END TO END ENCRYPTION
Heartland’s Silver Lining?
Overview
Heartland breach as impetus for End-to-End Encryption
Description of card transaction process Heartland’s approach to End-to-End
Encryption Encryption and Key Management
Methods used Other Processor & Merchant solutions Smartcard solutions
Heartland Payment Systems, Inc On Inauguration Day, HPS announced breach
Occurred from May 2008 until January 2009 Approximately100 million credit and debit
cards compromised from 650 financial institutions
More electronic records were breached in 2008 than in the previous 4 years
Track (magnetic strip) Data was obtained which includes card number and sometimes Name.
The Beginning of End-to-End Robert Carr, CEO, has hosted a ‘preliminary
planning meeting’ on May 7th for the Accredited Standards Committee X9 at Heartland headquarters. As of 9/1/09, X9 did not have a standard yet.
The Goal – find a way to standardize End-to-End Encryption. This is being promoted as a panacea to external data threats.
Enabling E2EE would, in theory, limit the scope of PCI-DSS security requirements and audits for merchants and Processors.
The Credit Debit Process
The Credit Debit Process
The Credit Debit Process
Loyalty Programs
The Credit Debit Process
Loyalty Programs
The Heartland-Voltage Security Plan E3
•Tamper Resistant Terminal encrypts PAN with AES•Equipment manages its own private keys•Encrypted data is passed to and from Processor•Unencrypted track data is not stored at Merchant•Merchant stores all encrypted card data in a HSM.
•Encryption keys are stored with Processor•All encryption/decryption happens at Processor’s HSM•“Securely Delivered” to the card brands•Token is Card Brand reference#, date stamp & last 4 digits of the PAN•Token is sent back to merchant for chargebacks and other post-processing
1234-56XX-XXXX-7899
FFSEM Mode AES and IBE
FFSEM – Feistel Finite Set Encryption Mode Preserves the format of the data while
encrypting the digits for system management purposes w/AES.
Encrypts numbers only and data must be between 9 and 19 digits.
Developed by Voltage, Heartland’s encryption partner, and not yet PCI authorized method.
IBE – Identity Based Encryption uses shared information about cardholder as the public key. Public and private keys are managed by a trusted third party called the PKG (private key generator).
Hardware Security Module
Secure cryptoprocessor Goals:
Onboard secure key generation Onboard secure storage Use of cryptographic and sensitive data
material Offloading application servers for complete
asymmetric and symmetric cryptography. Provides both logical and physical
protection from non-authorized use.
Steven Elefant, CIO HPS
“When we peel back the onion and look at the so-called end-to-end solutions out there, we find that they're really point-to-point solutions…True end-to-end encryption to us, … [starts] from the time the digits leave the magstripe on the consumer's card, and is turned from analog data into digital data, [and continues] all the way through the terminal, through the wires, through our host processing network until we securely deliver it to the brands.”
Other Hats in the Arena
First Data and RSA have teamed up for a tokenization approach where the encrypted card data is at the Processor site and the merchant has only the token, created by the Processor.
RBS Worldpay (another hacker victim) will market VeriFone secure swipe terminals. Also uses format-preserving AES encryption.
Merchants are pursuing their own tokenization schemes. Fingerhut will tokenize all of their card data-at-rest and store encrypted card numbers in an HSM.
E2EE - Problems
Not all transactions are initiated at a swipe machine. How often have you made a payment over the phone or on the internet?
Virtual Point of Sale websites are replacing swipe machines, increasing web exposure to card data.
Many business need to un-encrypt card data for recurring transactions, returns, pay on ship, etcetra.
The one greatest point of weakness, the magnetic strip can still be lifted and cloned.
Most End-to-End solutions do not extend past the processor.
E2EE – How It Would Work
Visa’s recommendations: Limit clear-text cardholder and authentication data Use robust key management solutions that meet
international standards Use recognized cryptographic algorithms Protect devices used to perform cryptographic
functions Consider Tokenization as a data surrogate in place
of credit card numbers. They are essentially recommending the use of
the smartcard(chip) or something like a Speedpass
Other Security Measures - Smartcards EMV – Microprocessor Chip Card popular
outside the US. Expensive to implement: Cryptographic coprocessor Public key certificate management at the
terminal level Card data is still being stolen and
transferred to the US for fraudulent transactions with mag-strip cloned cards.
Contactless Token – (i.e. speedpass)
Other Security Measures - Smartcards Contactless Smartcards with Online
Dynamic Cryptograms Cryptogram is a type of digital signature