Smart Card Alliance Educational Instituted3nrwezfchbhhm.cloudfront.net/media/ei_payments/ichikawa.pdf · Smart Card Alliance Educational Institute . ... (the message digest/hash )

Smart Cards and Payments Security Bryan Ichikawa

Vice President, Unisys

Smart Card Alliance Educational

Institute

CTST2009 – Smart Card Technology and

Payments Applications Workshop © 2009

Agenda

• Security Overview

• The Basics of Security - Building Blocks

Principals of Security

Security Functions

• How Security Works

• Payments Security



Security is Relative

• A system is only as secure as its weakest point

• What is secure today may be broken tomorrow

• Security has a cost and it is up to each business to decide the level of fraud it can cope with



Security is an Attitude, Not a Position

• A perfectly secure system is always too expensive

• The ideal system should be able to detect fraud and move to the next level of security when an unacceptable level of fraud is reached



How Secure Is It?

• What is the Cost to Deploy Security?

• What are You Protecting?

• What is the Cost of Loss or Breach?

• Is the Deployed System Useable?

• Is the System Upgradeable?

How Secure Does it Have to Be?

Smart Card System Architecture

A smart card application consists of– Cards

– Security application modules

– Terminals

– Collection devices

– Network(s)

– Node computers

– Back end system

But also of– Software In cards

In terminals

In back end systems

– Policies

– Security surveillance

– Administration activities Key management

Personalization



Responsibilities & Parties

• Cards

• Card Issuer

• Network / Terminals

• Merchant

• Background System

Network

Security Technology Overview



Security vs. Cryptography

• Security is the set of :

Data Integrity

Authentication

Non-Repudiation

Confidentiality

• Cryptography is the set of mathematical

algorithms used to implement security



Data Integrity

• The assurance that the data has arrived intact, with no tampering or corruption of the bits.

• Data Integrity is achieved electronically through the use of cryptographic checksums (one-way hashs) over the data.



Authentication

• The binding of the sender’s (or issuer’s) credentials to the data. This process can be likened to your personal signature

• It is unique to you and canbe recognized (verified) laterby all parties involved



Non-Repudiation

• The fact that a third party can verify your authentication (e.g., your signature) on a transaction means that you cannot deny participation in the transaction



Confidentiality/Privacy

• Encryption (scrambling) of the data to prevent unauthorized disclosure.



Mechanics of Security

• Cryptographic algorithms (mathematical

processes) used to implement security

• Hashing Algorithms

• Symmetric Encryption

• Asymmetric Encryption

Hashing Algorithms



One Way Hash Functions

• Creates a small data string that uniquely characterizes the

data (the message digest/hash )

• It is infeasible to find a message that hashes to a

particular value (i.e. one cannot recalculate the original

message from the hash result)

• It is infeasible to find two different messages that hash to

the same value

• By recalculating a new hash and comparing it with the

received hash, message integrity can be verified

• The hash function is not secret (e.g. public domain

algorithms - MD4, MD5, SHA-1)



Hashing Algorithm at Work

MESSAGE

DIGEST

(fixed length)HASHING ALGORITHM

hashVariable

length

input data

Symmetric Cryptography

Encryption Concepts

ENCRYPTION

Key

Algorithm

Plaintext Ciphertext

DECRYPTION

Key

Algorithm

Original

Plaintext

The Above Model is Applicable to Symmetric (Secret Key) as Well as

Asymmetric (Public key) Cryptographic Techniques



Foundation

• EncryptionThe process of disguising a message in such a way as

to hide its substance

Requires an encryption ALGORITHM and an encryption KEY

H E L L O

L I P P S



Symmetric Key Systems

• ApproachSame key used to encrypt and decrypt information

• AttributesFast

Key Distribution is Required (physical, electronic)

Scalability Requires Management Systems

Compromise is Critical. Loss can be Broad

• BenefitsConfidentiality, Integrity thru Encryption



Symmetric Encryption/Decryption

• Secret Key used to encrypt data

• Sender and receiver must have same key

• Key distribution and compromise recovery are difficult

KeyGeneration

DES

This is plain

text. It can be

a document,

image, or any

other data file

12A7BC54410

9FD00A6293F

ECC7293B9B

CAA12020384

AC6F4D93B8

DES

This is plain

text. It can be

a document,

image, or any

other data file

SecretKey

SecretKey

Bob Alice

Same Key

Asymmetric Cryptography(Most commonly known as Public Key Cryptography)



Public Keys

• A public and corresponding private key are mathematically related hence referred to as a public/private key pair.

• The private key is kept secret, the public key is published i.e Directory, File, Newspaper, etc.

• By knowing the public key, it is mathematically infeasible to calculate the corresponding private key.

