Electronic Commerce Chapter 5 (Part 1)

Micropayment and Stored-Value Cards

Shervin Erfani Fall 2012

October 17, 2012

Outline
What is Micropayment? Smart Card Types Smart Cards Components ATM Card Cryptography OpenCard Framework RFID Tags Card Security Threats Card Manufactures and Issuance
Octopus Mondex

Summary
88-590-02 E-Commerce, S. Erfani University of Windsor

October 17, 2012

What is Micropayment?
All payments less than U.S. $10 are considered micropayments.
Aim to replace cash Constitute electronic purses on integrated-circuit cards Smart cards, Memory cards

Recharging the electronic purse with minetary value requires the intervention of a financial institution. Commercial Offers of micropayment systems:
Octopus GeldKarte Chiper Mondex
October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

Smart Cards
Magnetic stripe
3 tracks, ~140 bytes, cost $0.20-0.75

Memory cards
1-4 KB memory, no processor, cost $1.00-2.50

Optical memory cards

4 megabytes read-only (CD-like), $7-12

Microprocessor cards Imbedded microprocessor

(OLD) 8-bit processor, 16 KB ROM, 512 bytes RAM Equivalent power to IBM XT PC 32-bit processors now available
October 17, 2012 88-590-02 E-Commerce, S. Erfani University of Windsor

SOURCE: MICHAEL I. SHAMOS, CMU

Smart Card Applications

E-Government

Banking

Mass Transit

Public Telephony

Mobile Telecommunications

W-LAN

Retail

Access control
October 17, 2012

Enterprise Security
88-590-02 E-Commerce, S. Erfani University of Windsor

Digital Rights Management SOURCE: JEAN-JACQUES VANDEWALLE 5

Why ePayment with Smart Cards?

Objective: replace cash Cash is expensive to make and use
Printing, replacement Anti-counterfeiting measures Transportation Security

Cash is inconvenient
not machine-readable humans carry limited amount risk of loss, theft

Additional smart card benefits

October 17, 2012 88-590-02 E-Commerce, S. Erfani University of Windsor 6

Smart Card Types

SIM card

Crypto card USB token

Java card Memory card

October 17, 2012 88-590-02 E-Commerce, S. Erfani University of Windsor

SOURCE: ANDREAS STEFFEN

7

Magnetic Stripe Cards

Three tracks: 1 & 3 at 210 bits/inch; 2 at 75 bpi Start sentinel (1 char): % Format code (1 char): B for bank/financial PAN, Primary Account Number (19 char)
Major industry identifier (1 or 2 char): 4, 5 for credit cards Issuer (up to 5 char) Individual account number (up to 12 char)

Field separator (1 char): ^ Name Field separator Expiration date (4 char): YYMM Proprietary fields, including Pin Verification Value (P V V)
October 17, 2012 88-590-02 E-Commerce, S. Erfani University of Windsor 8

Laser Optical Memory Card

Capacity: 1MB - 1GB

October 17, 2012

88-590-02 E-Commerce, S. Erfani University of Windsor

Microprocessor Card Adoption

2,000 1,800 1,600 1,400 1,200 1,000 800 600 400 200 0 2000 2001 2002 2003 2004

MILLIONS OF CARDS WORLDWIDE

Asia Pacific Japan Europe Americas North America

1999: 500 M microprocessor cards 2004: 1750 M microprocessor cards

SOURCE: DATAQUEST (10/2000)
October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

10

Smart Card Structure

Contacts:

Microprocessor

Contacts

Card (Upside-down)

Epoxy

SOURCE: SMART CARD FORUM

October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

Contacts (8)
11

Old (8-bit) Smart Card Architecture

EEPROM: Electrically Erasable Programmable Read-Only Memory

SOURCE: SMART CARD FORUM

October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

12

Smart Card Components (1)

Processors
8-bit, typical clock speed: 5 MHz (8-bit) Optional cryptographic processor 32-bit, clock speed 300 MHz 64-bit, 600 MHz

SOURCE: SUMIT DHAR

October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

13

Smart Card Components (2)

ROM: Read Only Memory
Used for storing fixed programs. Holds the operating system Typically varies from 2KB to around 16 KB Once written, cannot be changed Occupies the least area

PROM: Programmable Read Only Memory

Used for loading card serial number Very small, typically just 32 bytes

SOURCE: SUMIT DHAR

October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

14

Smart Card Components (3)

EEPROM: Electrically Erasable Read Only Memory
Stores variable data Holds various applications and their data. Can be read or written to subject to permissions. Typically 2 - 32 KB

RAM: Random Access Memory

Used as temporary storage. Erased on power off. Typically 128-512 bytes
SOURCE: SUMIT DHAR
October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

15

Cyberflex Java Smart Card

Complete 32-bit Java run-time environment on a card Utilities for compiling and loading cardlets onto the card from a PC

