Securing Card-Not-Present Transactions through EMV Authentication. Matthew Carter and Brienne Douglas December 18, 2015

Transcription

1 Securing Card-Not-Present Transactions through EMV Authentication Matthew Carter and Brienne Douglas December 18, 2015

2 Outline Problem Card-Not-Present (CNP) vs. PayPal EMV Technology EMV CNP Experiment Summary Questions

3 Problem: Payment Card Fraud (1) Types of Payment Cards o Debit o Credit In 2014, over 13 million Americans were victims Source: AiteGroup, EMV: Lessons Learned and the U.S. Outlook, June 2014

4 Problem: Payment Card Fraud (2) U.K. was early adopter of EuroPay, MasterCard, and VISA (EMV) technology Counterfeit cards (Cloning) decrease Card-Not-Present (CNP) fraud has sharp increase o Purchases over internet o Purchases over phone

5 Problem: Payment Card Fraud (3) Card-not-Present Fraud losses in millions of pounds The UK Cards Association

6 Traditional CNP Transactions Secret card data provides transaction authorization o Card number o Expiration Date o Etc. Third party passively viewing can repeat transaction

7 CNP Attack Man-in-the-middle-proxy (mitmproxy) Checkout Service o GET st &card[number]= &card[cvc]=151&card[exp_month] =6&card[exp_year]=2016&card[name]=te st

8 Existing CNP Alternatives PayPal User card information encrypted on PayPal Servers Payment transactions done via tokenization Sniffed SSL traffic reveals some user information leaked o Account details encrypted prior to transmission

9 EMV Technology Chip-and-PIN EMV provides Card Verification Technologies o Static Data Authentication (SDA) o Dynamic Data Authentication (DDA) o Combined DDA & Application cryptogram (CDA)

10 EMV Dynamic Data Authentication (1) Private RSA key used for signature generation Provides Public Certificates o Card Certificate o Issuer Certificate Card Signature Verified By Issuer Public Certificate Verified By Certificate Authority Public Certificate

11 EMV Dynamic Data Authentication (2) Card Generate Signature Dynamic Data Terminal Transmits dynamic data to be included in signature Responds with signature Signature Verifies signature

12 EMV CNP Experiment Force online transactions to run DDA for card verification Verify signature at remote location Verify payment card data is not susceptible to man-in-the-middle attack

13 EMV CNP Components Client Machine Running Software Smart Card Reader Server Machine Running Software Payment Card with Integrated Chip

14 Client and Server Machines Client o Card Reader Software o Client HTTPS Software Server o XAMPP Server Software Apache MySQL Tomcat o Java Servlets Dynamic Data Generation Card Signature Verification

15 EMV CNP Steps Read Card Generate Dynamic Data Card Signature Generation Verification of Signature

16 Read Card Step Send READ RECORD to read SFI 1 record APDU: 00 b2 04 0c 00 Response Parsed: c3 -- Record Template 9f b0 ICC Public Key Certificate 55 ea 24 5f 3c da 9f ICC Public Key Exponent 03

17 Dynamic Data Generation Sample output from Server:

18 Card Signature Generation Send INTERNAL AUTHENTICATE command Sending HTTPS request to url : Response Message Template Format 2 9f 4b Signed Dynamic 46 f2 60 df Application Data Response Code : 200 authenticationrelateddata = F69A EC1B3 Command Bytes: f6 9a e c1 b3 00

19 Card Signature Verification (1) Certificate Authority (CA) Public Key o Application Identifier (AID) o CA Public Key Index Issuer Public Key Integrated Circuit Chip (ICC) Public Key o Card Public Key

20 Card Signature Verification (2) Sample output from Server:

21 Card Signature Verification (3) Sample output from Server:

22 Summary EMV deployment known to mitigate card-present fraud; does nothing for card-not-present (CNP) transactions Attempts to secure CNP payments with dynamic data authentication (DDA) using RSA key pair proved successful

23 Questions