1. Chapter 6 - Card Security Applications

2. 6.0 Card Era
credit cards have become part of our daily life as forms of plastic money since its first launch in 1960
a magnetic card verse a smart card

3. 6.1 Magnetic Card
composed of a layer of magnetic material for storing information
easy to carry
can be use for authentication
what is its principles?

4. 6.1.1 Information on Magnetic Card
the stripe is
8.5cm X 1.2cm
data is constructed based on ISO 7811/2
maximum 3 stripes
can store around 1K bits

5. 6.1.2 ISO Standards Based on ISO 7811
Track 1 is developed by International Air Transportation Association (IATA) which contains adaptive 6-bit alphanumerical characters
Track 2 is used by American Bankers Association (ABA) which stores 4-bit numerical information containing identification number and control information.
Track 3 is originated by Thrift Industry which contains information which is intended to be updated with each transaction.

7. 6.1.3 Capacity Track Record density bits/inch Capacity
(7 bits/char.)
(5 bits/char.)
(5 bits/char)

8. 6.1.4 Fraud card activities
Stealing — A legal card may be stolen and used in ATMs or EPOSs.
Altering and re-embossing a genuine card, that is modifying the visual features of card.
Skimming or altering the original electronic data stored on the magnetic stripe, for example the expire date or the credit limit.
Buffering or re-encoding the original data to the magnetic card. This technique is commonly used in producing card counterfeits of store-value ticket.

9. Copying of data from a genuine card to another in an on-line fashion  “white plastic fraud”
Counterfeiting — “color plastic fraud” may be prepared by reading another legal card and encoding the same information onto another fraud card in an off-line fashion.

10. Valid Card
Fraud Card

11. 6.1.5 Design of card protection technologies
Validation by Appearance — this is a visual mean to protect against illegal duplication of plastic card. The aim is to make the appearance of card so unique and difficult to duplicate that shopkeepers or card handlers can identify the genuine card instantly.

12. Verification on Access — this validation relies on the interaction with the card holder, the objective of the protection mechanism is to identify the person accessing the card is an authorized one.

13. Protection on Data — this is a machine readable protection to avoid data from being access and duplication illegally. The importance of stripe data protection is .to ensure the security of electronic transaction and provide an alternative verification mechanism of magnetic card.

15. 6.5.1 Validation by Appearance
Computer Chip
Hologram
IN GOD WE TRUST
But Counterfeits Still Exists!
Magnetic Stripe
Logo
MR. B
12/95
VISB
Printed &
Embossed Data
Bar Code
Fine Printings
Authorized Signature
Photo ID
Signatures

16. Holograms are the most notable marking for credit cards
produced by a combination of photography and laser beams
initially counterfeit holograms were crude and manufactured by stamping tin foils
recently counterfeit holograms were produced by professional technical knowledge is needed to validate the authenticity of holograms

17. Embossed characters
are some raised marks implemented on the plastic surface of card
the embossed information includes the user name, expiry date, card number and unique embossed symbol — VISA embossed a symbol like “CV” besides the expiry date.
However, the card material is a thermal plastic by warming the card to about 50C, it allows “debossing” of the characters and re-embossing with fraud information.

18. Photocards are introduced by CitiBank Corporation
the effectiveness of photocard on marketing purposes seems to be greater than that on security
it is not an effective mean to stop card fraud because counterfeiters had the ability to imitate laser engraved photographs and signatures in rather low cost using a photomachine of around US$ 5000.

19. Ultra-violet dove, bank identifying number (BIN) and micro-printings
can also be duplicated under the existing technology
technical knowledge is needed to recognize a counterfeit card from a genuine one
most card reading terminals contain no visual detector to validate these visual protection features while human eyes are not a reliable mean of verification
difficult to validate a genuine card

20. 6.5.2 Protection on Card Access
the card holder is requested to prove his identity or the authorized user will be acknowledged about the transaction
methods:
signature
biometrices
PIN

21. Signature Signature is the most popular way of verification.
When a transaction is made, the card holder is requested to sign and the signature will be verified visually.
this method is simple
not useful in protection against “color plastic fraud” where the criminal can sign their own signature in the fraud card.

