It’s not often that someone telling me about an EMV fraud exploit makes me laugh out loud, so I got permission to share the story with you.
There is a particular kind of attack on EMV that works because the cryptographic data of a certain kind (“cryptograms”) generated by certain kinds of cards are not properly checked when they wend their way back to the issuing bank.
(Please note that this attack does not work with UK issued cards, or a least cards issued by UK issuers who have the right consultants, and hasn’t worked here for many years.)
The cryptograms aren’t checked properly for, by and large, one of two reasons. It’s either because the It’s either because the bank hasn’t installed the necessary hardware and software to do it properly (this sometimes happens because they are pushed into issuing but don’t have the budget or time to do things correctly) or the bank does have the necessary infrastructure but the operations people get the IT people to ignore the cryptogram check as customers are getting annoyed with transactions being declined.
(Please don’t bother sending me emails about these points because I know the statements are gross oversimplifications!)
Anyway, on with the story.
Many years ago, when my colleague at Consult Hyperion were testing this sort of thing in the UK, we used to make our own EMV cards. To do this, we essentially we took valid card data and loaded it onto our own Java cards. These are what we in the business call white plastic, because they are a white plastic card with a Java card chip on it but otherwise completely blank
Since the our white plastic card could not generate the correct cryptogram (because you can’t get the necessary key out of the chip on the real card), we just set the cryptogram value to be “SDA ANTICS” or whatever (in hex).
You might call these cards pseudo-clones. They act like clones in that they work correctly in the terminals, but they are not real clones because they don’t have the right keys inside them. Naturally, if you make one of these pseudo-clones, you don’t want to be bothered with PIN management so you make it into what is called a “yes card”. That is, you instead of programming the chip to check that the correct PIN is entered, you programme it to respond “yes” to whatever PIN is entered.
It’s one of our campfire stories that I got into a lot of trouble once with one of the UK issuing banks because I once thought it would be cute to demonstrate our EMV chops with one of these cards.
I had a new card issued to me. When the PIN mailer arrived I didn’t open it. We made a clone of the card as a “yes card” and I used it to buy a train ticket to go up to a meeting at the bank. When we got to the bank I showed them the train ticket, the POS receipt showing that the card had been used and the PIN verified, the card and the unopened PIN mailer. I thought they would think this was interesting and would immediately hire the right consultants to help them sort out their issuing strategy. Instead, they got really upset with me because it meant they had to stop card issuing and go to the marketing persons and explain to them why one of their favourite projects was going on ice. Oh well.
The reason I’m telling you this yonks old stuff about the early days of EMV is that in some countries these problems, the problems associated with certain kinds of cryptograms not being checked, still exist and I just heard a terrific first-hand story about this from a pal. He discovered that a particular bank in a particular country was issuing the particular kind of card that could be vulnerable to this kind of attack and he wanted to find out whether the bank was actually checking cryptograms properly (they weren’t). In order to determine this he made a pseudo-clone card. He programmed it as a “yes card” and went into a shop to try it out.
When he put the completely white card into the terminal, the shopkeeper asked him what he was doing and what the completely blank white card was. My pal, thinking quickly, told him that it was one of the new Apple credit cards. “Cool” said the shopkeeper, “How can I get one?”.