back to article Cambridge boffins: Chip and PIN cards CAN be cloned – here's how

Boffins at Cambridge University have uncovered shortcomings in ATM security that might be abused to create a mechanism to clone chip-and-PIN cards. The security shortcoming might already be known to criminals and creates an explanation for what might have happened in some, otherwise baffling, "phantom" withdrawal cases. Each …

COMMENTS

This topic is closed for new posts.
  1. Real Ale is Best
    FAIL

    No surprise there.

    They went for the cheap solution.

    1. Anonymous Coward
      Anonymous Coward

      Re: No surprise there.

      If you think any banking it is cheap, you've got another think coming...

      1. Oor Nonny-Muss
        FAIL

        Re: No surprise there.

        >>If you think any banking it is cheap, you've got another think coming...

        There is a world of difference between "cheap" (as in shoddy) and "inexpensive" (as in low in cost).

      2. Destroy All Monsters Silver badge
        FAIL

        Re: No surprise there.

        > If you think any banking it is cheap, you've got another think coming...

        Like a bailout?

        1. Anonymous Coward
          Anonymous Coward

          Re: No surprise there.

          I wasn't aware any banking IT was bailed out. Also, the bailouts will make money for the country, even discounting all the other tax banks pay.

      3. Stoneshop
        Headmaster

        Re: No surprise there.

        you've got another think coming

        For quite a lot of people, programmers included, it would be beneficial if they had even one think coming.

  2. Anonymous Coward
    Anonymous Coward

    'We've never claimed chip-and-PIN is 100 per cent secure'

    Maybe not, but the banks as good as did when they introduced it.

    Complicated? That's what technology's for.

    1. Graham Marsden
      Devil

      Re: 'We've never claimed chip-and-PIN is 100 per cent secure'

      Welcome to "Chip and Spin"!

      And, of course, if you're the victim of a fraudulent transaction, we're going to claim (illegally) that it was *your* fault, that *you* were careless with your PIN and *you* have to prove your innocence...

      1. Fibbles
        FAIL

        Re: 'We've never claimed chip-and-PIN is 100 per cent secure'

        I've just done a bit more research (i.e. 2 seconds on Google) and it turns out you lot really are just talking nonsense.

        From the FSA website;

        "Your bank must only refuse a refund for an unauthorised transaction if it can prove you authorised the transaction – though your bank cannot simply say that use of your password, card and PIN conclusively proves you authorised a payment"

        www.fsa.gov.uk/Pages/consumerinformation/product_news/banking/know_your_rights/solving/index.shtml

    2. Anonymous Coward
      Anonymous Coward

      There was another -hidden- reason for chip-and-PIN - and not in your favour

      Personally, I think chip-and-PIN was one of the most successfully executed bait-and-switch operations ever executed by the collective credit card industry.

      The switch itself was actually almost(*) immaterial - the real game was about what changed in the contract.

      Before the change, the liability of a transaction was wholly placed with the credit provider. If it wasn't your signature, it was not a transaction you authorised and the bank had to cough up. Ergo, a stolen card was entirely the provider's problem.

      Hidden in your new, shiny chip-and-PIN contract was the fact that the liability has changed to you. Instead of the bank/credit provider having to prove it was you, you are BY DEFAULT to have authorised a transaction unless you can prove otherwise. In other words, you now have to keep track of your life (and supply details of that on demand) and prove a negative, which is a lot harder. Credit providers still offer refunds because it would be very bad publicity otherwise, but if you have a card cloner or thief who buys something you would have bought near where you usually dwell you may end up with a problem. And it's entirely *your* problem. This little, yet seriously dramatic change in liability has been kept vewwy, vewwy quiet..

      As I said, *excellent* execution.

      (*) It isn't all bad - there are plenty websites on the Net which demonstrate that practically nobody checked a signature, and a PIN gives at least some, more automated verification. And makes it easier to, umm, "borrow" the card :). But the best anti-theft feature didn't catch on that much - the picture on the card. Shame..

      1. Fibbles

        Re: There was another -hidden- reason for chip-and-PIN - and not in your favour

        "Credit providers still offer refunds because it would be very bad publicity otherwise, but if you have a card cloner or thief who buys something you would have bought near where you usually dwell you may end up with a problem."

