HES 2012 Rlifchitz Contactless Payments Insecurity

Hacking the NFC credit cards for fun and debit ;)
Renaud Lifchitz BT renaud.lifchitz@bt.com Hackito Ergo Sum 20 2 !"ril 2# $# % &ari'# (rance
S"eaker/' bio
(rench com"uter 'ecurit0 engineer 1orking at BT 2ain acti3itie'4

&enetration te'ting 5 'ecurit0 audit' Securit0 training' Securit0 re'earch Securit0 of "rotocol' 6authentication# cr0"togra"h0# information leakage# zero7kno1ledge "roof'...*umber theor0 6integer factorization# "rimalit0 te'ting# elli"tic cur3e'...)Hacking the *(+ credit card' for fun and debit ,-. Renaud Lifchitz BT Hackito Ergo Sum 20 2 !"ril 2# $# % &ari'# (rance
2ain intere't'4
8hat i' contactle'' "a0ment9
E3er0da0 "a0ment 1ith no need for card in'ertion nor card &:* code 2ain '0'tem'4 ;:S! "a08a3e 5 2a'ter+ard &a0&a'' Small "a0ment' 6for in'tance % time' 20< in a ro100#000 "a0ment terminal' in (rance 0 million' *(+7enabled credit card' in the =.S.
)Hacking the *(+ credit card' for fun and debit ,-. Renaud Lifchitz BT Hackito Ergo Sum 20 2 !"ril 2# $# % &ari'# (rance
Ho1 to recognize an *(+7enabled credit card9
Small 1a3e logo "rinted on the card4
+ontactle'' "a0ment goal'

!chie3e fa'ter?'im"ler?ea'ier "a0ment' 2ake "eo"le bu0 more 62a'ter+ard +anada ha' 'een )about 2> "ercent. higher '"ending b0 it' &a0&a'' u'er':ntero"erable '0'tem'
>
+redit card 'tandard'
Aata 'torage and 'ecurit04 E2; 'tandard' 6Euro"a0 2a'ter+ard and ;:S!&rotocol command' and card' 'torage la0out4 :SB CD @ 'tandard'
E2;
+ard memor04 a real file'0'tem 1ith a root director0 62(-# folder' 6A(- and file' 6E(- identified b0 2 b0te'# according to :SB CD @7%
Aata encoding4 BER TL; 63er0 near from !S*. - E online decoder4 htt"4??111.em3lab.org?tl3util'?
:SB CD @7%
ReFue't' 7 'im"lified command 'et'4

+la'' 6 b0te:n'truction 6 b0te&arameter Aata field Length of eG"ected re'"on'e 6 b0te5 2 6 b0te eachLength of data 6 b0te-
!n'1er'4

Aata field S8 5 S82 error code' 6 b0te each-
The idea
(rench *a3igo contactle'' tran'"ortation card' al'o u'e :SB CD @ enca"'ulation o3er R(:A but4

*o "er'onal data on card 6card :A I cardholder :A='e good encr0"tion ='e good authentication ='e digital 'ignature ='e encr0"tion ='e a combined reading to a3oid rogue acce'' 6o"ticalJR(:A-
R(:A "a''"ort'4

E R(:A credit card' 6K mone0- 'hould be a' 'ecure a' tho'e t1o# 'houldn/t them9
NO, BECAUSE THERE IS SIMPLY NO AUTHENTICATION NOR ENCRYPTION!!!
*(+
Aifferent name' for nearl0 the 'ame thing4 R(:A?*(+?+it0zi H( 6 $#>@ 2hz- 5 L( 6 2>7 $% kHz- u'age' 2o't common H( "rotocol4 :SB %%%$ 6:SB %%%$7 to :SB %%%$7%+an be u'ed for tunneling?enca"'ulation
*(+ reader'
=SB reader'4

S+2 S+L$C
6%0< dongle-
!+S !+R 20=?!+R 22= 6flatSam'ung *eGu' S# Sam'ung LalaG0 *eGu' BlackBerr0 Bold HH00?HH$0# BlackBerr0 +ur3e H$>0?H$@0?H$C0 *okia *H?+C?@0$
&hone'4

Tool'
:SB CD @ 6contact- "rotot0"ing4 scriptor *(+ 6contactle''- "rotot0"ing4 libnfc pn53x-tamashell (inal coding4 libnfc 6EB(# SB( and +R+ are automagicall0 handled-
Remotel0 a3ailable data
E3er0thing from E2; 'tandard' a' if 1e had a contact interface9
+onfirmed4

