defence. Inspired by the “Laser-printed PIN
Mailer Vulnerability Report”, Mike Bond, Steven J. Murdoch, and
Jolyon Clulow, I found it trivial to extract the PIN my bank sent
me this month without ‘tampering’ with the letter. If I were to
retain the intact letter, someone steals money from my account
using the PIN and the bank claims their security is infallible
I say “Good. Here is your security that proves I don’t know the
PIN.”, if they admit their security is fallible I say “Good. Give
me my money back.” The customer is always right.
Ok, erm, PIN observed via shoulder surfing or false facia with WiFi and Webcam. The IC hasn’t been compromised and cloned to produce a fake yes signal to the pos has it? Is this the old fallback to magstripe for a cloned card problem? Where are the suggestions of solutions? This is economics!
Fallback has to be in place until the US moves to Smart Cards and away from the Magstripe. Think about all the tourists, what’s all this chip and spin thing, all I wanted is fish and chips, and I can’t even use my Amex!
Moving the game on a little, the UK plastic money movement now seek “contactless cards” for small transactions. Money is on the way out !!
The BBC news page contains perhaps the most ironic quote I’ve seen this week::
If it is lost or stolen then Mr Rockcliff said that as with other cards the issuer would bear the liability: “Once we introduced this concept of the random security check being a chip and pin transaction then people are pretty comfortable with it.”
Oops ….
It appears to be common in France now that the bad guys clone chips. If they steal your card they copy the data to a card whose PIN they know and use that. The new card doesn’t know the right MAC key but it will still work in offline transactions – and lots of French businesses work offline. As the PIN is locally checked a UK bank will just blandly say that the PIN was correct so you’re liable.
I have another case where a UK bank customer got cloned this way while in Paris on business. It is inevitable that the French criminals’ tools will find their way across the channel, and the Harvie case seemed a possible candidate
Contactless smart cards, so the point of the Chip is in essence to provide a tamper proof environment for some asymmetric or symmetric keys and other artifacts that may need protecting. Opening up the card to contactless induction, opens even more security problems such as realy attacks (MITM). This was proven by Cambridge Labs and Israel University – conjectured as I can’t remember the links.
Application layer psuedo-tls/ssl type communications crypto fails in the relay side of things. Any ideas?..
For MITM, I was under the impression that, where only server-side authentication was employed, the SSL session was able to be exploited by the Mallorys of this world. On the other hand, mutually authenticated SSL sessions (ie where both client and server exchange certificates) are resistant to MITM because the session key setup methods effectively drop out MITM.
(however all of this assumes the integrity of the trust point, the CA issuing both certificates)
However, the standard response I find is that client-side SSL cetificates are “too expensive” for normal use. The few commercial implementations of this also seem “window dressing” for high spending corporates.
To William,
Re:MITM and Contactless Smart Cards.
I recognise where you are coming from with regards to SSL/TLS Client/Server mutal authentication, I was thinking more from the perspective of secure communication of the air-gap between the contactless sc and a reader (a lot less circtuary then your standard pentium xeon server! đŸ˜‰ ).Some manufactuers are using pseudo-ssl/tls within a java applet frame work, JCOP cards from infineon/philips to secure the air-gap. However this stills fails with the relay/store and forward attacks (the java applet is functioning at the application layer, not at the physical/data-link/transport layer). i.e. Briefcase with contactless reader, Oyster London Underground card is read near the reader, and the brief case, the comms traffic is intercepted and replayed to the top-up terminal via Wi-Fi to a PDA with an SC card wanded over the machines reader(think RF range),
Anyway, it’s the business leaders that need convincing, as they have the monetary purse strings. If the risk isn’t easily quantified for them to understand, they won’t buy-in to security mitigation, they just see it as a product rather than a method of applying mitigation to the risk.
Just over a week ago I was in Victoria St London where there is a Sainsburys with a cash machine. Guess what it had a card skimmer on it. The store manager was informed but was not interested eventually I called the police.
In the meen time as it had a small TV cammera (probably TXing on 2.4GHz) Two extreamly large thugs pushed their way into the machine leavered the card skimmer and cammer off and ran away up the road.
Two thoughts spring to mind,
1, Either Chip-n-Pin is as a lot of people suspect insecure.
2, Tourists are getting targeted as they still use mag stripe.
More interesting was the reponse of the Police when they finally arived, apart from being polite they where not realy interested, even though I and a friend had prevented other people touching the unit to protect any evidence. It was also clear that we where being watched from a shop across the road, which is the direction the two thugs arived from (gift shop left hand side of the entrance of Victoria Underground Station) and this was not just curious watching.
When the Police spoke to the manager it became clear that the store CCTV cammer over looking the machine was not working unlike all the other cammers in the store (which is odd).
Finnaly around two hours later I passed the machine again and guess what the skimmer was back in place and the sme people where watching over it….
MY conclusion is that the Police are realy uninterested in card skimming as a crime, even though the amount that could be stolen in a two hour skimm period would easily exceed that of a conventional smash and grab raid on a jewlers (which the Police would most definatly be interested in).
Also there is no joined up thinking, in that if Chip-N-Pin is invulnerable to this type of attack then it was definatly targeting tourists. How long before London gets the reputation of “Rip-Off-London” and tourists start once more to avoid the place (and the UK in geneneral). In either case the loss to the London echonomy is way greater than a mere smash and grab raid. So as a crime it should receive specialised targeting by the Met Police.
Clive,
Why do you assume that chip and pin cards are not vulnrable? They have a magnetic strip containing all the data that the skimmer needs to make a working copy. Thy just need to use it in non-chip and pin atms..of which there are hundreds of thousands worldwide and a good many in the UK too.