Mobile and Contactless Payment Security

(1)

Mobile and Contactless Payment Security

v20111118

Peter Fillmore

Witham Laboratories

Witham Laboratories 1/842 High Street East Kew 3102 Melbourne Australia Ph: +61 3 9846 2751 Fax: +61 3 9857 0350

Rambla de Catalunya 38, 8 planta 08007 Barcelona Spain

Ph. +34 93 184 2788

Email: [email protected]

PCI PED PCI PIN PCI DSS PA-DSS

Witham Laboratories Building Confidence in Payment Systems Slide No. 1

(2)

Topics covered in this talk

 How it works

 Card Standards

 EMV/Contactless Basics

 CVV Explanation

 Static Data Authentication

 Combined Dynamic Data Authentication

 Recent Advances

 Future areas of research

Witham Laboratories PCI PED PCI PIN PCI DSS PA-DSS

(3)

How Contactless/NFC/RFID Cards Work

(4)

How NFC/RFID/Contactless Works

• Electromagnetic induction.

• Antennas are present in the terminal and the card.

• The terminal generates a 13.56 MHz carrier signal.

• This signal powers the card and carries the data.

• The modulation used to transmit data varies according to the type of card.

(5)

What a card is made of:

Witham Laboratories Building Confidence in Payment Systems

• Cards contain an near-field antenna embedded in the card plastic.

• A SoC is present in the upper left of the card which connects to the antenna in the card.

Slide No. 5 Witham Laboratories

(6)

Contactless Smart Cards

Slide No. 6

ID-1 Card ISO 7810 Smart Cards

ISO 7816

Memory Card

Processor Card

CICC Contactless

IC Cards ISO 10536

PICC Proximity

IC Cards ISO 14443

VICC Vicinity IC Cards ISO 15693

RICC Remote IC Cards

Processor Card 13.56 MHz Memory

Card 13.56 MHz

Memory Card 13.56 MHz

Memory Card(battery)

2.4/5.8 GHz Processor

Card

Dual Interface Cards

Types of Cards and Standards

Contactless Cards Contact Cards

Witham Laboratories Building Confidence in Payment Systems Witham Laboratories

(7)

The ISO14443 Standard

• Part 1: Physical Characteristics

• Part 2: Radio frequency power and signal interface

• Part 3: Initialization and anticollision

• Part 4: Transmission Protocol

(8)

Two Types of Card

Type A Type B

Modulation ASK 100% ASK 10%

Bit Coding Modified Miller Code NRZ-L Synchronization Bit Level(SOF and

EOF)

1 start and 1 stop bit per byte

Type A Type B

Modulation Load modulation with subcarrier 847kHz, ASK.

Load modulation with subcarrier 847kHz, BPSK.

Bit Coding Manchester Code NRZ-L

Synchronization 1 bit frame sync(SOF, EOF)

1 start and 1 stop bit per byte

Terminal To Card

Card To Terminal

(9)

ISO14443-A

Terminal To Card (Modified Miller, 100% ASK)

Card To Terminal

(Manchester, subcarrier ASK modulated)

Sequence D Logical ‘1’

Sequence E Logical ‘0’

Sequence X Logical ‘1’

Sequence Y Logical ‘0’

Sequence Z Logical ‘0’

(10)

ISO14443-B

Terminal To Card Communications (NRZ-L, 10% ASK)

Card To Terminal Communications (NRZ-L, BPSK modulated subcarrier)

Logical ‘1’

Logical ‘0’

Logical ‘1’

Phase = 0 degrees

Logical ‘0’

Phase = 180 degrees

(11)

Anti-Collision

What is it?

Does it matter?

(12)

EMV and Contactless

• EMV = Chip Card standard

• Defines use of cards in financial settings

• Same commands and functions are used in NFC payment cards

• BER-TLV encoding is used for data

(13)

What is on these Cards?

(14)

Track 1 Explained

PAN: 5412 7512 3412 3456

Card Holder Name: MR JOHN A. CITIZEN Expiration Date: 01/15

Service Code: 101(International Card, Normal Authorization, Normal Verificiation)

Slide No. 14

B 5 4 1 2 7 5 1 2 3 4 1 2 3 4 5 6 ^ C I T I Z E N / J O H N A . ^ 1 5 0 1 1 0 1 * * ?

Card Data:

Start Sentinel Format Code

PAN

Name

M R

Expiry Date Service Code

Discretionary Data End Sentinel

LRC

*

%

(15)

Track 2 Explained

PAN: 5412 7512 3412 3456

Card Holder Name: MR JOHN A. CITIZEN Expiration Date: 01/15

Service Code: 101(International Card, Normal Authorization, Normal Verificiation)

Slide No. 15

; 5 4 1 2 7 5 1 2 3 4 1 2 3 4 5 6 = 1 5 0 1 1 0 1 * ?

Card Data:

Start Sentinel Discretionary

Data

PAN End Sentinel

Expiry Date LRC

* *

Service Code

(16)

Discretionary Data

*

Discretionary Data

* *

• This is an optional field for storage of issuer data etc.

• Is used to store PVKI, PVV, CVV, CVC

• PVKI/PVV is used for PIN verification by the issuer

• CVV/CVC is used to verify the track data on the card.

(17)

What keys are on a typical payment card?

Key Name Description

KD _CVC3 ICC Derived Key for CVC3 Generation

Symmetric Key used for generating the CVC3 MK _AC ICC Application Cryptogram

Master Key

Symmetric Key used to derive the session key for generation of the Application Cryptogram

SK _AC ICC Application Cryptogram Session Key

Symmetric Key used to generate the Application Cryptogram

(18)

What keys are on a typical card?

