See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/230839731
Chip and Skim: Cloning EMV Cards with the Pre-play Attack
Article · September 2012
DOI: 10.1109/SP.2014.11 · Source: arXiv
CITATIONS
83
READS
5,710
5 authors, including:
Some of the authors of this publication are also working on these related projects:
Actel ProASIC3 Backdoor analysis View project
Steven Murdoch
University College London
105 PUBLICATIONS 3,307 CITATIONS
SEE PROFILE
Sergei P. Skorobogatov
University of Cambridge
22 PUBLICATIONS 2,595 CITATIONS
SEE PROFILE
All content following this page was uploaded by Sergei P. Skorobogatov on 25 February 2014.
The user has requested enhancement of the downloaded file.
Chip and Skim: cloning EMV cards
with the pre-play attack
Mike Bond, Omar Choudary, Steven J. Murdoch,
Sergei Skorobogatov, and Ross Anderson
[email protected]
Computer Laboratory, University of Cambridge, UK
Abstract
EMV, also known as “Chip and PIN”, is the leading system for card payments world-
wide. It is used throughout Europe and much of Asia, and is starting to be introduced
in North America too. Payment cards contain a chip so they can execute an authentica-
tion protocol. This protocol requires point-of-sale (POS) terminals or ATMs to generate
a nonce, called the unpredictable number, for each transaction to ensure it is fresh. We
have discovered that some EMV implementers have merely used counters, timestamps or
home-grown algorithms to supply this number. This exposes them to a “pre-play” attack
which is indistinguishable from card cloning from the standpoint of the logs available to
the card-issuing bank, and can be carried out even if it is impossible to clone a card phys-
ically (in the sense of extracting the key material and loading it into another card). Card
cloning is the very type of fraud that EMV was supposed to prevent. We describe how we
detected the vulnerability, a survey methodology we developed to chart the scope of the
weakness, evidence from ATM and terminal experiments in the field, and our implemen-
tation of proof-of-concept attacks. We found flaws in widely-used ATMs from the largest
manufacturers. We can now explain at least some of the increasing number of frauds in
which victims are refused refunds by banks which claim that EMV cards cannot be cloned
and that a customer involved in a dispute must therefore be mistaken or complicit. Pre-
play attacks may also be carried out by malware in an ATM or POS terminal, or by a
man-in-the-middle between the terminal and the acquirer. We explore the design and im-
plementation mistakes that enabled the flaw to evade detection until now: shortcomings of
the EMV specification, of the EMV kernel certification process, of implementation testing,
formal analysis, or monitoring customer complaints. Finally we discuss countermeasures.
1 The Smoking Gun
EMV is now the leading scheme worldwide for debit and credit card payments, as well as for
cash withdrawals at ATMs, with more than 1.34 billion cards in use worldwide. US banks were
late adopters, but are now in starting to issue EMV cards to their customers. EMV cards
contain a smart card chip, and are more difficult to clone than the magnetic-strip cards that
preceded them.
EMV was rolled out in Europe over the last ten years, with the UK being one of the early
adopters (from 2003–5). After it was deployed, the banks started to be more aggressive towards
customers who complained of fraud, and a cycle established itself. Victims would be denied
compensation; they would Google for technical information on card fraud, and find one or other
of the academic groups with research papers on the subject; the researchers would look into
their case history; and quite often a new vulnerability would be discovered.
The case which kicked off the research we report here was that of a Mr Gambin, a Maltese
customer of HSBC who was refused a refund for a series of transactions that were billed to his
1
arXiv:1209.2531v1 [cs.CY] 12 Sep 2012Chip and Skim Bond, Choudary, Murdoch, Skorobogatov and Anderson
card and which HSBC claimed must have been made with his card and PIN at an ATM in
Palma, Majorca on the 29th June 2011. In such cases we advise the fraud victim to demand
the transaction logs from the bank. In many cases the banks refuse, or even delete logs during
the dispute process, leaving customers to argue about generalities. Some courts have recently
criticised banks for this and in the Gambin case the bank produced detailed log data. We
observed that one of the fields on the log file, the “unpredictable number” or UN, appeared to