chapter 5 notes
DESCRIPTION
chapter 5TRANSCRIPT
October 17, 2012
Shervin Erfani
Fall 2012
Electronic Commerce
Chapter 5 (Part 1)
Micropayment and Stored-Value Cards
Outline
October 17, 2012 288-590-02 E-Commerce, S. Erfani
University of Windsor
• What is Micropayment?
• Smart Card Types
• Smart Cards Components
• ATM Card Cryptography
• OpenCard Framework
• RFID Tags
• Card Security Threats
• Card Manufactures and Issuance
� Octopus
� Mondex
• Summary
What is Micropayment?
October 17, 2012 388-590-02 E-Commerce, S. Erfani
University of Windsor
� All payments less than U.S. $10 are considered micropayments.
� Aim to replace cash
� Constitute electronic purses on integrated-circuit cards
� Smart cards, Memory cards
� Recharging the electronic purse with minetaryvalue requires the intervention of a financial institution.
� Commercial Offers of micropayment systems:
� Octopus
� GeldKarte
� Chiper
� Mondex
October 17, 2012 88-590-02 E-Commerce, S. Erfani
University of Windsor4
Smart Cards
� Magnetic stripe� 3 tracks, ~140 bytes, cost $0.20-0.75
� Memory cards� 1-4 KB memory, no processor, cost $1.00-2.50
� Optical memory cards� 4 megabytes read-only (CD-like), $7-12
� Microprocessor cards
� Imbedded microprocessor� (OLD) 8-bit processor,
16 KB ROM, 512 bytes RAM
� Equivalent power to IBM XT PC
� 32-bit processors now available
SOURCE: MICHAEL I. SHAMOS, CMU
October 17, 2012
Smart Card Applications
88-590-02 E-Commerce, S. Erfani
University of Windsor5SOURCE: JEAN-JACQUES VANDEWALLE
BankingE-Government
Mass Transit
Mobile Telecommunications
PublicTelephony
W-LAN
Access control
Digital RightsManagement
EnterpriseSecurity
Retail
October 17, 2012
Why ePayment with Smart Cards?
88-590-02 E-Commerce, S. Erfani
University of Windsor6
� Objective: replace cash
� Cash is expensive to make and use
� Printing, replacement
� Anti-counterfeiting measures
� Transportation
� Security
� Cash is inconvenient
� not machine-readable
� humans carry limited amount
� risk of loss, theft
� Additional smart card benefits
October 17, 2012 88-590-02 E-Commerce, S. Erfani
University of Windsor7
Smart Card Types
USB token
Java card
Crypto card
SIM card
Memory card SOURCE: ANDREAS STEFFEN
October 17, 2012 88-590-02 E-Commerce, S. Erfani
University of Windsor8
Magnetic Stripe Cards
� Three tracks: 1 & 3 at 210 bits/inch; 2 at 75 bpi
� Start sentinel (1 char): %
� Format code (1 char): B for bank/financial
� PAN, Primary Account Number (19 char)
� Major industry identifier (1 or 2 char): 4, 5 for credit cards
� Issuer (up to 5 char)
� Individual account number (up to 12 char)
� Field separator (1 char): ^
� Name
� Field separator
� Expiration date (4 char): YYMM
� Proprietary fields, including Pin Verification Value (PVV)
Laser Optical Memory Card
October 17, 2012 988-590-02 E-Commerce, S. Erfani
University of Windsor
Capacity: 1MB - 1GB
Microprocessor Card Adoption
October 17, 2012 1088-590-02 E-Commerce, S. Erfani
University of Windsor
SOURCE: DATAQUEST (10/2000)
0
200
400
600
800
1,000
1,200
1,400
1,600
1,800
2,000
2000 2001 2002 2003 2004
Asia Pacific
Japan
Europe
Americas
North America
1999: 500 M microprocessor cards
2004: 1750 M microprocessor cards
MILLIONS
OF CARDS
WORLDWIDE
Smart Card Structure
October 17, 2012 1188-590-02 E-Commerce, S. Erfani
University of Windsor
Contacts (8)SOURCE: SMART CARD FORUM
Epoxy
Microprocessor
Contacts
Card
(Upside-down)
Contacts:
Old (8-bit) Smart Card Architecture
October 17, 2012 1288-590-02 E-Commerce, S. Erfani University of
Windsor
EEPROM:
Electrically
Erasable
Programmable
Read-Only
Memory
SOURCE: SMART CARD FORUM
Smart Card Components (1)
October 17, 2012 1388-590-02 E-Commerce, S. Erfani University of
Windsor
�Processors
� 8-bit, typical clock speed: 5 MHz (8-bit)
� Optional cryptographic processor
� 32-bit, clock speed 300 MHz
� 64-bit, 600 MHz
SOURCE: SUMIT DHAR
Smart Card Components (2)
October 17, 2012 1488-590-02 E-Commerce, S. Erfani University of
Windsor
SOURCE: SUMIT DHAR
� ROM: Read Only Memory
� Used for storing fixed programs. Holds the operating system
� Typically varies from 2KB to around 16 KB
� Once written, cannot be changed
� Occupies the least area
� PROM: Programmable Read Only Memory
� Used for loading card serial number
� Very small, typically just 32 bytes
Smart Card Components (3)
October 17, 2012 1588-590-02 E-Commerce, S. Erfani University of
Windsor
SOURCE: SUMIT DHAR
� EEPROM: Electrically Erasable Read Only Memory� Stores variable data
� Holds various applications and their data.