        Err maybe you should do a bit more research anon, it's got nothing to do with publicity, bad or otherwise. What you say may be true for debit cards, but for credit cards the responsibility still lies with the credit issuer to prove it was you that made a purchase. Every single time, regardless of what the transaction was for or how close it occurred to your home.

        It's the sole reason I have a credit card. I pay it off in full each month so there are no charges, in fact I get cash back for using the thing.

      2. Graham Marsden

        Re: There was another -hidden- reason for chip-and-PIN - and not in your favour

        @AC - " there are plenty websites on the Net which demonstrate that practically nobody checked a signature"

        I always used to and, in fact, I *still* check the signature strip even now.

        I notice that a lot of US citizens who buy with a card in person don't bother to sign the card and automatically hand over another form of ID (eg Driver's Licence) even when it says "Not valid unless signed"!

    3. peter 45
      Headmaster

      @fibbs

      "Your bank must only refuse a refund for an unauthorised transaction if it can prove you authorised the transaction – though your bank cannot simply say that use of your password, card and PIN conclusively proves you authorised a payment"

      You have forgotten a bit of history. This was introduced BECAUSE of the increasingly large number of disputed ATM transaction where the banks took the universal line of 'chip and PIN is secure so it must be your fault' and refused every claim.

      1. Anonymous Coward
        Anonymous Coward

        Re: @fibbs

        @Peter45. No, it wasn't, unless you can show otherwise?

      2. Fibbles

        Re: peter 45

        This doesn't change the fact that banks no longer do this, haven't done for years and repeating ad nauseam that they do is nothing more than FUD.

        1. This post has been deleted by its author

        2. peter 45
          Facepalm

          Re: peter 45

          'no longer......haven't done for years' Do they used to do it then? As in the past tense? As in history?

          Past, present. Its so difficult to keep up eh?

  3. A Non e-mouse Silver badge
    FAIL

    Many ATMs and point-of-sale terminals have seriously defective random number generators. These are often just counters, and in fact the EMV specification encourages this by requiring only that four successive values of a terminal’s “unpredictable number” have to be different

    WTF !?!? The test for your secure random number generator is to see that you get just FOUR different numbers from it

    What on Earth were they drinking/smoking/injecting/whatever when they approved this ?

    1. Captain TickTock
      Unhappy

      Smoking?

      don't forget the mirrors

    2. TeeCee Gold badge
      Facepalm

      It's worse than that.

      1, 2, 3 and 4 are different numbers. Like the man said, many of 'em are just counters. As it would appear that the secret is in guessing what the next "unpredictable number" will be, guess what it is for the provided example?

      Hint: Those that built this have it as the result of 2+2......

    3. This post has been deleted by its author

      1. AdamT
        Happy

        I'll see your Dilbert ...

        ... and raise you an XKCD: http://xkcd.com/221/ (where 4 is the actual number! Spoooookyyyyyy!!!!!!1!)

    4. Charles 9

      Probably cigars from razor-thin-margin device makers that basically told the credit card companies, "Make it cheap for us to implement or we won't implement...and since the onus falls to you, any Catch-22 would be to YOUR detriment, not ours."

    5. despairing citizen
      Big Brother

      RE: Random Number - 4 different numbers?

      One would additionally suggest they have a problem with the concept of randomness, in that in a true random system, all 4 numbers could be the same, just an rare (random) event!

      Suggest they might want to try running the generator a few million times and check the spread.

  4. Nick 6
    Devil

    No its all secure actually.

    No they are all wrong, my bank's website tells me:-

    "Chip and PIN increases card payment security to help prevent fraud. Card fraud at the point of sale is reduced significantly by ensuring the card is genuine and that the user is the authorised owner of the card"

    so the card must be genuine and used by the authorised owner. It ensures it !

    1. Daren Nestor

      Re: No its all secure actually.

      Nothing is 100% secure, and the first part of that sentence is absolutely, 100% correct. Card fraud at the point of sale is reduced significantly by EMV.

      It sounds like the device manufacturers need a good kick up the arse.

      1. Anonymous Coward
        Anonymous Coward

        Re: No its all secure actually.