SOURCE: MICHAEL I. SHAMOS, CMU

October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

16

Smart Card Architecture

File structure (ISO 7816-4)
Cyclic files

Database management on a card

SCQL (Structured Card Query Language) Provides standardized interface No need to know file formatting details

October 17, 2012

88-590-02 E-Commerce, S. Erfani University of Windsor

SOURCE: MICHAEL I. SHAMOS, CMU

17

How It Works: Cyclic File

byte number
1 2 3 4 5 6 7 8 9 m

record 1 number 2
3 4

n+1st record

READ gives the most recently written record Maximum number of records: 254 When maximum is reached, first record is overwritten Record length: 1 .. 254 bytes SOURCE: ANDREAS STEFFEN
October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

18

ATM and Debit Card Cryptography

PIN cannot be stored anywhere in plaintext PIN cannot be reverse-engineered from the card or any database Generate a random 4-digit number (the PIN) Combine PIN with other data (account number) to form a data block Encrypt the data block using 3DES and secret bank keys Select several digits from the encrypted data to use as the Pin Verification Value (P V V)
October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

19

Forming the Pin Verification Value

ACCOUNT NUMBER 4-DIGIT PIN SECRET BANK KEYS ENCRYPTED DATA BLOCK

3DES

SELECT 4-6 DIGITS FROM ENCRYPTED DATA BLOCK TO FORM P V V

PIN VERIFICATION VALUE (P V V)

CARD HAS ACCOUNT NUMBER AND P V V

October 17, 2012

88-590-02 E-Commerce, S. Erfani University of Windsor

20

Using the ATM Card

CARD HAS ACCOUNT NUMBER AND PVV ATM MACHINE READS ACCOUNT NUMBER AND P V V USER TYPES PIN MACHINE NOW HAS:

P V Vs MATCH? USER IS AUTHENTIC P V Vs DIFFERENT? USER IS REJECTED

ACCOUNT NUMBER
MACHINE HAS BANK KEYS IN HARDWARE:

4-DIGIT PIN

PV V

COMPARE CARD P V V WITH COMPUTED P V V

SECRET BANK KEYS

3DES

DECRYPTED DATA BLOCK

PV V

COMPUTE P V V
October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

21

OpenCard Framework (OCF)

OpenCard Framework (OCF) implements the integration of Smart Cards with Computer systems. OCF is a Java-oriented framework based on UNIX operating system. OCF shields the Java applications from specifics of each smart card or access terminals such as ATM terminal. OCF version 1.2 was introduced in 2000 by OpenCard Consortium, which included IBM and Sun Microsystems. OCF is capable of handling several simultaneous requests for access. OCF supports authentication systems that rely on reading several cards at once.
October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

22

OpenCard Framework (OCF) Implementation

SOURCE: OPENCARD.ORG
October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

23

Card Security Threats

Group 5
ATTACKS ON THE RUN-TIME ENVIRONMENT THROUGH THE CARD ACCEPTANCE DEVICE (CAD)
Clone Future Past

Group 6
THREATS FROM CARD APPS AND NEED TO SHARE RESOURCES

Group 7 CAD Group 4

ATTACKS ON CARDS INTERFACE TO THE OUTSIDE, E.G. PREMATURE REMOVAL
88-590-02 E-Commerce, S. Erfani University of Windsor

Group 3
ATTACKS USING CARDS NOT YET ISSUED, OLD CARDS, CLONES

Current

THREATS BASED ON RTE IMPLEMENTATION

Group 1
DIRECT ATTACKS ON CHIP CIRCUITRY
October 17, 2012

Group 2
INDIRECT ATTACKS ON CHIP CIRCUITRY
SOURCE: GAMMA
24

Power and Timing Cryptanalysis

NOP
(no operation)

MUL
(multiplication)

JMP
(jump)

power consumption

time
Source: Rankl and Effing, "Handbuch der Chipkarten", 2002
October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

25

Differential Power Cryptanalysis

Send different inputs to the Smart Card to learn details of its encryption key When a correct key value is tried, the algorithm responds Incorrect keys have zero average response
INITIAL PERMUTATION EXPANDED VIEW OF ROUNDS 2 & 3 SMART CARD POWER CONSUMPTION DURING DES ENCRYPTION 16 DES ROUNDS FINAL PERMUTATION

SOURCE: cryptography.com
October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

26

Contactless Card
Communicates by radio
Power supplied by reader Data rate 106 Kb/sec Read 2.5 ms, write 9 ms 8 Kb EEPROM, unlimited read, 100,000 writes Effective range: 10 cm, signals encrypted Lifetime: 2 years (data retention 10 years) Two-way authentication, nonces, secret keys Anticollision mechanism for multiple cards Unique card serial number
SOURCE: GEMPLUS
October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

27

RFID Tags
IC Chip

32mm and 23mm capsule transponder Antenna

October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

28

How RFID Works

1) 2) 3) 4) 5) 6) 7) 8) Tag enters RF field RF signal powers tag Tag transmits ID, plus data Reader captures data Reader sends data to computer Computer determines action Computer instructs reader Reader transmits data to tag Antenna