22. Biometrics
biometrics features were developed such as speed of writing, fingerprint or iris pattern
implementation cost is high
their accuracy is questionable

23. Personal identifying number (PIN)
PIN is a unique number given by the bank to each user which is effectively fixed by the customer account number and the cryptographic key used in the derived PIN computation.
PIN offset or password is a value that relates a derived PIN to actual PIN value.

24. When a card holder transfer or withdraw his money from a bank account, a 6-digits password is inputted before transaction processed.
The password will be validated by comparing with the one stored inside the magnetic card by offset or in a centralized database in the bank.

25. The security of password is relied on the encryption algorithm of PIN, the PIN management scheme and the secrecy of password.
PIN does not provides defense against data copied from another card which contains the correct card verification value.
Moreover, the encryption algorithm adopted in validation codes may be tampered and decoded by professional hackers with some insider information.

26. 6.6 Smart Card Integrated Circuit - chip originated from France
invented in 70 and matured in 90
Magnetic Card replacement

27. Types of Smart Card Memory Card MPU IC card Crypto- processor card
Contactless card

28. Memory Card Primitive type composed of EEPROM/PROM simple function
as prepay card

29. Cypto-processor IC Cards
composed of cypto-processor & PROM
a powerful MPU
can recognise illegal signal and security features

30. MPU IC Smart Card Composed of MCU/MPC software driven
have flexibility and primitive intelligence
some security features

31. Contactless Smart Card
similar to contact smart card
with RF transceiver to increase robustness and security

32. 6.6.1 Advantages of Smart Card
Large storage capacity
more security features
multiple functions
flexibility in use - intelligent, lower power consumption, effective packaging
as access card, electronic purse, debit/credit cards, ID card etc. - particular off-line applications

33. 6.6.2 Hardware Technologies
new memory technologies - EEPROM and flash-EPROM
new silicon technologies m to 0.8 m for more storage and security, lower power consumption
new packaging technologies - against breakage, rubbing and bending

34. 6.6.3 Smart Card Software Intelligent Chip Operating System -COS
Encryption techniques - RSA & DES
Multiple Application OS (MAOS)
Mondex, EMV, GSM, Loyalty
New requirements
hot list, trust key management

35. 6.6.4 Smart Card Worldwide
Use Distribution 40% Western Europe, 25% Asia, 15% North America, 8% South America and 12% others
Major user is France over 130M cards
Germany 80 M health insurance
over 20 countries use GSM and electronic purse

36. Smart Card Project Worldwide
Mondex - UK
Barclay/Mercury one-2-one project (UK)
Detemobil Toll Collection (UK)
Advantages Card in RSA
ID card in Taiwan
Mastercard &Visa + Netscape and Microsoft - COS project
Credit Card in USA

37. Some Difficulties Worldwide
Bank card project cancellation - Taiwan
Mondex tampering slow down bank sector development - RSA and New Zealand
Mastercard - year 2000 delay of massive launching
Visa - adoption of magnetic card in RSA debit card project
Major concern - COST EFFECTIVENESS

38. 6.6.5 Smart Card in Hong Kong Mondex Visa Cash City Smart
Octopus - smart travelling card
Jockey Club -pre-pay card
New airport - access control card
HKT - telephone card
Parking Meter - prepay card project
HKID

39. 6.6.6 Smart Card in Electronic Commerce
Electronic Data Interchange (EDI)
Tradelink
Electronic Purchasing
Home Banking
Internet Shopping

40. 6.6.7 New Technologies Required
Data Storage Management - information protection
authentication process -
biometric: fingerprint, facial features, iris identification, dynamic signature recognition, speech recognition
encryption methods -
Elliptic Curve Cryptography, chaotic techniques

41. 6.6.8 Governing Body
The Hong Kong Monetary Authority will set rules on use of smart card for financial applications
only banks may issue general purpose cards
HKMA can authorize other non-bank issuer
core use relating to business of the issuer
needs to establish a business case an non-core uses
non-core uses subject to limits determined by HKMA

42. Exemptions Risk to payment system and card holders is slight
replace an existing non-regulated payment instrument like travelers’ cheques
soundness of issuer
max. of HK$1000 limits on card
only allow 15% for non core uses
use in a limited and distinct areas