� Can be read or written to subject to permissions.
� Typically 2 - 32 KB
� RAM: Random Access Memory� Used as temporary storage.
� Erased on power off.
� Typically 128-512 bytes
Cyberflex™ Java Smart Card
October 17, 2012 1688-590-02 E-Commerce, S. Erfani University of
Windsor
SOURCE: MICHAEL I. SHAMOS, CMU
� Complete 32-bit Java run-time environment on a card
� Utilities for compiling and loading cardlets onto the card from a PC
Smart Card Architecture
October 17, 2012 1788-590-02 E-Commerce, S. Erfani University of
WindsorSOURCE: MICHAEL I. SHAMOS, CMU
� File structure (ISO 7816-4)� Cyclic files
� Database management on a card� SCQL (Structured Card Query Language)
� Provides standardized interface
� No need to know file formatting details
How It Works: Cyclic File
October 17, 2012 1888-590-02 E-Commerce, S. Erfani University of
Windsor
� READ gives the most recently written record
� Maximum number of records: 254
� When maximum is reached, first record is overwritten
� Record length: 1 .. 254 bytes
byte number
1 2 3 4 5 6 7 8 9
record
number
1
2
3
4
n
m
n+1st record
SOURCE: ANDREAS STEFFEN
ATM and Debit Card Cryptography
October 17, 2012 1988-590-02 E-Commerce, S. Erfani University of
Windsor
� PIN cannot be stored anywhere in plaintext
� PIN cannot be reverse-engineered from the card or any database
� Generate a random 4-digit number (the PIN)
� Combine PIN with other data (account number) to form a data block
� Encrypt the data block using 3DES and secret bank keys
� Select several digits from the encrypted data to use as the Pin Verification Value (PVV)
Forming the Pin Verification Value
October 17, 2012 2088-590-02 E-Commerce, S. Erfani
University of Windsor
4-DIGIT
PIN
ACCOUNT
NUMBER
SECRET
BANK KEYS3DES
ENCRYPTED
DATA BLOCK
CARD HAS
ACCOUNT NUMBER
AND P V V
PIN VERIFICATION
VALUE (P V V)
SELECT 4-6 DIGITS
FROM ENCRYPTED DATA
BLOCK TO FORM P V V
Using the ATM Card
October 17, 2012 2188-590-02 E-Commerce, S. Erfani University of
Windsor
CARD HAS
ACCOUNT NUMBER
AND PVV
ATM MACHINE READS ACCOUNT
NUMBER AND P V V
4-DIGIT
PIN
ACCOUNT
NUMBERPVV
USER TYPES PIN
MACHINE NOW HAS:
SECRET
BANK KEYS3DES
DECRYPTED
DATA BLOCK
MACHINE HAS BANK
KEYS IN HARDWARE:
PVV
COMPUTE P V V
COMPARE CARD P V V
WITH COMPUTED P V V
PV Vs MATCH?
USER IS AUTHENTIC
PV Vs DIFFERENT?
USER IS REJECTED
OpenCard Framework (OCF)
October 17, 2012 2288-590-02 E-Commerce, S. Erfani University of
Windsor
�OpenCard Framework (OCF) implements the integration of
Smart Cards with Computer systems.
