Content
In today's article I will talk about the methods of fraud with such cards, as well as the methods used by banks to counter carders.
Chip Legacy
One of the types of information contained on the chip card is the so-called Track2 Equivalent. It almost repeats the contents of the magnetic stripe one-to-one and, most likely, serves as a card identification parameter in HSM systems and other card processing subsystems.
One of the types of attacks that are carried out from time to time by cybercriminals involves recording Track2 Equivalent data on a magnetic stripe, after which fraudulent operations are carried out either as regular transactions on a magnetic stripe or in a technical fallback mode. To steal such data from ATMs, so-called shimmers are used.
Shimmer - a device for discreet data removal when using chip cards at ATMs
In one of the articles on the PWM-Ming mentioned that in 2006, at the beginning of issuance of chip cards in the UK field Track2 Equivalent contained the original CVV2 / CVC2. Because of this error, it was easy to create clones of magnetic stripe cards, which were used for payment using a chip. Then the payment systems decided to use different seeds when generating CVV2 / CVC2 fields on the magnetic stripe and in the Track2 Equivalent field. It would seem that the problem has been solved - the value of the secret field CVV2 / CVC2 on the magnetic stripe does not coincide with what is written on the chip. But shimming is alive and well. Why?
Many banks still approve transactions with CVV2 / CVC2 values read from the chip! This is often mentioned by Visa and almost never written to MasterCard. One of the reasons, in my opinion, is that in almost all MasterCard cards the CVC2 in Track2 Equivalent is equal to 000. For Russian cards, this is also irrelevant: among the dozens of banks I have tested over the past two years, I have not found a single card where this attack would be possible. Nevertheless, it is worth noting that such attacks are popular in Ame Rica .
One of the few MasterCard cards with which I was able to reproduce this attack belonged to a bank that did not check the value of the CVC2 field at all. I could substitute anything there - 000, 999, or any other options in between. Most likely, this bank has not turned off the debug mode, which approves any transactions.
What is it fraught with? A hacker could change the Service Code field, indicating that the card does not contain a chip, and verification of the integrity of this field would be impossible, because any CVC2 was accepted by processing. The vulnerability, very much like the next one on the list, was quickly fixed after a letter to the bank.
According to my statistics, 4 out of 11 cards were subject to similar ata Cams.
Brazilian hack
This term refers to several types of attacks, including the attack on offline terminals described by Kaspersky Lab. Brian Krebs spoke about the most massive attack with this name. What is the essence of the sensational attack?
In the early 2010s, chip cards finally became widespread in the United States. Several banks have started issuing such cards. It is worth noting that so far the most common chip scheme in the USA is not Chip & PIN, but Chip & Signature. The owner of such a card does not need to enter a PIN-code, but only needs to insert the card into the reader and confirm the transaction with a signature on the receipt. Why this scheme has taken root so well - I will tell you further.
It seems to me that somewhere in this process there was an insider leak of information, and the hackers found out that the chip transaction seems to go through, but is not verified on the side of the issuing bank. The bank simply took the Track2 Equivalent field and performed identification as if it were a normal magnetic stripe transaction. With a few nuances: the issuing bank was now responsible for this kind of fraud under the new EMV Liability Shift rules. And issuing banks, not fully understanding how such cards worked, did not impose strong restrictions on "chip" transactions and did not use anti-fraud systems.
Quickly realizing that they could benefit from this, carders opened merchant accounts and, using black market data from Track2 magnetic stripes, made hundreds of transactions in a “chip”. The investigation took years, and by the time the investigation was over, the scammers had already disappeared. The amount of losses was not disclosed, but it is clear that they were significant. The saddest thing is that since then the inhabitants of Latin America have been scouring all over the world in search of "white whales" and are actively testing banks, trying to find another, equally non-disabled debugging interface.
Cryptogram Replay and Cryptogram Preplay
"In the wild" such an attack was observed only once. It has been documented and described (PDF) in a study by renowned experts from the University of Cambridge.
The essence of the attack is to bypass the mechanisms that ensure the uniqueness of each transaction and cryptogram. The attack allows you to "clone transactions" for further use without access to the original card. In the first hour or minute it has told that the input card receives a certain set of data: the amount, the date of the transaction, as well as two fields, providing the entropy, even if the amount and date of the same. From the terminal side, entropy 2 32 is provided by 4 bytes of the field UN - a random number. From the side of the card - ATC-counter of operations, increasing by one each time. The pseudo function looks something like this:
If one of the fields changes, the output value of the cryptogram also changes. However, what happens if all fields remain the same? This means that the previous cryptogram will remain valid. This leads to two possibilities for attacks on chip transactions.
