A group of researchers has found a significant flaw in the chip-and-PIN security system used by credit card companies in the UK. The weakness allows an attacker to use a card without the PIN associated with it.
In a normal transaction using the chip-and-PIN system, the cardholder needs to enter a PIN to authenticate himself. But the researchers discovered a way to use the card while entering any PIN, rendering the authentication system useless. And in fact, because of the way the system works, the transaction would look completely legitimate to the bank, which would show that the correct PIN was used.
The flaw is that when you put a card into a terminal, a negotiation
takes place about how the cardholder should be authenticated: using a
PIN, using a signature or not at all. This particular subprotocol is
not authenticated, so you can trick the card into thinking it’s doing a
chip-and-signature transaction while the terminal thinks it’s
chip-and-PIN. The upshot is that you can buy stuff using a stolen card
and a PIN of 0000 (or anything you want). We did so, on camera, using
various journalists’ cards. The transactions went through fine and the
receipts say “Verified by PIN”.
The attack was developed by a group of researchers at Cambridge University, including Ross Anderson, Steven J. Murdoch, Saar Drimer and Mike Bond. The group found that they were able to use the attack successfully online, as well as in real-world transactions.
So what went wrong? In essence, there is a gaping hole in the
specifications which together create the “Chip and PIN” system. These
specs consist of the EMV protocol framework, the card scheme individual
rules (Visa, MasterCard standards), the national payment association
rules (UK Payments Association aka APACS, in the UK), and documents
produced by each individual issuer describing their own customisations
of the scheme. Each spec defines security criteria, tweaks options and
sets rules – but none take responsibility for listing what back-end
checks are needed. As a result, hundreds of issuers independently get
it wrong, and gain false assurance that all bases are covered from the
common specifications. The EMV specification stack is broken, and needs
fixing.
The chip-and-PIN system is the dominant security scheme for credit card transactions in the UK, and the researchers said that the system needs to be completely reworked.
“Over the past five years, thousands of cardholders have
had stolen chip and pin cards used by criminals. The banks often tell
customers that their pin was used and so it’s their fault. Yet we’ve shown
that it’s easy to use a card without knowing the pin – and the receipt will
say the transaction was ‘verified by pin’ even though it wasn’t,” Anderson said in a statement.
