“Some EMV implementers have merely used counters, timestamps or home-grown algorithms to supply this nonce,” “This exposes them to a ‘pre-play’ attack which is indistinguishable from card cloning from the standpoint of the logs available to the card-issuing bank, and can be carried out even if it is impossible to clone a card physically.”
“We found flaws in widely-used ATMs from the largest manufacturers,” the paper said. “We can now explain at least some of the increasing number of frauds in which victims are refused refunds by banks which claim that EMV cards cannot be cloned and that a customer involved in a dispute must therefore be mistaken or complicit.” the paper said.
EMV devices generate the so-called “unpredictable numbers” (UNs) for every transaction, but the experts claimed that payment machines fail to properly generate random numbers that are required by the EMV protocol to securely authenticate transaction requests for Chip-and-Pin cards.
“EMV implementers have merely used counters, timestamps or home-grown algorithms to supply this nonce. This exposes them to a “pre-play” attack which is indistinguishable from card cloning from the standpoint of the logs available to the card-issuing bank, and can be carried out even if it is impossible to clone a card physically.”
“This variant of the pre-play attack may be carried out by malware in an ATM or POS terminal, or by a man-in-the-middle between the terminal and the acquirer,” the paper said.
“The flaw is that when you put a card into a terminal, a negotiation takes place about how the cardholder should be authenticated: using a PIN, using a signature or not at all. This particular subprotocol is not authenticated, so you can trick the card into thinking it’s doing a chip-and-signature transaction while the terminal thinks it’s chip-and-PIN. The upshot is that you can buy stuff using a stolen card and a PIN of 0000 (or anything you want). We did so, on camera, using various journalists’ cards. The transactions went through fine and the receipts say ‘Verified by PIN’.” the researchers explained.
“The banks appear to have ignored this, perhaps reasoning that it is difficult to scale up an attack that involves access to specific physical cards and also the installation of malware or wiretaps on specific terminals,” the paper said. “We disagree. The Target compromise shows that criminals can deploy malware on merchant terminals widely and exploit it to earn serious money.”
(Security Affairs – Chip-and-PIN cards, cybercrime)