Cryptogram Replay. If the compromised terminal issues the same field UN, once read from the card, the cryptogram with the transmitted predictable field UNcan be used as many times as desired. Even the next day, attackers can transmit information about the old cryptogram with the old date in the authorization request, and this will not lead to denial. In my tests last year, I repeated the same cryptogram seven times over seven days, and this did not raise any suspicion from the bank.
Cryptogram Replay Attack Scheme
Cryptogram Preplay. This scheme is used if the vulnerable terminal does not return the same UN, but gives them predictable ones. This is how the vulnerable ATM worked in the Maltese attack described above. In this case, the attacker, when physically accessing the card, clones several transactions "for the future." Unlike the first attack, each transaction can only be used once.
This attack is interesting from the historical point of view of the development of the EMV protocol. When the protocol was created, the ATC field was created specifically to protect against such attacks.
The issuing bank had to check the value of the ATC field, and if these values came out of order, with noticeable jumps, suspicious transactions were rejected.
For example, if transactions with the ATC value were received for processing , then the transactions whose numbers are highlighted in this sequence should have been considered suspicious and rejected by the processing. But then complaints from customers began to come in, and adjustments were made to the technology.
0001, 0002, *0008*, *0008*, *0008*, 0009, 0010, *0003*, *0004*
Consider an example: a bank client gets on a plane, pays in the plane with a card using an offline terminal. Then the plane lands and the client pays with a card at the hotel. And only after that, the terminal used on the plane connects to the network and transmits transaction data. In this case, a jump in ATC will be recorded, and, following the rules of payment systems, the bank could reject an absolutely legitimate transaction. After several such episodes, payment systems have made adjustments to their requirements for ATC leaps:
In some cases, improper design of processing services leads to the fact that the bank cannot simply block operations with the same values. It is also worth noting that in the "wild" I have not come across terminals that would return the same UN field value. This means that attackers have to use their own terminals, which makes money laundering more difficult.
In addition, even offline authentication does not always help: it can be bypassed or it can be assumed that the UN source is compromised in it. In this case, the resulting values of the DDA / CDA authentication schemes for the predictable UN field can be calculated in advance.
Statistics show that 18 out of 31 bank cards are susceptible to replay / preplay attacks against a contact or contactless chip. At the same time, in Russia, I could not find a single bank vulnerable to this type of attack, which is extremely curious.
PIN OK
This is perhaps the most famous attack on chips. The first theoretical prerequisites for this attack were described by the Cambridge team in 2005 in the Chip and Spin study, a year before the EMV standard became widespread in the UK. But the increased attention to this attack came much later.
In 2010, a full-fledged study of the Cambridge Four was published on the PIN OK attack. For this attack, they used a device that implements a man-in-the-middle technique between the card chip and the terminal's reader.
A device for the implementation of the "man in the middle" technique
In 2011, at the Black Hat and DEFCON conference, a group of researchers from Inverse Path and Aperture Labs unveiled more information about this attacker. At the same time, in 2011, an organized criminal group used 40 stolen bank cards to carry out 7,000 fraudulent transactions, as a result of which 680 thousand euros were stolen. Instead of the bulky device used by the researchers, the criminals used a small, inconspicuous "second chip" installed on top of the original, which made it possible to emulate the attack in real conditions.
In December 2014, Inverse Path researchers brought up the topic of EMV transaction attacks again and presented [some statistics they had collected over three years (PDF). In 2015, a detailed technical case study (PDF) was released by unknown attackers in 2011.
Let's take a look at the technical details of this attack. To implement it, recall, you need to use the man in the middle technique. The card transmits to the terminal the CVM List (Card Verification Method) field - a priority list of cardholder verification methods supported by the card. If the first rule on the card is "Offline-PIN Encrypted / Unencrypted", nothing happens at this stage. If the first rule is different, then during the attack, the first rule is changed to "offline-PIN".
The terminal then asks the cardholder for a PIN-code. The “offline-PIN” rule means that the PIN-code will be sent to the card for verification in clear or encrypted form. In response, the card will either answer 63C2"Invalid PIN, there are two attempts left", or 9000"PIN OK". It is at this stage that an attacker who has infiltrated the authorization process will replace the first response with the second.