• Public Key algorithms are less efficient in terms of encryption than symmetric algorithms.

• Public Key systems are generally considered to be more flexible and secure than Symmetric Key systems.



Key Generation

• Key pair is use in public key cryptographyKey generation provides the basis for trust

Public key bound in certificate and shared

Private key protected and never shared

Key PairGeneration

PrivateKey

PublicKey

CertificationAuthorityUser Name

OrganizationLocation Digital

Certificate

End UserToken

X.509Directory



Using Public Keys to Solve a Problem

• The question is how to get the Secret Key to Alice

• Let’s take the secret key and treat it as data

KeyGeneration

DES

This is plain

text. It can be

a document,

image, or any

other data file

12A7BC54410

9FD00A6293F

ECC7293B9B

CAA12020384

AC6F4D93B8

DES

This is plain

text. It can be

a document,

image, or any

other data file

SecretKey

SecretKey

Bob Alice

Same Key



Public KeyAlgorithm

Using Secret and Public Key Technologies

• This fundamentally demonstrates how public key algorithms can deliver confidentiality

• We do not use public key technology against the message itself because of basic inefficiencies (slow)

Public KeyAlgorithm

Alice’sPublicKey

Alice’sPrivate

Key

Bob Alice

SecretKey

SecretKey

Alice’sCertificate

Alice’sToken

Digitized vs. Digital Signature

•A Digitized signature is a scanned image that can be pasted on any document

•A Digital Signature is a numeric value that is created by performing a cryptographic transformation of the data using the “signer’s” private key

1A56B29FF6310CD3926109F200D5

EF719A274C66821B09AC3857FD62

301AA2700AB3758B6FE93DD

Digitized SignatureDigital Signature



Public KeyAlgorithm

Public KeyAlgorithm

Digital Signatures - Part 1

This is plain

text. It can be

a document,

image, or any

other data file

12A7BC54410

9FD00A6293F

ECC7293B9B

CAA12020384

AC6F4D93B8

This is plain

text. It can be

a document,

image, or any

other data file

Bob’sPrivate

Key

Bob’sPublicKey

Bob Alice

Bob’sCertificate

•Bob uses his own private key to sign•Alice uses Bob’s public key to verify•Result is Pass or Fail•Anybody can use Bob’s public key and recover message

Bob’sToken



Public KeyAlgorithm

HashingAlgorithm

Public KeyAlgorithm

Digital Signatures - Part 2

This is plain

text. It can be

a document,

image, or any

other data file

hash

This is plain

text. It can be

a document,

image, or any

other data file

Bob’sPrivate

Key

Bob’sPublicKey

Bob Alice

Bob’s Certificate

Bob’s Token

hash

hash

HashingAlgorithm

hash



HashingAlgorithm

Public KeyAlgorithm

HashingAlgorithm

Putting it All Together - Signing & Encrypting

This is plain text.

It can be a

document, image,

or any other data

file

hash

Bob’sPrivate

Key

Bob’sPublicKey

Bob Alice

Bob’s Certificate

Bob’s Tokenhash

hash

hash

KeyGeneration

DES

12A7BC544109F

D00A6293FECC7

293B9BCAA1202

0384AC6F4D93B

8

Alice’s Public Key

Alice’s Private Key

Secret Key

Secret Key

Alice’s CertificateAlice’s Token

Public KeyAlgorithmPublic Key

Algorithm

Public KeyAlgorithm

DESThis is plain text.

It can be a

document, image,

or any other data

file

PKI

Public Key Infrastructure



What is a Public Key Infrastructure?

• Client and Server Applications

• Protocols

• Digital Signatures, Certificates

• Certification Authority

• Public Key Directory/Repository

• Legacy IT Systems

• Smart Cards


Public KeyCertificates

CertificationAuthorities

PKIServices


Certificate

Management

Public Key

Management

Token

ManagementRegistration

Management

Information

Dist. & Mgmt

X.509

Payments Security



Contactless Payments Overview

• “Contactless payment” refers to a payment process that uses radio frequency to exchange transactional data between a consumer’s contactless card and a merchant’s point-of-sale

• Unlike traditional credit, debit or prepaid cards, no physical contact needs to occur between a contactless payment card and hardware at the point-of-saleThe contactless card must be within a few inches of the

contactless reader at the point-of-sale to transmit data

After transactional data is captured via a contactless reader at the point-of-sale, transactions flow through the traditional payment infrastructure in the traditional manner

Transaction Processing

In step 1, the antenna in the card converts the contactless reader’s electromagnetic signals into energy to power the chip. Subsequently, transaction data is exchanged between the contactless card and the terminal.