        If my card got nicked without me noticing (at least for a few hours) under the old system all some scruffy herbert would have to do to access my account was practice duplicating my signature. Under Chip & Pin, he either has to have a good understanding of the underlying technology to clone my card* or guess a 6 digit number correctly within 3 attempts. Chip & Pin may not be perfect but it seems many orders of magnitude more secure to me.

        *Unlikely to happen in the few hours between losing the card and getting it cancelled.

  5. Anonymous Coward
    Anonymous Coward

    'We've never claimed chip-and-PIN is 100 per cent secure'

    Yep, but if you're the unlucky customer to have a fraudulent transaction appear on your account and the bank checks it and discovered it was a Chip+PIN transaction then they'll just dump the responsibility onto you to prove you didn't make the transaction.

    It's okay these guys saying they don't claim Chip+PIN to be 100% secure, but the banks sure as hell act as if it is.

    1. Anonymous Coward
      Anonymous Coward

      Re: 'We've never claimed chip-and-PIN is 100 per cent secure'

      Like they said in the statement, that would be illegal and has been so for several years.

      1. Vic

        Re: 'We've never claimed chip-and-PIN is 100 per cent secure'

        > that would be illegal and has been so for several years.

        Do you expect that to stop them?

        Vic.

  6. Anonymous Coward
    Anonymous Coward

    Just wait ...

    until they find a similar thing with "pay by wave". You'll have you credit cards cloned as you walk down the street.

    1. Intractable Potsherd

      Re: Just wait ...

      I got my new waft-card yesterday (unsolicited). It now resides in a nice aluminium foil insert in my wallet until I can find a reliable way to kill NFID chip without messing up the card entirely (and/or I get my act together and change bank before RBS becomes Santander).

  7. John G Imrie

    Randum numbers

    four successive values of a terminal’s “unpredictable number” have to be different for it to pass conformance testing.

    Which means that they have no idea of how random numbers work as a truly random number generator could quite happily generate the same number 4 times on the trot.

    1. NomNomNom

      Re: Randum numbers

      says unpredictable not random

      1. John G Imrie

        Re: Randum numbers

        Who the hell down voted your correction? +1 to counter balance it.

  8. Anonymous Coward
    Anonymous Coward

    Not convinced

    If you read the full paper, the researchers haven't actually managed to predict the sequence of numbers, despite buying a load of old ATMs and trying to reverse-engineer them. The attack also involves inserting a specially made cloned card (which requests a delay from the ATM until the "right" random number comes up) into an ATM to the nearest second.

    It's useful that flaws in the protocol have been identified but if the Spanish crims are actually using this method then they are (a) cleverer than the best minds Cambridge can throw at it and (b) either desperate or stupid, since there are far easier ways to rip off an ATM with a chip card. Remember, this is a one-card-at-a-time attack and the gains just don't justify the effort. They might as well use a Lebanese loop, or shoulder-surf and pickpocket the card later, both of which happen every hour of every day.

    1. Anonymous Coward
      Anonymous Coward

      Re: Not convinced

      The guys at Cambridge do some important work, but boy do they talk up the significance of what they do...

  9. Anonymous Coward
    Anonymous Coward

    So...

    A bad random number generator in an ATM is a software issue, this is easily patchable, if indeed it is as significant as they say it is. Rather like their man in the middle attack which allegedly demonstrated that chip and pin was totally broken was actually made utterly impractical by just reducing a timeout value.

  10. PGregg
    WTF?

    > In a statement, the UK's Financial Fraud Action told El Reg:

    > We've never claimed that chip and PIN is 100 per cent secure....

    Whoever the "UK's Financial Fraud Action" are... Maybe they didn't but the banking industry have absolutely claimed that chip and pin is 100% secure.

    http://news.bbc.co.uk/1/hi/business/8287783.stm

    http://www.thisismoney.co.uk/money/saving/article-1614734/Flaw-at-heart-of-fraud-proof-chip-and-Pin.html

    Or just google for yourself: https://www.google.co.uk/search?q=%22chip+and+PIN+is+secure%22+-%22never+claimed+that+chip+and+pin+is%22

  11. sugerbear

    Might not work with the majority of EMV cards.

    I look at the article and I beleive the attack is only possible with older static data (SDA) type cards.