At this stage, the terminal considers that the PIN has been entered correctly, and requests a cryptogram from the card (Generate AC request), transmitting all the requested fields to it. The card knows that the PIN is either not entered at all, or entered incorrectly. But at the same time, the card does not know what decision the terminal made next. For example, there are terminals that, when entering an incorrect PIN-code, ask the cardholder to sign on the touchscreen - this is done for his own comfort. Therefore, when the terminal asks for a cryptogram, the card gives it back. The response contains the CVR - Card Verification Results field, which indicates whether the PIN was verified by the card or not. Moreover, this field is part of the payment cryptogram, and attackers will not be able to change its value:
The terminal sends all data in the ISO 8583 Authorization Request packet to the acquiring bank, then they are sent to the issuing bank. The bank sees two fields: CVMResults, which indicates that the offline PIN has been selected as the verification method and that the terminal supports this verification method. But the bank also sees that the card did NOT accept the PIN-code or that it was entered incorrectly. And in spite of everything, he approves the transaction.
If the card uses the CDA authentication scheme and attackers need to override the first CVM list rule, offline authentication will fail. However, this is always bypassed by substituting Issuer Action Code fields. The details of this case are described in the latest version of the presentation from 2014 by experts from Inverse Path.
Also, in the first study from 2011, experts showed that the EMV standard allows you not to reject transactions on a payment device, even if secure authentication and verification methods did not work, but go further, each time choosing less secure methods (the so-called fallback). This opens up other opportunities for attackers, including PIN stealing attacks during operations on compromised POS terminals.
Conclusion
Interesting statistics for the last year: despite the fact that back in 2010, "real security guards" from banks were moved by the fact that someone did not follow the obvious problems of card processing, in 2021 everything is about the same bad. The statistics of inspections over the past year showed that 31 out of 33 bank cards from different parts of the world, including Russian ones, are vulnerable to this attack.
In the next article, I will consider the schemes of attacks on contactless cards and related applications - mobile wallets.
- Chip Legacy
- Brazilian hack
- Cryptogram Replay and Cryptogram Preplay
- PIN OK
- Conclusion
In today's article I will talk about the methods of fraud with such cards, as well as the methods used by banks to counter carders.
Chip Legacy
One of the types of information contained on the chip card is the so-called Track2 Equivalent. It almost repeats the contents of the magnetic stripe one-to-one and, most likely, serves as a card identification parameter in HSM systems and other card processing subsystems.
One of the types of attacks that are carried out from time to time by cybercriminals involves recording Track2 Equivalent data on a magnetic stripe, after which fraudulent operations are carried out either as regular transactions on a magnetic stripe or in a technical fallback mode. To steal such data from ATMs, so-called shimmers are used.
Shimmer - a device for discreet data removal when using chip cards at ATMs
In one of the articles on the PWM-Ming mentioned that in 2006, at the beginning of issuance of chip cards in the UK field Track2 Equivalent contained the original CVV2 / CVC2. Because of this error, it was easy to create clones of magnetic stripe cards, which were used for payment using a chip. Then the payment systems decided to use different seeds when generating CVV2 / CVC2 fields on the magnetic stripe and in the Track2 Equivalent field. It would seem that the problem has been solved - the value of the secret field CVV2 / CVC2 on the magnetic stripe does not coincide with what is written on the chip. But shimming is alive and well. Why?
Many banks still approve transactions with CVV2 / CVC2 values read from the chip! This is often mentioned by Visa and almost never written to MasterCard. One of the reasons, in my opinion, is that in almost all MasterCard cards the CVC2 in Track2 Equivalent is equal to 000. For Russian cards, this is also irrelevant: among the dozens of banks I have tested over the past two years, I have not found a single card where this attack would be possible. Nevertheless, it is worth noting that such attacks are popular in Ame Rica .
One of the few MasterCard cards with which I was able to reproduce this attack belonged to a bank that did not check the value of the CVC2 field at all. I could substitute anything there - 000, 999, or any other options in between. Most likely, this bank has not turned off the debug mode, which approves any transactions.
What is it fraught with? A hacker could change the Service Code field, indicating that the card does not contain a chip, and verification of the integrity of this field would be impossible, because any CVC2 was accepted by processing. The vulnerability, very much like the next one on the list, was quickly fixed after a letter to the bank.
According to my statistics, 4 out of 11 cards were subject to similar ata Cams.