43. 6.6.9 Examples Mondex : equivalent to bank note, and no audit trail
Visa Cash: equivalent to cheques, link to accounts and have audit trails

44. Mondex scheme Issue of Bank Notes Origination of Mondex Value
Notes Issuing
Bank
Mondex
Originator
Adjustment to
interbank A/C
Adjustment to
interbank A/C
Bank notes
Mondex value
Other Banks
Member Banks
Adjustment to
customer A/C
Adjustment to
customer A/C
Bank notes
Mondex value
Notes holder A
Cardholder A
Goods/Services
Bank notes
Goods/Services
Mondex value
Transfer of bank notes
Transfer of Mondex value
Bank notes
Goods/Services
Mondex value
Goods/Services
Notes holder B
Merchant
Cardholder B
Merchant
Note : There is no clearing system for the transfer to Mondex value (in the same way as transfer of bank notes).

45. VisaCash scheme Cheques VisaCash Bank Bank Bank Customer Cheque
Debit Customer A/C
(after cheque
is cleared)
Debit Customer A/C
(once value is uploaded)
Issue of
cheques
Uploading
value onto card
Bank
Customer
Cheque
Clearing
System
Cardholder
VisaCash
Clearing
System
Presentation of
cheque received
from customer
Redemption
of value received
from cardholder
Payment by
cheque
Payment
by card
Goods/
Services
Goods/
Services
Merchant
Credit Merchant A/C
Merchant
Credit Merchant A/C
Note : Transfer of VisaCash value would go through a clearing system in same way as clearing for cheques.

46. Smart Card in Mobile Phone Applications
Wireless Application Protocol (WAP) emerges for a mobile Internet access
Research work launched in Japan indicates a good market if available.
Mobile operators will provide add on WAP gateways and WAP services to enable wireless internet services:
Banks, financial institutions, restaurants, retailers,
Utilities, transit operators, hotels,
entertainment and media, selling goods and information

47. Limitation, the SIM card inside the WAP phone cannot provide complicated the PKI authentication process thus security is an issue.
A possible solution is to introduce an additional smart card interface (either contact or contactless) to enable the authentication process. (MasterCard – dual card phone)

48. New technologies requirements:
The development of m-PKI (mobile PKI) in the multiple-application OS is more essential and practical
The development of high security low power card modules
A better interface to new wireless internet platform, other ancillary technologies, such as Bluetooth and Wireless Wallets are also important

49. Multos Backs by Mastercard Most Secure Hardware/software available
Security Level Common Standard Level 6 for Hitachi & Infineon cards
Requires secured terminals and approved software for downloading
Accepted by Amercian Express for Amexblue project

50. Overview Single OS API and virtual machine Standard I/O Security
Dynamic application management
Advantage: mature & stable
Disadvantage: not flexible & independent security certification

51. Java Card Supported by Visa & Sun Microsystem
More powerful processor & memories
Allow download of applications
Open software platform for code transportability
For multi-function, e-purse, loyalty, health care database and Internet/Intranet access card

52. Overview API: the programmer interface Virtual machine
Runtime environment
Dynamic application management
Successful in GSM
No independent security certification

53. Windows - WfSC Supported by Microsoft Popular Windows commands
immature product - Unstable & unreliable
WfSC developed using VB produces inefficient code – thus OS is bulky

54. 6.7 ISO 7816 Standards
7816/1
Specifies the physical and dimensional features of the plastic supports. Additional characteristics specified are Mechanical strength, Static electricity, Electromagnetic fields and Bending properties etc.

55. 7816/2 Specifies the meaning and location of the contacts.
This part defines eight contact referred to as C1 to C8. The contacts are located as shown in figure below.

57. Pin Assignment

58. 7816/3
Specifies electronics signals and transmission protocols that the DC electrical characteristics, the character format and the command protocol for the Smart Card.
This ISO standard describes two types of data transfer between Smart Card and card Reader/Writer:
asynchronous protocol with two data coding conventions
synchronous protocol

59. Asynchronous protocol
Character format:
Each character (described in figure below) is composed of:
one start bit
8 bits of data
one even parity bit
guardtime slot including two stop bits

60. The data speed transmission depends on the clock signal frequency input into the Smart Card on the CLK contact.
The nominal bit duration sent on the I/O line is called the "elementary time unit" "etu" by the ISO standard.