    The problem with Cambridge is that some of their research is based on old tech standards, but there are are still some SDA cards in circulation (because they are cheap). I have not had a chance to check yet but to correctly guess the cryptogram on a DDA (dynamic data authentication) card is impossible as the chip generates its own random number so seeing two transasctions with the same ICC random number would highlight a cloned card.

    There are also other technologies such as the ATC count so again cloning is made difficult if the card hasn't been stolen.

    As with all tech, someone will eventually break it but as long as it isn't cheap/quick then its still worth employing.

    Paywave and Passpass incorporate even more complex cryptogram generation CDA which makes the duplication even more very difficult.

    But dont let the above get in the way of a good story and worry mongering :o)

  12. Mage Silver badge

    The real reason

    Is to reduce the ***Liability of the Bank*** for card fraud. It's a PIN, so you gave the card & PIN to someone else or took the money yourself. A Signature makes it easier for the customer to prove it WASN'T them (thusly the bank has to pay).

    1. Daren Nestor

      Re: The real reason

      ahahahahahahahahaha, really?

      So two factor authenticion is less secure than one factor? That's what you've said. The reasoning behind chip & pin was to add another factor. It's something you have + something you know, rather than just something you have.

      Signatures are massively insecure, because there's no way of verifying them at the point of sale.

      In 2010, the United States generated about 27 percent of payment-card purchases yet accounted for 47 percent of global payment-card fraud. In the US alone, fraud accounted for $3.56 billion in 2010. Fraud is lower in countries using Chip and Pin, there are facts and figures there. The only reason that it hasn't happened in the US yet is because the cost of replacing all the ATMs and POS devices was massive. It is being done incrementally instead, and is only now approaching a point where it can be put into general circulation.

    2. Anonymous Coward
      Anonymous Coward

      Re: The real reason

      I've lost count of the amount of times I've said this, but once again: The burden of proof is on the bank to prove the customer wasn't the victim of fraud, not the other way round. Simply relying on a pin authd transaction isn't enough. This has been written into law for several years.

      1. Anonymous Coward
        Anonymous Coward

        Chip+PIN / ATMs

        Most ATMs do not actually use Chip+PIN (EMV).

        They just read the magnetic stripe.

        You enter your PIN which is authenticated with the bank's systems over a network.

        1. sugerbear

          Re: Chip+PIN / ATMs

          Hello America and your backward magstripe technology :o)

          You are wrong though. EMV is used in ATM transactions, the difference is the PIN is authenticated at the issuer/processor. The US uses magstripe but only becuase they have such a fragmented market and no one to drive the changes other than the schemes (which will eventually happen between 2013-2015).

          If I had the option I would do away with the magstripe on my EMV card but there are still some terminals that use it (before reverting to the chip).

        2. Anonymous Coward
          Anonymous Coward

          Re: Chip+PIN / ATMs

          In the UK the vast majority of ATMs use chip and pin many can fallback to magstripe, but tend not to if the card is chipped.

          1. Anonymous Coward
            Anonymous Coward

            Re: Chip+PIN / ATMs

            Visa and MasterCard now mandate that chip based cards cannot fallback to mag stripe at chip enabled devices (either ATMs or POS devices). So if your bank is issuing Visa or MasterCard branded cards, no fallback is allowed.

  13. JaitcH
    FAIL

    You mean to say the HSBC lied to it's customers?

    'We've never claimed chip-and-PIN is 100 per cent secure is not the line of patter that a suit at my HSBC branch said

    And now we have the (drum-roll) SecureKey which is garbage, doesn't work and has people changing accounts. You can't even read the squinty characters if you wear glasses and they even catch fire (doubles as a one time cigarette lighter).

  14. John Smith 19 Gold badge
    Unhappy

    Oh Christ not again.

    <rant>

    </profanity filter>

    "Bond realised that the numbers shared 17 bits in common while the remaining 15 digits appeared to be some sort of counter, rather than a random number."

    Fixed fields and *counters*.

    Seriously is a shift register *that* much more expensive to implement? Has 8 *decades* of computer generation of pseudo random numbers been a total fucking wast of time?

    The recurring stench of "security by obscurity" makes me want to vomit.

    <profanity filter>

    </rant>

  15. Anonymous Coward
    Anonymous Coward

    We never claimed...