Brazilian hack
This term refers to several types of attacks, including the attack on offline terminals described by Kaspersky Lab. Brian Krebs spoke about the most massive attack with this name. What is the essence of the sensational attack?
In the early 2010s, chip cards finally became widespread in the United States. Several banks have started issuing such cards. It is worth noting that so far the most common chip scheme in the USA is not Chip & PIN, but Chip & Signature. The owner of such a card does not need to enter a PIN-code, but only needs to insert the card into the reader and confirm the transaction with a signature on the receipt. Why this scheme has taken root so well - I will tell you further.
It seems to me that somewhere in this process there was an insider leak of information, and the hackers found out that the chip transaction seems to go through, but is not verified on the side of the issuing bank. The bank simply took the Track2 Equivalent field and performed identification as if it were a normal magnetic stripe transaction. With a few nuances: the issuing bank was now responsible for this kind of fraud under the new EMV Liability Shift rules. And issuing banks, not fully understanding how such cards worked, did not impose strong restrictions on "chip" transactions and did not use anti-fraud systems.
Quickly realizing that they could benefit from this, carders opened merchant accounts and, using black market data from Track2 magnetic stripes, made hundreds of transactions in a “chip”. The investigation took years, and by the time the investigation was over, the scammers had already disappeared. The amount of losses was not disclosed, but it is clear that they were significant. The saddest thing is that since then the inhabitants of Latin America have been scouring all over the world in search of "white whales" and are actively testing banks, trying to find another, equally non-disabled debugging interface.
Cryptogram Replay and Cryptogram Preplay
"In the wild" such an attack was observed only once. It has been documented and described (PDF) in a study by renowned experts from the University of Cambridge.
The essence of the attack is to bypass the mechanisms that ensure the uniqueness of each transaction and cryptogram. The attack allows you to "clone transactions" for further use without access to the original card. In the first hour or minute it has told that the input card receives a certain set of data: the amount, the date of the transaction, as well as two fields, providing the entropy, even if the amount and date of the same. From the terminal side, entropy 2 32 is provided by 4 bytes of the field UN - a random number. From the side of the card - ATC-counter of operations, increasing by one each time. The pseudo function looks something like this:
Code:
Cryptogram = Signature (ATC, UN, Amount, Misc, SecretKey)If one of the fields changes, the output value of the cryptogram also changes. However, what happens if all fields remain the same? This means that the previous cryptogram will remain valid. This leads to two possibilities for attacks on chip transactions.
Cryptogram Replay. If the compromised terminal issues the same field UN, once read from the card, the cryptogram with the transmitted predictable field UNcan be used as many times as desired. Even the next day, attackers can transmit information about the old cryptogram with the old date in the authorization request, and this will not lead to denial. In my tests last year, I repeated the same cryptogram seven times over seven days, and this did not raise any suspicion from the bank.
Cryptogram Replay Attack Scheme
Cryptogram Preplay. This scheme is used if the vulnerable terminal does not return the same UN, but gives them predictable ones. This is how the vulnerable ATM worked in the Maltese attack described above. In this case, the attacker, when physically accessing the card, clones several transactions "for the future." Unlike the first attack, each transaction can only be used once.
This attack is interesting from the historical point of view of the development of the EMV protocol. When the protocol was created, the ATC field was created specifically to protect against such attacks.
The issuing bank had to check the value of the ATC field, and if these values came out of order, with noticeable jumps, suspicious transactions were rejected.
For example, if transactions with the ATC value were received for processing , then the transactions whose numbers are highlighted in this sequence should have been considered suspicious and rejected by the processing. But then complaints from customers began to come in, and adjustments were made to the technology.
0001, 0002, *0008*, *0008*, *0008*, 0009, 0010, *0003*, *0004*
Consider an example: a bank client gets on a plane, pays in the plane with a card using an offline terminal. Then the plane lands and the client pays with a card at the hotel. And only after that, the terminal used on the plane connects to the network and transmits transaction data. In this case, a jump in ATC will be recorded, and, following the rules of payment systems, the bank could reject an absolutely legitimate transaction. After several such episodes, payment systems have made adjustments to their requirements for ATC leaps:
- jumps should be counted only if the delta is between the values of the counter "above X", where the value of X must be determined by each bank individually;
- jumps are not necessarily a sign of fraud, but continuous jumps above the X value are a reason to contact the client to find out the circumstances.
