Whatever you buy in the shops, you probably pay with a chip and pin card, tonight Newsnight has exclusive evidence that they are vulnerable to fraudsters. The implications could be huge for millions of shoppers. We’ll be asking what are the banks going to do about it?[From BBC NEWS | Talk about Newsnight | Tuesday, 26 February, 2008]
But it turned out not to be an exciting breach of chip and PIN security, using (for example) liquid nitrogen to extract keys or something similar, leading to “chip and PIN” fraud, but “PIN fraud” as usual. The allegation — which is, as far as I know, wholly true — is that track 2 data and PINs are being stolen from compromised terminals and then used to create counterfeit magnetic stripe cards. Sandra Quinn from APACS, who was being tortured by Paxo (it’s a peculiarly British bloodsport), said — again, wholly true — that ICVV has been introduced from 1st January 2008 to mitigate this particular fraud. For the uninitiated, ICVV replaces the CVV in the Track 2 (equivalent) data stored in the EMV chip. Thus, if a bank host sees a magnetic stripe transactions with the ICVV in it, they know it’s a counterfeit stripe. The ICVV varies from CVV by replacing the PAN Sequence Number with 99 instead of the actual value when deriving the code.
I must point out, in the spirit of shared openness and truth seeking, that we just checked the three cards we could find in our office that were issued after 1st January 2008 and we found that the Barclaycard and the Nationwide card do have ICVV, the other unnamed large U.K. issuer’s card doesn’t have ICVV. So, on balance, Sandra wins!
The guys at Cambridge (who were featured in the programme — I’ll see if I can grab them for a podcast next time I’m in Cambridge) made a number of good points (asking, for example, why cardholder data is sent between cards and terminals in the clear) but in essence it’s the same story that we’ve been tracking here for years. Not that I’m in any way dismissing the real problems that it means for members of the public whose cards details are compromised in nobbled terminals. And Ross’ key point that PINs used to be only used in controlled environments (ATMs) but are now used everywhere and are therefore easier to steal is, of course, unanswerable. The solution is to stop using magnetic stripes, of course, but that looks some way off!
Following on from the programme, and yesterday’s blog posts, I was once again thinking about the difference between tamper-resistant and tamper-evident. As far as I am aware — but I’d be delighted to receive more information on this topic — there is no requirement for EMV POS terminals to be tamper-resistant but they are supposed to be tamper-evident. The always-worth-reading Nick Szabo had a good post talking about tamper-evident technology. He wasn’t talking about smart cards that blow up when you probe them, but the ancient Sumerian equivalent. Along with the tamper evident clay (once you’d baked it, no-one could change it), they developed a kind of virtual tamper evidence. It took the form of two sets of numbers. On the front of the tablet, each group of commodities would be recorded separately. The example Nick gives is that on the front of a tablet would be recorded 120 pots of wheat, 90 pots of barley, and 55 goats. On the reverse would simply be recorded “265”, the total (without categories). The scribe, or an auditor, would then verify that the sum was correct. If not, an error or fraud had occured. Note the similarity to tamper evident seals — if a seal is broken, this meant that error or fraud had occured. The breaker of the seals, or the scribe who recorded the wrong numbers, or the debtor who paid the wrong amounts of commodities would be called on the carpet to answer for his or her discrepancy. So there we go: clay seals for all Shell garages and the problem is sorted!
These opinions are my own (I think) and presented solely in my capacity as an interested member of the general public [posted with ecto]