Tag
Computer RFID Reader
SOURCE: PHILIPS
October 17, 2012

Euro Banknotes
European Central Bank planned to implant RFID tags in banknotes by 2005

Uses
Anti-counterfeiting Tracking money flows

October 17, 2012

88-590-02 E-Commerce, S. Erfani University of Windsor

30

Implementation Example 1

October 17, 2012

88-590-02 E-Commerce, S. Erfani University of Windsor

31

Implementation Example 2: Automated Toll Collection

October 17, 2012

88-590-02 E-Commerce, S. Erfani University of Windsor

32

Implementation Example 3: Hong Kong Smart Cards

Octopus
12 million cards, 15,000 readers 7 million transactions/day $48M HKD per day

Visacash ComPass Visa (VME) Mondex GSM SIM, ePark

October 17, 2012

88-590-02 E-Commerce, S. Erfani University of Windsor

33

Implementation: Octopus
SONY RC-S833 CONTACTLESS SMART CARD SONY READER/WRITER

I/O SPEED: 211 Kbps

SOURCE: SONY
October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

34

Implementation: Octopus Card Features

Hong Kong RFID payment card Operating distance: 15 cm Bandwidth: 211 Kb/sec Triple DES in 70 sec EEPROM 1536 bytes 128-byte data backup area 16-byte manufacturer ID; 16-byte issue ID Processing time: 50 msec on card, 300 msec overall Random access and cyclic files SOURCE: MITSUBISHI Anti-collision protocol
October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

35

Implementation: Octopus Card Security

October 17, 2012

88-590-02 E-Commerce, S. Erfani University of Windsor

SOURCE: MITSUBISHI

36

Octopus Clearing

October 17, 2012

88-590-02 E-Commerce, S. Erfani University of Windsor

SOURCE: SAMMY KAM

37

Octopus Settlement
CONSOLIDATE DATA

PRINT REPORTS ROUTE DATA TO CCHS

SERVICE PROVIDER CENTRAL COMPUTERS (SPCC) MTR CENTRAL COMPUTER LOAD AGENT CENTRAL COMPUTER CENTRAL CLEARING HOUSE SYSTEM
VALIDATE DATA NET ACCOUNTING

DISTRIBUTE SOFTWARE

COLLECT TRANSACTIONS PRINT REPORTS SEND DATA TO SPCC

STATION COMPUTER CCHS

SETTLE MENT
MUTUAL

HSBC HEXAGON

AUTHENTICATION CHECK BLACKLIST UPDATE CARD STORE TRANSACTIONS FARE PROCESSORS

October 17, 2012

OCTOPUS BANK
REGULAR ACCT BUFFER ACCT RESERVE ACCT

MTRS BANK

LOAD AGENTS BANK

SOURCE: MICHAEL I. SHAMOS, CMU

88-590-02 E-Commerce, S. Erfani University of Windsor

38

Octopus Expansion

Identity card Access control Hotel room key Credit card McDonalds Mobile phone Home readers
October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

SOURCE: CREATIVE STAR

39

Implementation: Mondex
Subsidiary of MasterCard Smart-card-based, stored-value card (SVC) NatWest (National Westminister Bank, UK) et al. Secret chip-to-chip transfer protocol Value is not in strings alone; must be on Mondex card Loaded through ATM
ATM does not know transfer protocol; connects with secure device at bank

Spending at merchants having a Mondex value transfer terminal

October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

40

Mondex Overview

SOURCES: OKI, MONDEX USA

October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

41

Mondex security
Active and dormant security software
Security methods constantly changing ITSEC E6 level (military)

VTP (Value Transfer Protocol)

Globally unique card numbers Globally unique transaction numbers Challenge-response user identification Digital signatures

MULTOS operating system

Firewalls on the chip
October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

42

Summary
o Smart cards replace cash.
The applications are primarily in banking, mobile telephony, and pay TV.

o Potential of cards is unexplored; new uses added every day:

badges for access control

o Powerful microprocessors allow:

cryptography certificates, authentication secure purses

o Wireless (contactless) cards enable new business models. o Smart card security is not perfect. o Several electronic purses were proposed and introduced for making micropayments. o OCF is a java-oriented integration of integrated-circuit cards with computers.
October 17, 2012
88-590-02 E-Commerce, S. Erfani University of Windsor

43

References
M. H. Sherif, Protocols for Secure Electronic Commerce. Boca Raton, FL: CRC Press LLC., 2004, Chapters 9 and 13. Electronic Payment Systems (20-763) Official Course Web http://euro.ecom.cmu.edu/program/courses/tcr763/2002pgh/cards7.ppt

October 17, 2012

88-590-02 E-Commerce, S. Erfani University of Windsor

44

October 17, 2012

88-590-02 E-Commerce, S. Erfani University of Windsor

45