�OCF is a Java-oriented framework based on UNIX operating
system.
�OCF shields the Java applications from specifics of each smart
card or access terminals such as ATM terminal.
�OCF version 1.2 was introduced in 2000 by OpenCard
Consortium, which included IBM and Sun Microsystems.
�OCF is capable of handling several simultaneous requests for
access.
�OCF supports authentication systems that rely on reading
several cards at once.
OpenCard Framework (OCF) Implementation
October 17, 2012 2388-590-02 E-Commerce, S. Erfani University of
Windsor
SOURCE: OPENCARD.ORG
Card Security Threats
October 17, 2012 2488-590-02 E-Commerce, S. Erfani University of
Windsor SOURCE: GAMMA
Group 1 Group 2Group 4
Group 5
Group 6
Group 7
CAD
Clone
Future
Past
CurrentGroup 3
DIRECT ATTACKS ON
CHIP CIRCUITRYINDIRECT ATTACKS
ON CHIP CIRCUITRY
ATTACKS USING CARDS
NOT YET ISSUED, OLD
CARDS, CLONES
ATTACKS ON CARD’S
INTERFACE TO THE OUTSIDE,
E.G. PREMATURE REMOVAL
ATTACKS ON THE RUN-TIME
ENVIRONMENT THROUGH THE
CARD ACCEPTANCE DEVICE (CAD)THREATS FROM CARD APPS AND
NEED TO SHARE RESOURCES
THREATS BASED ON RTE
IMPLEMENTATION
Power and Timing Cryptanalysis
October 17, 2012 2588-590-02 E-Commerce, S. Erfani University of
Windsor
powerconsumption
time
NOP(no operation)
MUL(multiplication)
JMP(jump)
Source: Rankl and Effing, "Handbuch der Chipkarten", 2002
Differential Power Cryptanalysis
October 17, 2012 2688-590-02 E-Commerce, S. Erfani University of
Windsor
SMART CARD POWER CONSUMPTION
DURING DES ENCRYPTION
SOURCE: cryptography.com
16 DES ROUNDSINITIAL
PERMUTATIONFINAL
PERMUTATIONEXPANDED VIEW
OF ROUNDS 2 & 3
� Send different inputs to the Smart Card to learn details of its encryption key
� When a correct key value is tried, the algorithm responds
� Incorrect keys have zero average response
Contactless Card
October 17, 2012 88-590-02 E-Commerce, S. Erfani University of
Windsor27
� Communicates by radio
� Power supplied by reader
� Data rate 106 Kb/sec
� Read 2.5 ms, write 9 ms
� 8 Kb EEPROM, unlimited read, 100,000 writes
� Effective range: 10 cm, signals encrypted
� Lifetime: 2 years (data retention 10 years)
� Two-way authentication, nonces, secret keys
� Anticollision mechanism for multiple cards
� Unique card serial number
SOURCE: GEMPLUS
RFID Tags
October 17, 2012 2888-590-02 E-Commerce, S. Erfani University of
Windsor
32mm and 23mm
capsule transponder
IC Chip
Antenna
How RFID Works1) Tag enters RF field
2) RF signal powers tag
3) Tag transmits ID, plus data
4) Reader captures data
5) Reader sends data to computer
6) Computer determines action
7) Computer instructs reader
8) Reader transmits data to tag
Computer
RFID
Reader
Antenna
Tag
SOURCE: PHILIPS
October 17, 2012
Euro Banknotes
October 17, 2012 88-590-02 E-Commerce, S. Erfani University of
Windsor30
� European Central Bank planned to implant RFID tags in banknotes by 2005
�Uses
� Anti-counterfeiting
� Tracking money flows
Implementation Example 2: Automated
Toll Collection
October 17, 2012 3288-590-02 E-Commerce, S. Erfani University of
Windsor
Implementation Example 3: Hong Kong
Smart Cards
October 17, 2012 3388-590-02 E-Commerce, S. Erfani University of
Windsor
� Octopus
� 12 million cards, 15,000 readers
� 7 million transactions/day
� $48M HKD per day
� Visacash
� ComPass Visa (VME)
� Mondex
� GSM SIM, ePark
Implementation: Octopus
October 17, 2012 3488-590-02 E-Commerce, S. Erfani University of
Windsor
SONY RC-S833
CONTACTLESS SMART CARD
I/O SPEED: 211 Kbps
SONY READER/WRITER
