electronic payment systems 20-763 lecture 9 smart and stored-value cards
DESCRIPTION
Electronic Payment Systems 20-763 Lecture 9 Smart and Stored-Value Cards. ePayment by Smart Card. Replace cash Cash is expensive to make and use Printing, replacement Anti-counterfeiting measures Transportation Security Cash is inconvenient not machine-readable - PowerPoint PPT PresentationTRANSCRIPT
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Electronic Payment Systems20-763
Lecture 9Smart and Stored-Value Cards
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
ePayment by Smart Card
• Replace cash• Cash is expensive to make and use
– Printing, replacement– Anti-counterfeiting measures– Transportation– Security
• Cash is inconvenient– not machine-readable– humans carry limited amount– risk of loss, theft
• Additional smart card benefits
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Memory Cards
• Magnetic stripe– 140 bytes
• Vanilla memory cards– 1-4 KB memory, no processor
• Optical memory cards– 4 megabytes read-only (CD-like)
• Microprocessor cards– Imbedded microprocessor
• (OLD) 8-bit processor, 16 KB ROM, 512 bytes RAM (Equivalent power to IBM XT PC)
• 32-bit processors now available
– Intelligent, active devices with defenses
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Smart Card Costs
NEW: RW Optical 500 MB 32-bit $15 Reader: $200
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Card Taxonomy
M ag ne ticS tripe
W ie ga nd B ar riumF e rr i te
M ag ne tic
R ad ioF req u en cy
M em ory O n ly W ith M ic roP roce ssor
W r ite O n ce(E P R O M )
M em ory O n ly W ith M ic roP roce ssor
W r ite M a ny(E E P R O M )
S m a rt M em o ry
IC C a rds
B a r C od esS o fts tr ip
O C R O p tica lM em o ry
O p tica l
M ach ine R e ad ab le C ards
SOURCE: BURGER, CAROLL & ASSOCIATES
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Multi-Application Smart Card
Digital CertificatesDigital Certificates
Private Key(s)Private Key(s)
ACE (Active CustomerACE (Active CustomerEnrollment) AuthenticationEnrollment) Authentication
Biometric DataBiometric Data
Employee DataEmployee Data
Magnetic Stripe orMagnetic Stripe orRF Door AccessRF Door Access
Employee PictureEmployee Picture
Encryption KeyEncryption Key
Password CachePassword Cache
S/Mime Secure MailS/Mime Secure Mail
SSL Secure WebSSL Secure Web
Customer PKICustomer PKIApplicationApplication
Single Sign-OnSingle Sign-On
Local File EncryptLocal File Encrypt
Secure Screen SaverSecure Screen Saver
BiometricBiometricAuthenticationAuthentication
Application LoginApplication Login
SOURCE: SECURITY DYNAMICS
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Smart Card Structure
Contacts (8)SOURCE: SMART CARD FORUM
Epoxy
Microprocessor
Contacts
Card(Upside-down)
Contacts:
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Old Smart Card Architecture
SOURCE: SMART CARD FORUM
EEPROM:ElectricallyErasableProgrammableRead-OnlyMemory
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Cyberflex™ Java Smart Card
• Complete 32-bit Java run-time environment on a card• Utilities for compiling and loading cardlets onto the
card from a PC
OPERATING SYSTEM
MICROPROCESSOR
JAVA VIRTUAL MACHINE
1 2 3
CARDLETS
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Smart Card Architecture
• File structure (ISO 7816-4)– Cyclic files
• Database management on a card– SCQL (Structured Card Query Language)– Provides standardized interface– No need to know file formatting details
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
OpenCard Framework (OCF)
SOURCE: OPENCARD.ORG
CardServiceLayer
CardTerminalLayer
(TALKS TO CARD)
(TALKS TO READER)
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
MULTOS Administration
SOURCE: MULTOS
14-COMPANY SMARTCARD CONSORTIUM
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Open Platform Card Specification
SOURCE: GAMMA
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
OP Security Assumptions
• OP card is merely a component • Need to trust:
– back-office systems– cryptographic key management– card/chip operating environment (COE) – off-card security procedures (actors and roles)
• There are vulnerabilities the OP card cannot protect itself against
SOURCE: GAMMA
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
OP Card Security Threats
Group 1 Group 2
Group 4
Group 5Group 6
Group 7
CAD
Clone
Future
Past
CurrentGroup 3
DIRECT ATTACKS ONCHIP CIRCUITRY
INDIRECT ATTACKSON CHIP CIRCUITRY
ATTACKS USING CARDSNOT YET ISSUED, OLD
CARDS, CLONES
ATTACKS ON CARD’SINTERFACE TO THE OUTSIDE,E.G. PREMATURE REMOVAL
ATTACKS ON THE RUN-TIMEENVIRONMENT THROUGH THE
CARD ACCEPTANCE DEVICE (CAD)
THREATS FROM CARD APPS ANDNEED TO SHARE RESOURCES
THREATS BASED ON RTEIMPLEMENTATION
SOURCE: GAMMA
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Smart Card Security
• Observers• Active defenses• Attacks:• Microprobing, microscopy• Differential fault analysis
– (Boneh et al. 1997)– Induce errors, observe output differences
• Differential power analysis
SOURCE: cryptography.com
SOURCE: Kömmerling et al.