61. This bit duration is directly proportional to the input clock during the "answer to reset", but may be requested to be modified (by the Smart Card) for the following data exchange. The parameters of this modification are given during the "answer to reset".

63. I/O Line management:
The I/O line (Input/output line) is used to exchange data in input mode (reception mode) or in output mode (transmission mode). This line must have two states:
stand-by state or high level state
working state or low level state:

64. Furthermore, the I/O line (as shown in figure below) is used to generate or to detect data parity errors in reception or transmission The transmitter must sample the I/O line during the guardtime duration.
The transmission is presumed valid if the I/O line stays at a high level during the guardtime slot
The transmission is wrong if the I/O line is pulled down during at least one etu (two etu max) during the guardtime slot.
The receiver, in order to signal a reception error, must pull down the I/O line.

65. Data coding
The ISO standard gives the possibility of two kinds of data coding. The direct convention or inverse convention. The type of convention is fixed by the Smart Card and is declared in the first character of the "answer to reset'.

66. In direct convention, the logical "l " level is 5 Volt and the least significant bit (LSB) is transmitted first.
In inverse convention, the logical "1" level is 0 Volt and the most significant bit (MSB) is transmitted first.

67. Synchronous protocol
In synchronous protocol, successions of bits are sent on the I/O line, synchronized with the clock signal on CLK pin. In synchronous protocol, the data frame format described previously is not available.

68. 7816/4 Specifies the inter-industry command for interchange include:
The content of the message, commands and responses, transmitted by the interface device to the card and conversely.
The structure and content of the historical bytes sent by the card during the answer to reset.

69. The structure of files and data, as seen at the interface when processing inter-industry commands for interchange.
Access methods to files and data in the card.
A security architecture defining access rights to files and data in the card.
Methods for secure messaging.

70. APDU (application protocol data unit) message structure
A step in an application protocol consists of sending a command, processing it in the receiving entity and sending back the response. Therefore a specific response corresponds to a specific command, referred to as a command-response pair.

71. An application protocol data unit (APDU) contains either a command message or a response message, sent from the interface device to the card or conversely.
In a command-response pair, the command message and the response message may contain data, thus inducing four cases, which are summarized by table below.

72. Command-response pair

73. Command APDU structure
CLA - Class byte
INS - Instruction byte
P1, P2 - Parameter byte
Lc field - number of bytes present in the data
field
Le field - maximum number of bytes expected in
the data field of the response APDU

75. Response APDU structure
The response APDU consists of
Conditional body of variable length.
Mandatory trailer of 2 byte.

76. Status Codes of response APDU trailer.

77. Physical Security & Recliability

78. Basic Internal Structure of CPU Smart Card

79. Possible Attacks on Smart Card
UV or X-ray inspection: use high efficiency UV or X-ray to inspect the memory areas to extract important information like PIN, secret key and public key
EM analysis: use electron microscope to inspect the internal structure of the mask

80. duplication: illegal copying of card content from one to another
confusion: disturb the power supply/frequency during PIN verification to confuse the accurate enter of PIN and allow access to the protected memory
duplication: illegal copying of card content from one to another

81. tracking: based on the protocol exchange between the terminal and the card to track the sequence of commands

82. Physical Security & Recliability

83. Basic Internal Structure of CPU Smart Card

84. Possible Attacks on Smart Card
UV or X-ray inspection: use high efficiency UV or X-ray to inspect the memory areas to extract important information like PIN, secret key and public key
EM analysis: use electron microscope to inspect the internal structure of the mask

85. duplication: illegal copying of card content from one to another
confusion: disturb the power supply/frequency during PIN verification to confuse the accurate enter of PIN and allow access to the protected memory
duplication: illegal copying of card content from one to another

86. tracking: based on the protocol exchange between the terminal and the card to track the sequence of commands

87. Other possible attracts:
attract on DES like differentiate methods
attract on RSA using cyclic properties

88. General Smart Card Security Features
Against UV or X-ray inspection:
Using implementation to avoid visible of ROM Code
EM analysis:
Address Scrambling of memories
Against confusion:
Low/High voltage sensors
Low/High Frequencies sensors
High Frequency Protection