SOURCE: SONY
Implementation: Octopus Card Features
October 17, 2012 88-590-02 E-Commerce, S. Erfani University of
Windsor35
� Hong Kong RFID payment card
� Operating distance: 15 cm
� Bandwidth: 211 Kb/sec
� Triple DES in 70 µµµµsec
� EEPROM 1536 bytes
� 128-byte data backup area
� 16-byte manufacturer ID; 16-byte issue ID
� Processing time: 50 msec on card, 300 msecoverall
� Random access and cyclic files
� Anti-collision protocol SOURCE: MITSUBISHI
Implementation: Octopus Card Security
October 17, 2012 88-590-02 E-Commerce, S. Erfani University of
Windsor36SOURCE: MITSUBISHI
Octopus Clearing
October 17, 2012 88-590-02 E-Commerce, S. Erfani University of
Windsor37SOURCE: SAMMY KAM
Octopus Settlement
October 17, 2012 88-590-02 E-Commerce, S. Erfani University of
Windsor38
SOURCE: MICHAEL I. SHAMOS, CMU
MTR’S
BANK
LOAD
AGENT’S
BANK
LOAD AGENT
CENTRAL
COMPUTER
CENTRAL
CLEARING
HOUSE
SYSTEM
STATION
COMPUTER
FARE PROCESSORS
SERVICE PROVIDER
CENTRAL COMPUTERS
(SPCC)
HSBC HEXAGON
SETTLE MENT
MTR CENTRAL
COMPUTER
• MUTUAL
AUTHENTICATION
• CHECK BLACKLIST
• UPDATE CARD
• STORE TRANSACTIONS
• DISTRIBUTE SOFTWARE
• COLLECT TRANSACTIONS
• PRINT REPORTS
• SEND DATA TO SPCC
• CONSOLIDATE DATA
• PRINT REPORTS
• ROUTE DATA TO CCHS
• VALIDATE DATA
• NET ACCOUNTING
CCHS
OCTOPUS
BANK
REGULAR ACCT
BUFFER ACCT
RESERVE ACCT
Octopus Expansion
October 17, 2012 3988-590-02 E-Commerce, S. Erfani University of
Windsor
� Identity card
� Access control
� Hotel room key
� Credit card
� McDonalds
� Mobile phone
� Home readers
SOURCE: CREATIVE STAR
October 17, 2012 4088-590-02 E-Commerce, S. Erfani University of
Windsor
� Subsidiary of MasterCard
� Smart-card-based, stored-value card (SVC)
� NatWest (National Westminister Bank, UK) et al.
� Secret chip-to-chip transfer protocol
� Value is not in strings alone; must be on Mondexcard
� Loaded through ATM� ATM does not know transfer protocol; connects with
secure device at bank
� Spending at merchants having a Mondex value transfer terminal
Implementation: Mondex
October 17, 2012 4188-590-02 E-Commerce, S. Erfani University of
Windsor
Mondex Overview
SOURCES: OKI, MONDEX USA
October 17, 2012 4288-590-02 E-Commerce, S. Erfani University of
Windsor
Mondex security
�Active and dormant security software
�Security methods constantly changing
� ITSEC E6 level (military)
�VTP (Value Transfer Protocol)
�Globally unique card numbers
�Globally unique transaction numbers
�Challenge-response user identification
�Digital signatures
�MULTOS operating system
�Firewalls on the chip
October 17, 2012 4388-590-02 E-Commerce, S. Erfani University of
Windsor
Summaryo Smart cards replace cash.
• The applications are primarily in banking, mobile telephony, and pay TV.
o Potential of cards is unexplored; new uses added every day:
• badges for access control
o Powerful microprocessors allow:
• cryptography
• certificates, authentication
• secure purses
o Wireless (contactless) cards enable new business models.
o Smart card security is not perfect.
o Several electronic purses were proposed and introduced for making micropayments.
o OCF is a java-oriented integration of integrated-circuit cards with computers.
References
October 17, 2012 4488-590-02 E-Commerce, S. Erfani University of
Windsor
• M. H. Sherif, Protocols for Secure Electronic Commerce. Boca Raton, FL: CRC
Press LLC., 2004, Chapters 9 and 13.
• Electronic Payment Systems (20-763) Official Course Web
http://euro.ecom.cmu.edu/program/courses/tcr763/2002pgh/cards7.ppt