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Differential Power Analysis
• Send different inputs to the Smart Card to learn details of its encryption key
• When a correct key value is tried, the algorithm responds• Incorrect keys have zero average response
SMART CARD POWER CONSUMPTIONDURING DES ENCRYPTION
SOURCE: cryptography.com
16 DES ROUNDSINITIAL
PERMUTATIONFINAL PERMUTATION
EXPANDED VIEWOF ROUNDS 2 & 3
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Smart Card Applications
• Ticketless travel: Seoul bus system– 4M cards, 1B transactions since 1996
• Authentication, ID• Medical records• Ecash• Store loyalty programs• Personal profiles• Government
– Licenses
• Mall parking . . .
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Hong Kong Smart Cards
• Octopus– 8 million cards, 9000 readers– 7 million transactions/day
• Visacash• ComPass Visa (VME)• Mondex• GSM SIM• ePark
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Octopus• Transaction time < 300 milliseconds• Transaction fees: HK$0.02 + 0.75%
– $10 transaction costs $0.095 (0.95%)
• Applications– Transit– Telephones– Road tolls– Point-of-sale– Access control
• Anonymous / personalized• How does money get to service providers?
– Net settlement system operated by Creative Star
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Octopus System
SOURCE: WORLD BANK
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Smart Card Sales Leaders (2000)
VENDOR # OF CARDS SHARE
Gemplus 185,000,000 29%
Schlumberger 152,000,000 24%
Oberthur Smart Cards 85,000,000 14%
Giesecke & Devrient 76,000,000 12%
Orga Card Systems 53,000,000 8%
TOTAL 628,000,000SOURCE: CARDWEB.COM
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Mondex
• Subsidiary of MasterCard• Smart-card-based, stored-value card (SVC)• NatWest (National Westminister Bank, UK) et al.• Secret chip-to-chip transfer protocol• Value is not in strings alone; must be on Mondex card• Loaded through ATM
– ATM does not know transfer protocol; connects with secure device at bank
• Spending at merchants having a Mondex value transfer terminal
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Mondex Overview
SOURCES: OKI, MONDEX USA
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Mondex Security
• Active and dormant security software– Security methods constantly changing– ITSEC E6 level (military)
• VTP (Value Transfer Protocol)– Globally unique card numbers– Globally unique transaction numbers– Challenge-response user identification– Digital signatures
• MULTOS operating system– firewalls on the chip
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Payment Cards
• 8-128 Kb• Data rate 115 Kb/sec
• ISO 7816 compliant • Visa-certified• PIN management and verification
• 3DES algorithm for authentication, secure messaging
• Epurse with payment command set (debit,credit, balance, floor limit management)
SOURCE: GEMPLUS
EMV =EUROPAY INT’L,MASTERCARD,VISA
MPCOS =MULTI PAYMENT CHIPOPERATING SYSTEM
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Contactless Cards
• Communicates by radio– Power supplied by reader– Data rate 106 Kb/sec– Read 2.5 ms, write 9 ms– 8 Kb EEPROM, unlimited read, 100,000 writes– Effective range: 10 cm, signals encrypted– Lifetime: 2 years (data retention 10 years)– Two-way authentication, nonces, secret keys– Anticollision mechanism for multiple cards– Unique card serial number
SOURCE: GEMPLUS
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Wireless Card Authorization
SOURCE: SAMSUNG
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Comparison of Payment Methods
PAYMENT TYPE
ADVANTAGES DISADVANTAGES
Cash Anonymous, universal, free
Risk of theft/loss, bulky
Credit Card Almost universal High transaction cost, fraud/forgery
EFTPOS Direct access to cash Must be online, security only moderate
Disposable smart card
Fast, private Risk of loss, limited to small amounts
Personalized smart card
Long useful life, security, like eCash
Not anonymous, lack of international standards