Sunday, June 19, 2011

Security of Transport Contactless Smart Cards

It is possible to sniff data but what can thieves do with it?

Contactless smart cards have been touted for their speed and convenience. But does the technology make it easier for pickpockets to be contactless, too?

Experts say that although it’s possible for a fraudster to buy a card reader on eBay and use it to scan people’s pockets on a subway, there are numerous protection mechanisms in place to keep stolen data from being used as well as new, emerging encryption standards that will further limit such threats.

The pickpocket issue garnered media attention in December, when a CBS affiliate in Memphis, Tenn., followed a man who was able to swipe credit card information from unsuspecting passers-by. Using an off-the-shelf card reader that he bought online for less than $100 and a mini laptop, the man was able to obtain credit card numbers, expiration dates and some cardholder names.

But that is likely as far as a thief will get, experts say. It is possible to use a contactless reader to pick up information from a card on the subway or in an elevator, but it is unlikely that he could use the information to go on a shopping spree.

That is because the account number and other information obtained from a contactless card is not enough to complete a financial transaction. Unlike magnetic stripe cards, most contactless payment cards use a dynamic element to authenticate each transaction.

Things to look out for:
  • Transaction security - MAC across the transaction and on data (digitally signed)
  • Internal abuse and insider job/attacks
  • Mixed modes (used for many things, loyalty, credit card, door access, etc.)
  • Design issues e.g. key mgt (not public key) and weak crypto
Encryption levels can also dictate a card’s vulnerability. If a card’s encryption uses a weak algorithm or no encryption at all, the information may be easily read.

Advanced techniques for extracting a card’s encryption key are possible, but they typically require the physical possession of the card and access to highly specialized equipment.

For unencrypted air interfaces, data can be read by off-the-shelf readers and then programmed into a different physical card. Then an attacker could use the stolen card information to perform transactions that are identical to those performed by the legitimate card. In the case of payment cards, however, this process is complicated by the use of additional security mechanisms such as dCVCs.

Known cases and attacks:
  • HK Octopus cards
  • NETS CashCard
Past demos: Examples
  • Virtual pick-pocketing on contactless cards in Paris, on Cartes exhibition in 2005
  • Youtube movies
  • ePassport attack demos
Interesting countermeasures

There is actually one way to protect against undesired interrogation of a RFID card. Cardlab has a patented RFID jam switch which distort the RFID signal when interrogated. The owner simply taps or bend the card to turn off the jammer and the card is able to communicate. It is effective it's cheap and it gives the consumer just that real feel of security he needs in order for him to trust the technology.
If it’s a dual-interface government PIV card, the thief could obtain the cardholder’s unique identifier, or CHUID, a number that uniquely identifies an individual within the PIV system, according to experts with Exponent, a Menlo Park, Calif.-based engineering and scientific consulting firm. The remaining chip information would only be accessible via the contact interface so it is not at risk from such attacks.

Refer here or here to read relevant / further details.

No comments: