Vulnerabilities in the Implementation of the EMV Payment Card

EMV Card PIN Verification

Researchers at ETH Zurich have found vulnerabilities in implementing the EMV payment card standard which allows the mounting of cardholder and merchant targeting attacks.

David Basin, Ralf Sasse, and Jorge Toro-Pozo from ETH Zurich’s Department of Computer Science describe in a newly published paper that vulnerabilities found in standard EMV implementation could be exploited to make the PIN verification useless on Visa contactless transactions.

Established in the mid-90s and named after its founders (Europay, Mastercard , and Visa), EMV is the international smartcard payment system used in more than 80% of card-present transactions around the world.

Deemed stable, the standard remains vulnerable, mainly due to logical flaws, according to researchers at the ETH Zurich. The researchers identified vulnerabilities using a symbolic model built in Tamarin, leading to two attacks targeting the cardholder or the merchant.

The first assault, say the researchers, allows an opponent to make purchases without even knowing the PIN of the wallet, using a smartphone to make the payment. The scholars developed an Android proof-of – concept app that proves the efficacy of the attack in real-world scenarios.

The terminal would be fooled into accepting an unauthentic offline transaction in the second attack, which would later be refused, but only “after the thief walks away with the goods.”

The model being proposed takes into account all three elements present in an EMV session, the bank, the terminal and the card. The model revealed that the cardholder verification method is not authenticated, nor cryptographically secured against alteration, thus enabling the use of a designed Android application to bypass the PIN verification.

The app launches a man-in-the-middle attack, informing the terminal that PIN verification has been carried out on the computer of the user (i.e. the mobile phone) and is no longer necessary. An intruder could therefore use stolen Visa cards for contactless transactions, without knowing the PIN of the card.

“For a number of transactions with Visa-branded cards, such as Visa Credit, Visa Electron and VPay cards, we successfully tested our PIN bypass assault on real-world terminals. The cashier can not differentiate the actions of the intruder from those of any legitimate cardholder, as it is now normal for consumers to pay with their smartphones, “the researchers explain.

The academics have discovered that in offline contactless transactions where a Visa or an old Mastercard is used because the card does not authenticate the Application Cryptogram (AC) to the terminal, the terminal could be fooled into accepting an unauthentic offline transaction. Much later, when the acquirer submits the transaction data, it would recognize the wrong cryptogram.

“Our analysis revealed unexpected variations between the security of Mastercard and Visa’s contactless payment protocols, suggesting Mastercard is safer than Visa. We noticed no major problems with the version of the Mastercard protocol running in modern cards. […] Visa, by comparison, suffers from a number of critical issues, “reads the research paper.

Researchers reveal that they only used their own cards to conduct the experiments, and that the results were told of Visa. They also suggested updates that could be implemented by both banks and Visa, and said these fixes do not require changes to the EMV standard itself.

Mark Funk
Mark Funk is an experienced information security specialist who works with enterprises to mature and improve their enterprise security programs. Previously, he worked as a security news reporter.