In some cases, improper design of processing services leads to the fact that the bank cannot simply block operations with the same values. It is also worth noting that in the "wild" I have not come across terminals that would return the same UN field value. This means that attackers have to use their own terminals, which makes money laundering more difficult.
In addition, even offline authentication does not always help: it can be bypassed or it can be assumed that the UN source is compromised in it. In this case, the resulting values of the DDA / CDA authentication schemes for the predictable UN field can be calculated in advance.
Statistics show that 18 out of 31 bank cards are susceptible to replay / preplay attacks against a contact or contactless chip. At the same time, in Russia, I could not find a single bank vulnerable to this type of attack, which is extremely curious.
PIN OK
This is perhaps the most famous attack on chips. The first theoretical prerequisites for this attack were described by the Cambridge team in 2005 in the Chip and Spin study, a year before the EMV standard became widespread in the UK. But the increased attention to this attack came much later.
In 2010, a full-fledged study of the Cambridge Four was published on the PIN OK attack. For this attack, they used a device that implements a man-in-the-middle technique between the card chip and the terminal's reader.
A device for the implementation of the "man in the middle" technique
In 2011, at the Black Hat and DEFCON conference, a group of researchers from Inverse Path and Aperture Labs unveiled more information about this attacker. At the same time, in 2011, an organized criminal group used 40 stolen bank cards to carry out 7,000 fraudulent transactions, as a result of which 680 thousand euros were stolen. Instead of the bulky device used by the researchers, the criminals used a small, inconspicuous "second chip" installed on top of the original, which made it possible to emulate the attack in real conditions.
In December 2014, Inverse Path researchers brought up the topic of EMV transaction attacks again and presented [some statistics they had collected over three years (PDF). In 2015, a detailed technical case study (PDF) was released by unknown attackers in 2011.
Let's take a look at the technical details of this attack. To implement it, recall, you need to use the man in the middle technique. The card transmits to the terminal the CVM List (Card Verification Method) field - a priority list of cardholder verification methods supported by the card. If the first rule on the card is "Offline-PIN Encrypted / Unencrypted", nothing happens at this stage. If the first rule is different, then during the attack, the first rule is changed to "offline-PIN".
The terminal then asks the cardholder for a PIN-code. The “offline-PIN” rule means that the PIN-code will be sent to the card for verification in clear or encrypted form. In response, the card will either answer 63C2"Invalid PIN, there are two attempts left", or 9000"PIN OK". It is at this stage that an attacker who has infiltrated the authorization process will replace the first response with the second.
At this stage, the terminal considers that the PIN has been entered correctly, and requests a cryptogram from the card (Generate AC request), transmitting all the requested fields to it. The card knows that the PIN is either not entered at all, or entered incorrectly. But at the same time, the card does not know what decision the terminal made next. For example, there are terminals that, when entering an incorrect PIN-code, ask the cardholder to sign on the touchscreen - this is done for his own comfort. Therefore, when the terminal asks for a cryptogram, the card gives it back. The response contains the CVR - Card Verification Results field, which indicates whether the PIN was verified by the card or not. Moreover, this field is part of the payment cryptogram, and attackers will not be able to change its value:
The terminal sends all data in the ISO 8583 Authorization Request packet to the acquiring bank, then they are sent to the issuing bank. The bank sees two fields: CVMResults, which indicates that the offline PIN has been selected as the verification method and that the terminal supports this verification method. But the bank also sees that the card did NOT accept the PIN-code or that it was entered incorrectly. And in spite of everything, he approves the transaction.
If the card uses the CDA authentication scheme and attackers need to override the first CVM list rule, offline authentication will fail. However, this is always bypassed by substituting Issuer Action Code fields. The details of this case are described in the latest version of the presentation from 2014 by experts from Inverse Path.
Also, in the first study from 2011, experts showed that the EMV standard allows you not to reject transactions on a payment device, even if secure authentication and verification methods did not work, but go further, each time choosing less secure methods (the so-called fallback). This opens up other opportunities for attackers, including PIN stealing attacks during operations on compromised POS terminals.
Conclusion
Interesting statistics for the last year: despite the fact that back in 2010, "real security guards" from banks were moved by the fact that someone did not follow the obvious problems of card processing, in 2021 everything is about the same bad. The statistics of inspections over the past year showed that 31 out of 33 bank cards from different parts of the world, including Russian ones, are vulnerable to this attack.
In the next article, I will consider the schemes of attacks on contactless cards and related applications - mobile wallets.
