FTA: <i>A fraudulent chip can listen for that query and pre-empt the real chip with its own answer: a “yes” signal regardless of whatever random PIN the fraudster has entered. “The attacker intercepts the PIN query and replies that it’s correct, whatever the code is,”</i><p>Wait, what? How is that the protocol? There's no two way validation at all? The chip just says "yes"?!<p>Can anyone with knowledge of details confirm? This seems isomorphic to my ears with "the PIN is just security theater".
This is technically old news - as the article states, it has since been resolved. Edit: I guess they're shedding new light on how they performed the hack.<p>Another thing, in context of USA, is that the authentication being done isn't much of a vulnerability as this only applies to offline chip transactions. In the USA (I believe) and here in Canada, all transactions are online, which means the pin will be rejected by your financial institute's back end systems in these scenarios.<p>These types of hacks have since been corrected using what is called CDA (Combined Data Authentication). Blurb on SDA/DDA/CDA here: <a href="http://www.cryptomathic.com/hubfs/docs/cryptomathic_white_paper-emv_key_management.pdf" rel="nofollow">http://www.cryptomathic.com/hubfs/docs/cryptomathic_white_pa...</a><p>Edit: Many Canadian financial institutes still use the weakest data authentication (SDA) because all transactions go online - spoofing a card PIN verification response doesn't fool the back-end system. Visa and Mastercard both have mandates to have newly issued cards be provisioned on chips with CDA (I believe, could be DDA which would still be susceptible to this attack).<p>Edit 2: When I say "offline", I mean at a point of sale machine - the POS does not reach out to the payment network to perform an "online" transaction where the PIN and card are validated by the back-end systems.<p>Edit 3: The article doesn't give EMVCo any credit for actually solving the issue before any real world hack was known to exist.
That's amazing. They were able to MITM the chip-and-pin chip by taking it out and attaching it to another hobbyist chip that's capable of spoofing the response, and the whole thing when put back in the card was only a slight bulge bigger than the original.<p>They say nearly 600k Euros were charged, but given the sophistication of the attack, I wouldn't be surprised if we hear later that it was in use at different locations as well, and we just aren't hearing about it because they haven't caught those people yet. They only caught these ones because they kept going back to the same locations.
I'm dealing with development on some of this right now for US based POS customers and so far everything I've been told is that the US isn't even going to attempt to utilize the PIN entry capabilities, so we're still using signature validation in case of fraud. I'm not sure how this is any better than MSRs. The whole spoofing PIN validation thing doesn't even come into play because it's not even going to be checked.
What's this (Chip and Pin) being crap already disclosed here?
<a href="https://media.blackhat.com/bh-us-11/Laurie/BH_US_11_Laurie_Chip_Pin-Slides.pdf" rel="nofollow">https://media.blackhat.com/bh-us-11/Laurie/BH_US_11_Laurie_C...</a>
Watched this a couple of days ago and found it quite interesting talking about C&P flaws <a href="https://www.youtube.com/watch?v=Ks0SOn8hjG8" rel="nofollow">https://www.youtube.com/watch?v=Ks0SOn8hjG8</a>
Noteworthy: <i>For the Cambridge researchers, the French attack is an “I-told-you-so” moment. Five years ago, EMVCo and the UK Cards Association both dismissed their attack as improbable or impossible.</i>
Found some details of the cards<p><a href="http://www.infinityusb.com/default.asp?show=store&ProductGrp=8" rel="nofollow">http://www.infinityusb.com/default.asp?show=store&ProductGrp...</a>
Let's not lose sight of one thing -- this doesn't make chip-and-pin <i>less</i> secure than swipe-and-sign, it just makes it <i>no more</i> secure, in the worst case.
I was under the impression that the card created a cryptographic signature on the transaction, and the card had to receive the correct pin before it would sign it. Which is why you have to leave the card in the reader until the total is completed. Is this really not the case? Or does the card still cryptographically sign the transaction, but doesn't process the PIN first (other than answering valid/invalid)?
> "They also note that other protections have been added to the system at the network level, which they decline to detail for fear of tipping off criminals."<p>Security by obscurity. That's always a good plan. I'm sure that folks who went through all this trouble to design this hack wouldn't ever be able to find that information. </sarcasm>
pretty lame if the card can just say "yes" no matter what PIN is entered.<p>Away from being a proprietary tech, I'm not sure why fingerprinting the magnetic stripe never took off. It seems so much simpler, and if you cannot rearrange iron at the molecular level impossible to replicate.<p><a href="http://www.magtek.com/V2/media/whitePapers/2012/MagTek-WP-An-Introduction-to-Dynamic-Authentication-To-Launch.pdf" rel="nofollow">http://www.magtek.com/V2/media/whitePapers/2012/MagTek-WP-An...</a>
So those millions spent replacing everyone's card and all the vendors merchant machines was a waste.<p>Besides you can just use the chipped card online without the chip or pin?