Key Name Description

Pi Issuer Public Key Used to verify signature on static card data.

S _IC ICC Private Key Generates signature on dynamic data

P _IC ICC Public Key Used by Terminal for verification of cards signature on dynamic data

(19)

Card Verification Values Explained

CVV/CVC verifies the track data has not been changed on the magnetic stripe

Slide No. 19

Many types:

CVV/CVC,CVV2/CVC2,iCVV3

However CVV/CVC is a fixed value located with the track data and is read every time your card is swiped

(20)

Card Verification Values Explained

However CVV2/CVC2 is also a fixed value printed on the card

CVV2/CVC2 is printed on the card, and not in the discretionary data on the track.

Most familiar in ‘CNP’ transactions – Card Not Present i.e Over the phone or Internet

purchases use this.

(21)

Dynamic Card Verification Code 3

A dynamic value generated for each transaction

Allows for Contactless cards to be used in older Magnetic Stripe environments

Slide No. 21

How does a contactless payment card avoid these issues?

However …. This can be set to a static value by the issuer

(22)

Calculation of the Dynamic CVC(CVC3)

The CVC3 obtained by taking the two LSB of ‘O’

CVC3:= ‘0000 0000 0000 FFFF’ && O

Calculate ‘O’ by encrypting ‘D’ with DES3 using KD _CVC3

O:=eKDcvc3(D)

Concatenate to form 8 byte data block ‘D’

IVCVC3 Unpredictable Number Application Transaction Counter

(23)

Communication with a Card

(24)

Initial Transaction Flow

Contactless Card Terminal

(25)

Static Data Authentication(SDA)

Issuer Certificate Authority Acquirer

Static Application Data

Signed Static Application Data(SSAD)

Public Key (Issuer) Pi

Private Key (Issuer) Si

Issuer PK Certificate

Private Key(CA) Sca

Public Key(CA) Pca

Issuer PK Certificate

(26)

Obtaining Information off the Card(SDA Data)

Contactless Card Terminal

(27)

Dynamic Data Authentication(DDA)

Issuer Certificate

Authority Acquirer

Static Application Data

Public Key (Issuer) Pi

Private Key (Issuer) Si

Issuer PK Certificate

Private Key(CA) Sca

Public Key(CA) Pca

Issuer PK Certificate Private Key

(ICC) Sic

Public Key (ICC) Pic

ICC PK Certificate

(28)

Combined DDA/AC Generation(CDA)

Contactless Card Terminal

(29)

“Generate AC” Command

Causes the card to compute and return an

‘Application Cryptogram’(AC)

Application Cryptogram Types:

Type Abbreviation Meaning

Application

Authentication Cryptogram

AAC Transaction declined Authorization

Request

Cryptogram

ARQC Online

authorization requested Transaction

Certificate

TC Transaction Approved

(30)

“Generate AC” Command Generating the Cryptogram

Generate the AC Session Key(SK _ac )

Concatenate the CDOL data and ICC data

Perform a CBC-MAC on the data using SKac.

(31)

“Generate AC” Command

Generating the Signed Dynamic Application Data(SDAD)

Dynamic

Application Data Signed Data

Format

Hash Algorithm Indicator

ICC Dynamic Data Length

ICC Dynamic Data Pad Pattern

Unpredictable Number

ICC Dynamic Data ICC Dynamic

Number Length ICC Dynamic Number Cryptogram

Information Data TC or ARQC

Transaction Data Hash Code

TC/ARCQ data elements

Amount

Authorized(Numeric)

…

Unpredictable Number Application Interchange Profile

Application Transaction Counter

Encrypted by AC Session Key(SK _AC )

Transaction Data

PDOL Elements CDOL Elements CID

Application Transaction Counter

Issuer Application Data

Hashed with SHA-1

Signed with ICC Private Key

(32)

Combined DDA/AC Generation(CDA)

Contactless Card Terminal

(33)

Recent Developments

• Some Android phones now have built in NFC circuitry

• Code has been added to Android version 2.3.3

• Can work with ISO14443 A and B; FeliCa; PROX etc.

Slide No. 33

NFC Phones

Android and Payment Cards

• A separate ‘Secure Element’ is added to the phone

• This chip stores the Financial keys and data physically and logically from the Android OS.

• Functions like a separate Payment card

(34)

Remote Sniffing + Demo

REQA ATQA

Captured from the audio-out of a wide-band receiver from 5 meters away

BUT – CVC3/CVV3 makes this not worthwhile on contactless payment cards

I don’t care if someone sniffs my pants!

(35)

Emissions Power Analysis

• Powerful class of attack

• Relies on capturing of emissions from cryptographic operations to determine the key used.

• Successfully demonstrated on the MIFARE DESFire (MF3ICD40) Card as used in the Victorian Myki

transport card

• Unique keys in payments cards mitigate this attack

• See the paper “Side-Channel Analysis of

Cryptographic RFIDs with Analog Demodulation - Timo Kasper, David Oswald, and Christof Paar” for more

infomation

(36)

Remote Sniffing using Software Defined Radios

• Potential for capturing and

demodulating traces from a distance

– Other presentations today will be covering SDR technologies

• EMV works with Common Criteria

testing to provide protection profile for cards

– Side channel analysis is part of the testing – Payment cards protected against remote

key recovery

(37)

Protecting your card

• Patent Pending

RFID shield/cooking material

• Highly flexible!

• Variety of form- factors

•Also makes a great

jacket potato(sour

cream not included)

(38)

To Wrap Up

• Basics of contactless cards

• Security depends on the implementation

• Majority of new financial systems are built from existing standards which have been field tested.