    Wasn't there a time when bankers were supposed to be upright, respectable, descent, example-setting members of society?

    Or was it always a sham?

    1. John Smith 19 Gold badge
      Coat

      Re: We never claimed...

      "Wasn't there a time when bankers were supposed to be upright, respectable, descent, example-setting members of society?"

      Yes, but that flaw in the hiring policy has since been fixed.

      Mine will be the one with a copy of Joe Orton's "Loot" on DVD.

    2. Anonymous Coward
      Headmaster

      Re: Descent?

      Looks like I used the right word, instead of the wrong one, decent.

  16. MarkSitkowski

    There might be a better way...

    What would be really good, would be some kind of telepathic password, which you could communicate to your bank, each time you needed to access your account online, and it would be really handy, if your mind could also transmit this password to the ATM.

    Well, that’s obviously not going to happen so, how about a compromise, where you transmit to your bank, information about your telepathic password, which only your bank understands?

    Yes, but the camera, and the malware, would record what you typed, and use it to get into your account. Okay, then, how about, if what you typed only worked once. Then, using the same keystrokes a second time would be useless. That would work, but how does the bank know that, what you typed the second time, represented the same telepathic password? Also, you certainly wouldn’t want to contact your bank every day, to get a new method of transmitting your telepathic password.

    How about this, then? Each time you want to access your account, a popup shows you an alphabet, with a number under each letter, and you type the numbers, instead of the letters?

    Okay, that’s obviously bad because the camera would pick up the numbers but, what if the numbers were all scrambled? That’s better, but the camera would still get you, and the malware would still send them back to the sociopath who, after a few months, would be able to guess your password, from the patterns of the numbers.

    What about, if there were only two numbers and, what if there were two alphabets, in upper and lower case? Then your telepathic password would be represented by a selection from 52 letters, each letter identified by one of two random digits. If the pattern of the digits changed randomly, with each access, then your telepathic password of “gobbledeygook” would be “1000110011001” the first time but, the second time, it would be “1110010001101”.

    Now we’re getting somewhere. The camera sees you entering a pattern of 1’s and 0’s, each of which could correspond to any one of 20 or 30 letters, the network snooper sees the numbers, but not the letters, and the malware sees both, but doesn’t know what they mean. Luckily, you took maths in college, and spend a lot of time in the casino, so you know how to calculate odds, and you can see they’re now in your favour, but you still want them to be better, because you work with classified documents, and really need to have tight security. What if you had two passwords, and added them together? What if you added or subtracted ‘1’ from every other letter What if...? You’re tempted to call this ‘Uncrackable Authentication’

    Aha! I hear you cry. How do I get my telepathic password, in the first place? The malware is watching my browser and my email, and will pick up the keystrokes when I type it into any form I fill in. How am I going to enter my password? Well, it might ne good, if I had a set of alphabets but, this time, the letters were pictures of letters, and they, themselves, were scrambled, and referenced by a set of numbers. Then, the malware would pick up the mouse strokes, but would only know that they corresponded to a selection of pictures, with random names. Let’s be realistic, however. If there’s a spy camera, watching you do this, it will pick up what you enter. On the bright side, you’ll be doing this at home, probably only once a year, or so, with only the malware to contend with – unless you’ve fallen foul of the CIA, or your wife has her suspicions about you...

    One day, quite by chance, you stumble upon a site at www.designsim.com.au recommended by your friend at the FBI (he got it from some guy in military intelligence), and you say to yourself, Hey, they stole my idea”, and you're right, the algorithm described there is identical.

    1. Justicesays

      Re: There might be a better way...

      Uh huh,

      And then, if someones card was used you could absolutely prove it was them because no-one else could possibly have the magic password?

      Except you seem to have made a big assumption, that your bank is trustworthy.

      Past cases of where Cards and/or PINs were delivered and use fraudulently were eventually (after court cases and so on, as banks refused to admit it) proven to be only plausible if committed by corrupt bank employees, often two working in collusion to bypass internal protections (guy who can make a change working with guy who can delete the logs of the change for instance)

      http://www.lightbluetouchpaper.org/2010/05/25/an-old-scam-still-works/

This topic is closed for new posts.