+ardholder4 gender# fir't name and la't name &!* 6&rimar0 !ccount *umberEG"iration date 2agnetic 'tri"e data Tran'action hi'tor0
&robabl04 general card information 6i''uer# "ublic ke0'# MBut no +;;N 6Ou't a one7time7+;; functionalit0)Hacking the *(+ credit card' for fun and debit ,-. Renaud Lifchitz BT Hackito Ergo Sum 20 2 !"ril 2# $# % &ari'# (rance
&o''ible attack'
Read 3ictim/' card data and u'e it on e7 commerce 1eb'ite'4 +;; i' not al1a0' mandator0 and +;; can be bruteforced 6onl0 000 "o''ibilitie'...Remote card AoS9 6'end $ time' a bad &:* code+reate a magnetic 'tri"e dum" remotel0 6card clone 1ill be u'eful 1here chi" card?&:* i' not mandator04 mo't E= countrie'# =S!# M='er identification and tracking 6terrori'm...)Hacking the *(+ credit card' for fun and debit ,-. Renaud Lifchitz BT Hackito Ergo Sum 20 2 !"ril 2# $# % &ari'# (rance
>
T0"ical libnfc attack 'eFuence
- :nitiator Li't &a''i3e Target' 61ake u" cardN-4
4A 01 00 40 01 00 A4 04 00 07 A0 00 00 00 42 10 10 00 40 01 00 B2 02 0C 00 00
2- Select banking a""lication 6!:A-4
$- Read '"ecific E2; record4
libnfc "refiG?'uffiG o"code :SB7CD @ command E2; '"ecific

!:A 'election
Some 1ell kno1n !:A'4

;i'a debit?credit4 !0 00 00 00 0$ 0 0 2a'ter+ard credit4 !0 00 00 00 0% 0 0 !merican EG"re''4 !0 00 00 00 2> 00 00 +B4 !0 00 00 00 %2 0 0
Be careful4 E( id' can 3ar0 accordingl0N
&roof of +once"t
&roof of +once"t de'kto" com"uter
&roof of +once"t !ndroid 'mart"hone
20
!ttack limitation'
2ain limitation i' the di'tance :SB %%%$ 'tandard' 'tate4
!cti3e read u" to $ to >cm in "ractice !cti3e read u" to .>m 6>0G betterN- u'ing a dedicated am"lifier 62000<- and antenna 6 000<-. E3er0thing fit' into a back"ack... &a''i3e 'niffing u" to >m 6>00G betterN- u'ing a radio recei3er 6e.g. =SR&- 1ith a 'tandard tele'co"ic antenna
But t1eaking the de3ice'4
Remember4 in !ugu't 200%# hacker' 'ucceeded in eGtending a Bluetooth dongle range from 0m to #CkmN 6htt"4??trifinite.org?trifiniteP'tuffPld'.html)Hacking the *(+ credit card' for fun and debit ,-. Renaud Lifchitz BT Hackito Ergo Sum 20 2 !"ril 2# $# % &ari'# (rance
&a''i3e 'niffing
Reader probes, commun ca! on " !# !#e cred ! card, and !#en probes a$a n
22
Ho1 to "rotect9
OR
2$
Ho1 'hould 'ecurit0 be9
+ontactle'' acce''e' 'hould be authenticated to a3oid rogue reader' +ontactle'' "rotocol 'hould be encr0"ted to a3oid ea3e'dro""ing Se''ion integrit0 'hould be en'ured 6e.g. H2!+to a3oid inOection Thi' alread0 eGi't'NNN 6for eGam"le (rench *a3igo tran'"ortation cardConc%us on4 E2; i' "oorl0 de'igned for *(+ and need' a com"lete re1riteN...
2%
Regulator0 com"liance
2 maOor regulator0 i''ue' due to thi' lack of 'ecurit04

&+: ASS com"liance &er'onal data "rotection
2>
&+: ASS com"liance 6 ?$
:ntended for or$an &a! ons !#a! #and%e card#o%der n'orma! on 6merchant'# financial in'titution'# 'oft1are 5 hard1are de3elo"er'# indu'tr0 "rofe''ional'...)&+: Aata Securit0 Standard. is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data. 6 htt"'4??111."ci'ecurit0'tandard'.org&+: ASS i' '"on'ored b0 the 'ame 1ho ha3e de'igned and di'tributed *(+ credit card' 6;i'a# 2a'ter+ard# ...- in order to a3oid fraud
2@
&+: ASS com"liance 62?$
ReFuirement % of &+: ASS 7 QEncr0"t tran'mi''ion of cardholder data acro'' o"en# "ublic net1ork'Q4