89. Against Cyclic properties:
Against duplication:
Security PROM Hardware Protected
Unique Chip Identification Number
Move Code Blocking
Against Tracking:
Secure authentication and data/key encryption
Against DPA:
Random Wait State (Advance)
Current Scrambling Generator (Advance)
Against Cyclic properties:
No simple solutions

90. Protection Against Tracking
Random Number Generator for dynamic key generation
Cipher Engine for data protection:
Block
Stream

91. Random Number Generator
For generation of session keys
Digital approach can only generate pseudo random number based on
Xi =(a Xi-1 + b) mod c
Other use analogue approaches like VCO, white noise generator etc.

92. Block Cipher K1: Master Key of length 16-bit
K2: Card ID of length 16-bit
Block Cipher Method – Write to Memory
Block Cipher Method – Read from Memory

93. Stream Cipher
The Stream Cipher can be viewed as a state machine with K1K2 as the initial state
It generates a pseudorandom number sequences which are XOR with the Input Data to form the Output Data
The data must be in sequence in order to encode and decode correctly
Not suitable

94. Encryption Techniques
Encryption will modify data into irregular form for security storage and transmission. The reconstruction is achieved by using a set of relevant Keys.
Two cryptosystems are currently being used, i.e. symmetric (DES/FEAL) and asymmetric (RSA, ECC). Symmetric cryptosystem requires only one common key for encryption and decryption whereas asymmetric system requires two keys, i.e. private/user key and public/system key.

95. Common Encryption Techniques in Smart Card
Private:- Data Exchange
DES (Data Encryption Standard)
Public:- Key Exchange
RSA (Rivet, Shamir, Adleman)
ECC (Elliptic Curve Cryptography)
Also for Authentication

96. Is Smart Card Secure?
There is no 100% secured/perfect system available
System design and built for minimal attack risk can be treated as secure
Secure system are evaluated/classified in different levels using international standards such as TCSEC/DoD (Orange Book-USA), ITSEC (Europe) and CCITSE (ISO15408)

97. Trusted Computer Security Evaluation Criteria – USA(DoD)
D: Minimal protection
No protection
C1: Discretionary Security Protection
Use control access
C2: Controlled Access Protection
Use accountability/auditing
B1: Labelled Security Protection
Use sensitivity (classification) labels

98. B2: Structured Protection
Use formal security policy more resistant to penetrate
B3: Security domain
Highly resistant to penetration. Use security administrator, auditing events and system recovery process
A1: Verified protection
Highly assure of penetration. Use formal specification and verification approaches.

99. EAL6 - semiformally verified designed and tested
Information Technology Security Evaluation Criteria (ITSEC) and Common Criteria (CC) – Europe&Canada
EAL1 - functional tested
EAL2 - structurally tested
EAL3 - methodologically tested and checked
EAL4 - methodologically designed, tested and reviewed
EAL5 - semiformally designed and tested
EAL6 - semiformally verified designed and tested
EAL7 - formally verified designed and tested

100. Federal Information Processing Standards (FIPS) - evaluation
FIPS46-2 and 81 for DES
FIPS 186 for Digital Signature
FIPS for Cryptographic Modules

101. Security evaluation requirements
Cryptographic modules
module interface
role and services
finite state machine model
physical security
Environmental Failure Protection/Testing (EFT/EFP)
Software security

102. Operation security
cryptographic key management
cryptographic algorithm
EMI/EMC
self tests

103. Electro-static Discharge – Dry/Wet weather comparison

104. ESD – failure in various stages

105. Reliability of Reader – Contact Type Smart Card
Mechanical Insertion Life time – around 1-3x105 insertion
For a typical flow of 105 crossing per day
Each reader will only last for 3 days
Assuming 30 readers installed at border, all readers has to be replaced in 90 days.
Whereas, contactless type has MTBF over 115,000 hrs = over 13 years

106. 6.9 References MC Chu M.Phil thesis: Magnetic card protection system
ISO 7811/1-3
ISO 7816/1-4
High Security Protection in Electronic Commerce “III Publication Taiwan” ISBN (in Chinese)

107. *** END ***