Your Money or Your Life—Modeling and Analyzing the Security of Electronic Payment in the UC Framework
EMV, also known as Chip and PIN, is the world-wide standard for card-based electronic payment. Its security wavers: over the past years, researchers have demonstrated various practical attacks, ranging from using stolen cards by disabling PIN verification to cloning cards by pre-computing transaction data. Most of these attacks rely on violating certain unjustified and not explicitly stated core assumptions upon which EMV is built, namely that the input device (e.g. the ATM) is trusted and all communication channels are non-interceptable. In addition, EMV lacks a comprehensive formal description of its security.
In this work we give a formal model for the security of electronic payment protocols in the Universal Composability (UC) framework. A particular challenge for electronic payment is that one participant of a transaction is a human who cannot perform cryptographic operations. Our goal is twofold. First, we want to enable a transition from the iterative engineering of such protocols to using cryptographic security models to argue about a protocol’s security. Second, we establish a more realistic adversarial model for payment protocols in the presence of insecure devices and channels.
We prove a set of necessary requirements for secure electronic payment with regards to our model. We then discuss the security of current payment protocols based on these results and find that most are insecure or require unrealistically strong assumptions. Finally, we give a simple payment protocol inspired by chipTAN and photoTAN and prove its security.
Our model captures the security properties of electronic payment protocols with human interaction. We show how to use this to reason about necessary requirements for secure electronic payment and how to develop a protocol based on the resulting guidelines. We hope that this will facilitate the development of new protocols with well-understood security properties.
KeywordsEMV Universal Composability Security models Human-server-interaction Electronic payment
- 1.Achenbach, D., et al.: Your Money or Your Life-Modeling and Analyzing the Security of Electronic Payment in the UC Framework, Full version of the paper (2019). https://crypto.iti.kit.edu/fileadmin/User/Mechler/AGHKLMMQR19.pdf
- 2.Anderson, R., Bond, M., Choudary, O., Murdoch, S.J., Stajano, F.: Might financial cryptography kill financial innovation? – the curious case of EMV. In: Danezis, G. (ed.) FC 2011. LNCS, vol. 7035, pp. 220–234. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-27576-0_18CrossRefGoogle Scholar
- 3.Basin, D.A., Radomirovic, S., Schläpfer, M.: A complete characterization of secure human-server communication. In: Fournet, C., Hicks, M.W., Viganó, L. (eds.) IEEE 28th Computer Security Foundations Symposium, CSF 2015, pp. 199–213. IEEE Computer Society (2015)Google Scholar
- 4.Bond, M., Choudary, O., Murdoch, S.J., Skorobogatov, S.P., Anderson, R.J.: Chip and skim: cloning EMV cards with the pre-play attack. In: 2014 IEEE Symposium on Security and Privacy, SP 2014, pp. 49–64. IEEE Computer Society (2014)Google Scholar
- 5.Borchert IT-Sicherheit UG: Display-TAN Mobile Banking: Secure and Mobile (2018). http://www.display-tan.com/. Accessed 18 Sep 2018
- 6.Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: 42nd Annual Symposium on Foundations of Computer Science, FOCS 2001, pp. 136–145. IEEE Computer Society (2001)Google Scholar
- 11.Commerzbank: Das photoTAN-Lesegerät. https://www.commerzbank.de/portal/media/a-30-sonstige-medien/pdf/themen/sicherheit-1/Flyer_Lesegeraet.pdf. Accessed 13 Dec 2018
- 12.Commonwealth Bank of Australia: Cardless Cash (2018). https://www.commbank.com.au/digital-banking/cardless-cash.html. Accessed 25 Sep 2018
- 13.Cortier, V., Filipiak, A., Florent, J., Gharout, S., Traoré, J.: Designing and proving an EMV-compliant payment protocol for mobile devices. In: 2017 IEEE European Symposium on Security and Privacy, EuroS&P 2017, pp. 467–480. IEEE (2017)Google Scholar
- 15.Denzel, M., Bruni, A., Ryan, M.D.: Smart-guard: defending user input from malware. In: 2016 Intl IEEE Conferences on Ubiquitous Intelligence & Computing, Advanced and Trusted Computing, Scalable Computing and Communications, Cloud and Big Data Computing, Internet of People, and Smart World Congress (UIC/ATC/ScalCom/CBDCom/IoP/SmartWorld), pp. 502–509. IEEE Computer Society (2016)Google Scholar
- 16.Deutsche Bank: photoTAN - schnell und einfach aktiviert. https://www.deutschebank.de/pfb/data/docs/Photo_TAN_Smartphone_2.pdf. Accessed 13 Dec 2018
- 17.Drimer, S., Murdoch, S.J.: Keep your enemies close: distance bounding against smartcard relay attacks. In: Provos, N. (ed.) Proceedings of the 16th USENIX Security Symposium 2007. USENIX Association (2007)Google Scholar
- 18.Emms, M., Arief, B., Freitas, L., Hannon, J., van Moorsel, A.P.A.: Harvesting high value foreign currency transactions from EMV contactless credit cards without the PIN. In: Ahn, G., Yung, M., Li, N. (eds.) 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 716–726. ACM (2014)Google Scholar
- 19.EMV: Integrated Circuit Card Specifications for Payment Systems: Book 1. Application Independent ICC to Terminal Interface Requirements, Version 4.3 (2011)Google Scholar
- 20.EMV: Integrated Circuit Card Specifications for Payment Systems: Book 2. Security and Key Management, Version 4.3 (2011)Google Scholar
- 21.EMV: Integrated Circuit Card Specifications for Payment Systems: Book 3. Application Specification, Version 4.3 (2011)Google Scholar
- 24.Murdoch, S.J., Drimer, S., Anderson, R.J., Bond, M.: Chip and PIN is broken. In: 31st IEEE Symposium on Security and Privacy, S&P 2010, pp. 433–446. IEEE Computer Society (2010)Google Scholar
- 25.Old Bailey Proceedings Online (ed.): Trial of J. Buckley, T. Shenton, version 8.0. (1781). https://www.oldbaileyonline.org/browse.jsp?div=t17810912-37. Accessed 22 Sep 2018
- 26.Postbank: Postbank chipTAN comfort (2018). https://www.postbank.de/privatkunden/chiptan-comfort.html. Accessed Sep 25 2018
- 27.RedTeam Pentesting GmbH: Man-in-the-Middle Attacks against the chipTAN comfort Online Banking System (2009). https://www.redteam-pentesting.de/publications/2009-11-23-MitM-chipTAN-comfort_RedTeam-Pentesting_EN.pdf. Accessed 25 Sep 2018
- 28.Smart Card Alliance: Contactless EMV Payments: Benefits for Consumers, Merchants and Issuers. http://www.emv-connection.com/downloads/2016/06/Contactless-2-0-WP-FINAL-June-2016.pdf. Accessed 17 Dec 2018
- 29.Tamarin: Tamarin prover (2018). https://tamarin-prover.github.io/. Accessed 19 Dec 2018
- 30.Visa: Visa Token Service. https://usa.visa.com/partner-with-us/paymenttechnology/visa-token-service.html. Accessed 17 Dec 2018
- 31.Volksbank Mittelhessen eG: VR-mobileCash: Geld abheben ohne Karte. https://www.vb-mittelhessen.de/privatkunden/girokonto-kreditkarten/infosbanking/geld-abheben-ohne-karte.html. Accessed 25 Sep 2018