Sco"e4 all 1irele'' technologie' Te'ting &rocedure %. .a4 )Select a 'am"le of tran'action' a' the0 are recei3ed and ob'er3e tran'action' a' the0 occur to 3erif0 that cardholder data i' encr0"ted during tran'it..
=n'olicited acce''e' and mo't 'olicited acce''e' to the credit card' are +LE!RTERT !*A :*+L=AE +!RAHBLAER A!T! Thi' i' a 2!SBR (!:LN *(+ "a0ment' are not com"liant 1ith &+: ASS and organization' can become non7com"liant b0 acce"ting them...
2C
&+: ASS com"liance 6$?$
Ho1e3er# one of the 2 bigge't credit card 'u""lier 'tate' in it' "ublic (!T that )technicall0# the contactle'' functionalit0 6...- "rotect' cardholder information u'ing (er) secured d)nam c cr)p!o$rams. :ndeed# it/' clearteGtNNN
2D
&er'onal data "rotection
:n (rance# it i' a criminal offen'e not to "rotect "er'onal data 1hen 0ou handle them Uou al'o ha3e to com"l0 1ith E= regulator0 con'traint' on "er'onal data "rotection +*:L# a (rench "ublic organization i' re'"on'ible to re"ort offen'e' That/' 1h0 credit card 'u""lier' "robabl0 don/t com"l0 1ith (rench la1 tooN...
2H
Timeline of di'co3er0
Aecember 2nd# 20
4 20 di'co3er0
: notif0 m0 "er'onal bank during the follo1ing 1eek. The0 thanked for the 'te" but 'ince : ha3e no ne1' Sanuar0 $0# 20 24 Vri'tin &aget 'ho1' 'omething Fuite 'imilar at Shmoocon# u'ing dedicated commercial hard1are ! bit later# (rench L:E +B officiall0 'tate' that the0 are a1are of ri'k' 1ith *(+ credit card' !"ril $# 20 24 : notif0 'ome other bank'# the (rench 2ini'tr0 of (inance and the +*:L during a 'hort demo 6LS Aa0' 20 2# &ari':n3e'tigation' are currentl0 being made b0 the'e organization' and la1 enforcement
$0
Legal conteGt related to (rench la1
Thi' i' *BT re3er'e engineering4 E2; 'tandard i' a3ailable to e3er0bod0 for a long time. The "roof of conce"t i' Ou't a 'mall E2; im"lementation Thi' i' *BT made for counterfeit'4 8e ha3e Ou't eGtracted "er'onal information that alread0 belong' to u'# and thi' i' neither not nece''ar0 nor 'ufficient for counterfeit' 8e H!;E*/T BRBVE* an0 'ecurit0 or tried to# becau'e there i' noneN
Thank'N
!n0 Fue'tion'9
$2

HES 2012 Rlifchitz Contactless Payments Insecurity

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

HES 2012 Rlifchitz Contactless Payments Insecurity

Uploaded by

Copyright:

Available Formats

Hacking the NFC credit cards for fun and debit ;)

Renaud Lifchitz BT renaud.lifchitz@bt.com Hackito Ergo Sum 20 2 !"ril 2# $# % &ari'# (rance

(rench com"uter 'ecurit0 engineer 1orking at BT 2ain acti3itie'4

8hat i' contactle'' "a0ment9

Ho1 to recognize an *(+7enabled credit card9

Small 1a3e logo "rinted on the card4

+ontactle'' "a0ment goal'

+redit card 'tandard'

ReFue't' 7 'im"lified command 'et'4

Aata field S8 5 S82 error code' 6 b0te each-

NO, BECAUSE THERE IS SIMPLY NO AUTHENTICATION NOR ENCRYPTION!!!

Remotel0 a3ailable data

E3er0thing from E2; 'tandard' a' if 1e had a contact interface9

T0"ical libnfc attack 'eFuence

- :nitiator Li't &a''i3e Target' 61ake u" cardN-4

2- Select banking a""lication 6!:A-4

$- Read '"ecific E2; record4

libnfc "refiG?'uffiG o"code :SB7CD @ command E2; '"ecific

Some 1ell kno1n !:A'4

;i'a debit?credit4 !0 00 00 00 0$ 0 0 2a'ter+ard credit4 !0 00 00 00 0% 0 0 !merican EG"re''4 !0 00 00 00 2> 00 00 +B4 !0 00 00 00 %2 0 0

Be careful4 E( id' can 3ar0 accordingl0N

&roof of +once"t de'kto" com"uter

&roof of +once"t !ndroid 'mart"hone

2ain limitation i' the di'tance :SB %%%$ 'tandard' 'tate4

But t1eaking the de3ice'4

Ho1 'hould 'ecurit0 be9

2 maOor regulator0 i''ue' due to thi' lack of 'ecurit04

&+: ASS com"liance &er'onal data "rotection

&+: ASS com"liance 6 ?$

&+: ASS com"liance 62?$

&+: ASS com"liance 6$?$

&er'onal data "rotection

Legal conteGt related to (rench la1

You might also like