Steven Murdoch, Computer Security Group, Cambridge University
Dave - In recent years, credit and debit card issuers have replaced signature strips with computer chips and we now type in a pin when we want to buy something. Itís said to be more secure, but how does this technology actually work and does it too have an Achilles heel? Steven Murdoch is from the computer security group of Cambridge University and he investigates the safety of banking systems. Now Chip and PIN is something I use every day. I donít really think about it. How does it actually work, Steven?
Steven - So, your credit or debit cards has got a computer chip in it and this is essentially a small computer. Itís not very far away in terms of computation power from the PCs that were on peopleís desks in the 1980s and itís got some special software loaded onto it. And more importantly, itís got some cryptographic keys loaded onto it by the bank which issued you the card. And these keys are used to allow the card to prove that itís present at a particular point in time and allow it to calculate a digital signature over that transaction, and then the bank which issued you the card can verify the digital signature.
Dave - So, thatís essentially when you put your pin number into the machine and the shop tells it that you want to pay 20 pounds, all that kind of gets mixed up together and sent back to the bank?
Steven - So, with Chip and PIN, the PIN aspect of it and digital signature aspect of it are almost completely separate. And in fact, thatís the root of some of the security vulnerabilities. So in addition to all the digital signatures and keys, itís also got a copy of your PIN and when you type in your PIN, that gets sent to the card. The card compares it and then if itís happy it says yes and if itís unhappy, it says no. And hopefully, it also tells the bank whether the PIN was correct or not, but thatís actually one of the mistakes that was made in Chip and PIN.
Dave - So how can you attack this if you're a nefarious person?
Steven - Well, one way that we discovered back in 2010 that this could be attacked is because Ė well as I was saying, the digital signature is not mixed up with the PIN. So, what you can do is put a little bit of electronics between the card and the terminal, and then when the PIN is sent to the card, this bit of electronics intercepts it and then just sends the answer Ďyesí back to the terminal. And the terminal will be happy. The card never received a PIN, but it turns out the cards are happy not seeing a PIN at all because at least it didnít fail, it just never saw something, and the banks, when they get that message back from the card, see a message from the card, a legitimate card, digitally signed that says that everything is fine, but in fact, the PIN that was typed in was wrong.
Dave - So, as long as you can kind of hide the electronics from the person in the shop, you could essentially use a stolen credit card without anyone knowing.
Steven - Yes, so when we initially mentioned this to the banks, we told them before we disclosed publicly to allow them to fix it. They didnít, but we at least we gave them a chance. They said that this will be infeasible to do and in fact, one of my colleagues, Omar Choudary, built some electronics that could be put up the sleeve and he was able to use that without being noticed, and it turns out that they caught some criminals, who were doing an even more sophisticated variant of this attack. They embedded the evil computer into a stolen card so the card looked perfectly legitimate, it just had one good chip and one evil chip.
Chris - When youíre doing this work Steven, do you have a sort of Chip and PIN machine in your office and you're continuously running up a huge credit card bill, in order to test these things out? Do people give you their gadgets to try? Is that how it works?
Steven - So, one thing we did do, is we bought a lot of Chip and PIN terminals off eBay. When a shop goes bankrupt or they upgrade they sell their old ones. The other thing that we did was when we go to the local cafť in the university and then run through a 5 pounds minimum transaction and experiment that way.
Dave - So, are they very suspicious of you at the local?
Steven - I think they recognise us and they're not too worried when we plug evil electronics into their terminal because they get paid and in the end we do all our experiments on our own cards.
Dave - Fair enough. So, is this possible to solve, this problem? I guess it just involves some way of checking, of combining the two together.
Steven - Yes, it is possible to solve. We mentioned some ways that the banks could do this in our academic paper and this is essentially doing more robust checks at the bank. It turns out that this was more difficult to do because there's lots of bugs in the system and sometimes the banks were seeing transactions that were supposedly suspicious. It looked like this attack was happening, but actually, it was just a bug at some point in the system, the data got corrupted. And the banks have a big challenge here because theyíve got so many transactions. Only a tiny, tiny proportion of them is going to be fraudulent. So if they start rejecting transactions because they think they're suspicious, theyíll mainly be rejecting legitimate transactions, not fraudulent ones.
Chris - Have you any idea, Steven, of the scale of abuse of the system then? Do you know whether people are implementing the strategy that you proved could work and if they are, how much money this is costing us?
Steven - Itís very hard to tell because there arenít good statistics that are collected on this. Weíre pretty confident that the banks werenít looking for this attack before we told them about this attack and that means that there's no way of knowing what was going on before that stage. We now know that some criminals are doing that because they got caught in France and there's a trial going on at the moment. But in general, when fraud happens, if itís not one of the standard techniques that the banks know about, the customer loses the money and the banks donít keep totals of how much customers lose, only how much that they lose and shops lose.
Chris - And conveniently, theyíve said that itís so secure that if someone has a transaction, they must have shared the PIN with someone. So itís no longer the bankís responsibility, itís your problem. So theyíve kind of conveniently passed the buck onto the customer too, havenít they?
Steven - Yes, this is one of the very unfair things thatís happened with Chip and PIN. Now, the responsibility from fraud has been put on the customers, even when itís a flaw in the bank computer systems.
Chris - Steven, thank you very much.
Part of the show Cybersecurity: how safe are we online? from the 2nd Sep 2012