Securing Card-Not-Present Transactions through EMV
Authentication
Matthew Carter and Brienne DouglasDecember 18, 2015
Outline
• Problem
• Card-Not-Present (CNP) vs. PayPal
• EMV Technology
• EMV CNP Experiment
• Summary
• Questions
• Types of Payment CardsoDebitoCredit
• In 2014, over 13 million Americans were victims
Source: Aite Group, “EMV: Lessons Learned and the U.S. Outlook,” June 2014
Problem: Payment Card Fraud (1)
• U.K. was early adopter of EuroPay, MasterCard, and VISA (EMV) technology
• Counterfeit cards (Cloning) decrease
• Card-Not-Present (CNP) fraud has sharp increaseo Purchases over interneto Purchases over phone
Problem: Payment Card Fraud (2)
150
170
190
210
230
250
270
290
310
330
350
2005 2006 2007 2008
Car
d-no
t-Pr
esen
t Fra
ud lo
sses
in
mil
lion
s of
pou
nds
The UK Cards Association
Problem: Payment Card Fraud (3)
• “Secret” card data provides transaction authorizationo Card numbero Expiration Dateo Etc.
• Third party passively viewing can repeat transaction
Traditional CNP Transactions
• Man-in-the-middle-proxy (mitmproxy)
• Checkout Serviceo 127.0.0.1 GET
https://api.stripe.com/v1/tokens?email=testemail…&card[number]=4242+4242+4242+4242&card[cvc]=151&card[exp_month]=6&card[exp_year]=2016&card[name]=testemail…
CNP Attack
Existing CNP Alternatives
• PayPal• User card information
encrypted on PayPal Servers
• Payment transactions done via tokenization
• Sniffed SSL traffic reveals some user information leakedo Account details
encrypted prior to transmission
• Chip-and-PIN• EMV provides “Card Verification
Technologies”o Static Data Authentication (SDA)o Dynamic Data Authentication (DDA)o Combined DDA & Application cryptogram
(CDA)
EMV Technology
• Private RSA key used for signature generation
• Provides Public Certificates o Card Certificateo Issuer Certificate
Card Signature
Issuer Public
Certificate
Certificate Authority
Public Certificate
Verified By
Verified By
EMV Dynamic Data Authentication (1)
Card Terminal
Generate SignatureTransmits dynamic data to be included in signature
Dynamic Data
Responds with signature Verifies signature
Signature
EMV Dynamic Data Authentication (2)
• Force online transactions to run DDA for card verification
• Verify signature at remote location
• Verify payment card data is not susceptible to man-in-the-middle attack
EMV CNP Experiment
EMV CNP Components
Client Machine Running Software
Smart Card Reader
Payment Card with Integrated
Chip
Server Machine Running Software
Client and Server Machines
• Cliento Card Reader Softwareo Client HTTPS Software
• Servero XAMPP – Server Software• Apache• MySQL• Tomcat
o Java Servlets• Dynamic Data Generation• Card Signature Verification
EMV CNP Steps
• Read Card
• Generate Dynamic Data
• Card Signature Generation
• Verification of Signature
Read Card Step
------------------------------------------------
Send READ RECORD to read SFI 1 record 4
-------------------------------------
APDU: 00 b2 04 0c 00
Response Parsed:70 81 c3 -- Record Template
9f 46 81 b0 –ICC Public Key Certificate
55 ea 24 5f 3c da …
9f 47 01 –ICC Public Key Exponent
03
Dynamic Data Generation
Sample output from Server:
Card Signature Generation
77 73 -- Response Message Template Format 2
9f 4b 70 -- Signed Dynamic Application Data
46 f2 60 df …
Send INTERNAL AUTHENTICATE command
------------------------------------------------
Sending HTTPS request to url :https://mrc7d-pc/examples/getdyndata
Response Code : 200authenticationRelatedData = F69A603757096EC1B3
Command Bytes:
00 88 00 00 09 f6 9a 60 37 57 09 6e c1 b3 00
Card Signature Verification (1)
• Certificate Authority (CA) Public KeyoApplication Identifier (AID)oCA Public Key Index
• Issuer Public Key• Integrated Circuit Chip (ICC)
Public KeyoCard Public Key
Sample output from Server:
Card Signature Verification (2)
Sample output from Server:
Card Signature Verification (3)
Summary
• EMV deployment known to mitigate card-present fraud; does nothing for card-not-present (CNP) transactions
• Attempts to secure CNP payments with dynamic data authentication (DDA) using RSA key pair proved successful
Questions