Browse Prior Art Database

Chip and PIN is broken

IP.com Disclosure Number: IPCOM000244619D
Original Publication Date: 2010-Jan-01
Included in the Prior Art Database: 2015-Dec-30
Document File: 14 page(s) / 1M

Publishing Venue

Undisclosed

Abstract

Identifiaction a a flaw in EMV PIN's where a payment can be made without known the card's PIN

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 6% of the total text.

Page 01 of 14

2010 IEEE Symposium on Security and Privacy

Chip and PIN is Broken

Steven J. Murdoch, Saar Drimer, Ross Anderson, Mike Bond University of Cambridge

Computer Laboratory
Cambridge, UK http://www.cl.cam.ac.uk/users/
{sjm217,sd410,rja14,mkb23}

  Abstract-EMV is the dominant protocol used for smart card payments worldwide, with over 730 million cards in circulation. Known to bank customers as "Chip and PIN", it is used in Europe; it is being introduced in Canada; and there is pressure from banks to introduce it in the USA too. EMV secures credit and debit card transactions by authenticating both the card and the customer presenting it through a combination of cryptographic authentication codes, digital signatures, and the entry of a PIN. In this paper we describe and demonstrate a protocol fLaw which allows criminals to use a genuine card to make a payment without knowing the card's PIN, and to remain undetected even when the merchant has an online connection to the banking network. The fraudster performs a man-in-the-middle attack to trick the terminal into believing the PIN verified correctly, while telling the card that no PIN was entered at all. The paper considers how the fLaws arose, why they remained unknown despite EMV's wide deployment for the best part of a decade, and how they might be fixed. Because we have found and validated a practical attack against the core functionality of EMV, we conclude that the protocol is broken. This failure is significant in the field of protocol design, and also has important public policy implications, in light of growing reports of fraud on stolen EMV cards. Frequently, banks deny such fraud victims a refund, asserting that a card cannot be used without the correct PIN, and concluding that the customer must be grossly negligent or lying. Our attack can explain a number of these cases, and exposes the need for further research to bridge the gap between the theoretical and practical security of bank payment systems. It also demonstrates the need for the next version of EMV to be engineered properly.

  Keywords-EMV; Chip and PIN; card fraud; bank security; protocol failure; security economics; authentication


I. INTRODUCTION

 Smart cards have gradually replaced magnetic strip cards for point-of-sale and ATM transactions in many countries. The leading system, EMV [1], [2], [3], [4] (named after Europay, MasterCard, and Visa), has been deployed through- out most of Europe, and is currently being rolled out in Canada. As of early 2008, there were over 730 million EMV- compliant smart cards in circulation worldwide [5]. In EMV, customers authorize a credit or debit card transaction by inserting their card and entering a PIN into a point-of-sale terminal; the PIN is typically verified by the smart card chip, which is in turn authenticated to the terminal by a digital certificate. The transaction details are also authenticated by a cryptographic message authentication code (MAC), using

503 Year

Chip & PIN...