Chip-and-PIN cards easily cloning with the pre-play attack

A team of British researchers discovered a series of security flaw, Pre-Play Vulnerability, which allow Chip-and-PIN Payment Card Cloning.

The recent incident to the US giant retailers Target and Neiman Marcus has raised the debate on the real level of security of credit/debit cards used by US citizens, in response VISA and Mastercard are accelerating the migration to EMV chip cards, aka Chip-and-PIN cards.

The payment systems are migrating from magnetic stripe payment cards to chip based cards, practically EMV chip cards generate for every transaction a unique code, in this way is hard for an attacker clone the card and use it in illicit payments.

A group of researchers at the University of Cambridge in the UK, composed by Mike Bond, Omar Choudary, Steven J. Murdoch, Sergei Skorobogatov and Ross Anderson, has demonstrated that the above code associated for each transaction is not really unique because of an implementation flaw.

The researchers have published an interesting paper that describes an implementation flaw and a serious issue in the protocol used for the generation of casual numbers.

The above critical vulnerabilities in the Chip-and-PIN smart card payment system that makes EVM vulnerable to “pre-play” attack. In the paper the experts explain how attacks can be carried out against ATMs and other type of payment terminals.

The bad news is that according the study the above problems are difficult to fix.

“Some EMV implementers have merely used counters, timestamps or home-grown algorithms to supply this nonce,” “This exposes them to a ‘pre-play’ attack which is indistinguishable from card cloning from the standpoint of the logs available to the card-issuing bank, and can be carried out even if it is impossible to clone a card physically.”

“We found flaws in widely-used ATMs from the largest manufacturers,” the paper said. “We can now explain at least some of the increasing number of frauds in which victims are refused refunds by banks which claim that EMV cards cannot be cloned and that a customer involved in a dispute must therefore be mistaken or complicit.” the paper said.

EMV devices generate the so-called “unpredictable numbers” (UNs) for every transaction, but the experts claimed that payment machines fail to properly generate random numbers that are required by the EMV protocol to securely authenticate transaction requests for Chip-and-Pin cards.

Researchers claimed to have discovered the algorithm to predict the randomly generated numbers.

“EMV implementers have merely used counters, timestamps or home-grown algorithms to supply this nonce. This exposes them to a “pre-play” attack which is indistinguishable from card cloning from the standpoint of the logs available to the card-issuing bank, and can be carried out even if it is impossible to clone a card physically.”

The flaw could allow cyber criminals to clone the credit/debit cards. The researchers demonstrated the Proof-of-Concept of a critical vulnerability known as “no PIN”, which lets criminals use stolen Chip-and-PIN cards without knowing the PIN. Through the use of malware, cyber criminals could perform a man-in-the-middle attack on the communications between a pin terminal and a credit/debit card retrieving all the information necessary for a fraudulent actvity.

“This variant of the pre-play attack may be carried out by malware in an ATM or POS terminal, or by a man-in-the-middle between the terminal and the acquirer,” the paper said.

“The flaw is that when you put a card into a terminal, a negotiation takes place about how the cardholder should be authenticated: using a PIN, using a signature or not at all. This particular subprotocol is not authenticated, so you can trick the card into thinking it’s doing a chip-and-signature transaction while the terminal thinks it’s chip-and-PIN. The upshot is that you can buy stuff using a stolen card and a PIN of 0000 (or anything you want). We did so, on camera, using various journalists’ cards. The transactions went through fine and the receipts say ‘Verified by PIN’.” the researchers explained.

Cybercrime ecosystem is already aware of the vulnerability and currently in the underground it is possible to find the necessary hardware to clone Chin-and-PIN based cards easily. According researchers Chip-and-PIN system is affected by numerous flaws that are hard to be fixed.

The researchers are skeptical on the response of the banking industry:

“The banks appear to have ignored this, perhaps reasoning that it is difficult to scale up an attack that involves access to specific physical cards and also the installation of malware or wiretaps on specific terminals,” the paper said. “We disagree. The Target compromise shows that criminals can deploy malware on merchant terminals widely and exploit it to earn serious money.”

Pierluigi Paganini

(Security Affairs – Chip-and-PIN cards, cybercrime)