Beyond the terminal, the contactless transaction may follow the existing magnetic stripe processes. Additional authorization may be required for cards processed with an extra security feature called the dynamic CVV.

In step 2, the merchant sends the authorization request to the acquiring processor who routes the transaction to Visa or MasterCard (step 3). Visa or MasterCard routes it to the issuer processor (step 4).

The issuer processes the authorization requests and sends a response to Visa or MasterCard (step 5). Visa or MasterCard forwards the authorization response to the acquirer processor (step 6), who sends the approval or decline message to the merchant (step 7).

new

for

cont

actle

sssa

me

for

cont

actle

ss a

nd m

ag s

trip

e

Illustrative Process Flow for Contactless Credit

Transaction

Once the consumer waves the contactless card in front of the reader, the transaction data from the

contactless card flows across the existing payment-processing infrastructure with the exception of one

additional field in the message format. In other words, from a processing standpoint, the contactless

transaction is very similar to the traditional magnetic stripe transaction.



Contactless Payments Security Features

• The Payments Industry has Incorporated the Following Tools to Diminish Fraud Risk:Card Specific Encryption

Systematic fraud detection and prevention tools, including: Systematically detect and reject multiple use of the same transaction data

Validate contactless transaction originates from appropriate reader

Use an alternate account number

No use of customer’s name

Dynamic CVV



Dynamic CVV / DAC

• Contactless cards equipped with a new security feature called dynamic CVV or dynamic authentication codes

• This dynamic CVV is a one-time value generated by an algorithm that was placed on the chip at the time of manufacture

• It is designed to make fraudulent activities such as skimming less effective because the value is unique for every transaction, and the value itself is never transmitted

• This one-time value is difficult to replicate, and ultimately, if the dynamic CVV value does not match, the transaction will not be authorized

• The card associations control issuer mandates for implementation of the dynamic CVV feature on contactless credit cards

Contactless Payment Transactions

MSD - Magnetic Stripe Data Model

DDA - Dynamic Data Authentication Model

Open

interface

Transaction



Payment Transaction Models

• MSD (Magnetic Stripe Date)

Emulates magnetic stripe transaction

No card-reader authentication

Authorization is performed by back-end systems

Extremely fast (transit system specification compliant)

• DDA (Dynamic Data Authentication)

EMV model

Reader contains payment scheme public keys

Card signs transactions

Reader verifies transactions



Points for Consideration

• Contactless payment cards are as secure as and probably safer to use than traditional magnetic stripe cardsThe card never leaves the cardholder’s hand during the

transaction

The data that could be theoretically captured by a thief using an illegal handheld reader placed within inches of a person carrying a contactless card amounts to less information than what is printed on the outside of the plastic card or stored on the magnetic stripe

A thief that captures this data cannot make a duplicate credit card to make fraudulent retail purchases or use the credit card account number to make a fraudulent online purchase since the security code printed on the card is not stored inside the chip



Points for Consideration

• Strong federal protections exist for cardholders under Regulation E (which implements the Electronic Funds Transfer Act (EFTA))The EFTA provides protections for consumers engaged

in electronic funds transfers at the point of sale, ATM, direct deposit, debit card and one-time electronic fund transfers via check

The law requires certain consumer disclosures, change in terms notices, periodic statements and error resolution procedures and notices

It also provides that a consumer’s liability for an unauthorized transfer will not exceed $50



Points for Consideration, Cont’

• However, “zero liability” protection rules apply to all cards and devices issued by financial institutions in North America

• Industry best practices continue to evolve for the issuance of contactless payment cards and devicesEncryption techniques for added protection against

fraudulent transactions

Removal of the cardholder’s name from the electronic data stored on the chip



Additional Information

• More detailed information about the security of contactless payments can be found on the Smart Card Alliance website at www.smartcardalliance.org

• Important documents include:Smart Card Alliance Contactless Payment Security

Statement(http://www.smartcardalliance.org/pages/publications-contactless-payment-security-statement)

Contactless Payments Security Questions & Answers(http://www.smartcardalliance.org/pages/publications-contactless-payment-security-qa)

Contactless Payments: Frequently Asked Questions(http://www.smartcardalliance.org/pages/publications-contactless-payments-faq)

Thank You!

Smart Card Alliance

191 Clarksville Rd. · Princeton Junction, NJ 08550 · (800) 556-6828

www.smartcardalliance.org

Bryan Ichikawa

Vice-President, Identity Solutions

Unisys Corporation

[email protected]

Documents

Smart Card Alliance Educational Instituted3nrwezfchbhhm.cloudfront.net/media/ei_payments/ichikawa.pdf · Smart Card Alliance Educational Institute . ... (the message digest/hash )