Stored-Value Cards
Download
Report
Transcript Stored-Value Cards
Electronic Payment Systems
20-763
Lecture 9
Smart and Stored-Value Cards
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
ePayment by Smart Card
• Replace cash
• Cash is expensive to make and use
–
–
–
–
Printing, replacement
Anti-counterfeiting measures
Transportation
Security
• Cash is inconvenient
– not machine-readable
– humans carry limited amount
– risk of loss, theft
• Additional smart card benefits
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Memory Cards
• Magnetic stripe
– 140 bytes
• Vanilla memory cards
– 1-4 KB memory, no processor
• Optical memory cards
– 4 megabytes read-only (CD-like)
• Microprocessor cards
– Imbedded microprocessor
• (OLD) 8-bit processor, 16 KB ROM, 512 bytes RAM
(Equivalent power to IBM XT PC)
• 32-bit processors now available
– Intelligent, active devices with defenses
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Smart Card Costs
NEW: RW Optical
500 MB
20-763 ELECTRONIC PAYMENT SYSTEMS
32-bit
$15
FALL 2001
Reader: $200
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Card Taxonomy
Machine Readable Cards
Magnetic
Magnetic
Stripe
Wiegand
IC Cards
Barrium
Ferrite
Radio
Frequency
Write Once
(EPROM)
Memory Only
With Micro
Processor
Smart
Optical
Memory
Bar Codes
Softstrip
OCR
Optical
Memory
Write Many
(EEPROM)
Memory Only
With Micro
Processor
SOURCE: BURGER, CAROLL & ASSOCIATES
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Micropayments
SOURCE: SMARTCARDCENTRAL.COM
Multi-Application Smart Card
Private Key(s)
SSL Secure Web
S/Mime Secure Mail
Digital Certificates
Customer PKI
Application
ACE (Active Customer
Enrollment) Authentication
Biometric Data
Single Sign-On
Encryption Key
Biometric
Authentication
Employee Data
Local File Encrypt
Password Cache
Secure Screen Saver
Employee Picture
Application Login
Magnetic Stripe or
RF Door Access
SOURCE: SECURITY DYNAMICS
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Smart Card Structure
Contacts:
Microprocessor
Contacts
Card
(Upside-down)
Epoxy
Contacts (8)
SOURCE: SMART CARD FORUM
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Old Smart Card Architecture
EEPROM:
Electrically
Erasable
Programmable
Read-Only
Memory
SOURCE: SMART CARD FORUM
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Cyberflex™ Java Smart Card
• Complete 32-bit Java run-time environment on a card
• Utilities for compiling and loading cardlets onto the
card from a PC
CARDLETS
1
2
3
JAVA VIRTUAL MACHINE
OPERATING SYSTEM
MICROPROCESSOR
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Smart Card Architecture
• File structure (ISO 7816-4)
– Cyclic files
• Database management on a card
– SCQL (Structured Card Query Language)
– Provides standardized interface
– No need to know file formatting details
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
OpenCard Framework (OCF)
CardService
Layer
(TALKS TO CARD)
CardTerminal
Layer
(TALKS TO READER)
SOURCE: OPENCARD.ORG
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
MULTOS Administration
14-COMPANY SMART
CARD CONSORTIUM
SOURCE: MULTOS
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Open Platform Card Specification
SOURCE: GAMMA
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
OP Security Assumptions
• OP card is merely a component
• Need to trust:
– back-office systems
– cryptographic key management
– card/chip operating environment (COE)
– off-card security procedures (actors and roles)
• There are vulnerabilities the OP card cannot protect
itself against
SOURCE: GAMMA
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
OP Card Security Threats
Group 5
ATTACKS ON THE RUN-TIME
ENVIRONMENT THROUGH THE
CARD ACCEPTANCE DEVICE (CAD)
Group 6
THREATS FROM CARD APPS AND
NEED TO SHARE RESOURCES
Clone
Future
Group 7
Past
Group 3
Current
ATTACKS USING CARDS
NOT YET ISSUED, OLD
CARDS, CLONES
THREATS BASED ON RTE
IMPLEMENTATION
CAD
Group 4
Group 1
DIRECT ATTACKS ON
CHIP CIRCUITRY
ATTACKS ON CARD’S
INTERFACE TO THE OUTSIDE,
E.G. PREMATURE REMOVAL
Group 2
INDIRECT ATTACKS
ON CHIP CIRCUITRY
SOURCE: GAMMA
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Smart Card Security
•
•
•
•
•
Observers
Active defenses
Attacks:
Microprobing, microscopy
Differential fault analysis
– (Boneh et al. 1997)
– Induce errors, observe output differences
SOURCE: Kömmerling et al.
• Differential power analysis
SOURCE: cryptography.com
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Differential Power Analysis
• Send different inputs to the Smart Card to learn details of its
encryption key
• When a correct key value is tried, the algorithm responds
• Incorrect keys have zero average response
INITIAL
PERMUTATION
SMART CARD POWER CONSUMPTION
DURING DES ENCRYPTION
16 DES ROUNDS
FINAL PERMUTATION
EXPANDED VIEW
OF ROUNDS 2 & 3
SOURCE: cryptography.com
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Smart Card Applications
• Ticketless travel: Seoul bus system
– 4M cards, 1B transactions since 1996
•
•
•
•
•
•
Authentication, ID
Medical records
Ecash
Store loyalty programs
Personal profiles
Government
– Licenses
• Mall parking
...
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Hong Kong Smart Cards
• Octopus
– 8 million cards, 9000 readers
– 7 million transactions/day
•
•
•
•
•
Visacash
ComPass Visa (VME)
Mondex
GSM SIM
ePark
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Octopus
• Transaction time < 300 milliseconds
• Transaction fees: HK$0.02 + 0.75%
– $10 transaction costs $0.095 (0.95%)
• Applications
–
–
–
–
–
Transit
Telephones
Road tolls
Point-of-sale
Access control
• Anonymous / personalized
• How does money get to service providers?
– Net settlement system operated by Creative Star
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Octopus System
SOURCE: WORLD BANK
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Smart Card Sales Leaders (2000)
VENDOR
# OF CARDS
Gemplus
185,000,000
29%
Schlumberger
152,000,000
24%
Oberthur Smart Cards
85,000,000
14%
Giesecke & Devrient
76,000,000
12%
Orga Card Systems
53,000,000
8%
TOTAL
SHARE
628,000,000
SOURCE: CARDWEB.COM
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Mondex
•
•
•
•
•
•
Subsidiary of MasterCard
Smart-card-based, stored-value card (SVC)
NatWest (National Westminister Bank, UK) et al.
Secret chip-to-chip transfer protocol
Value is not in strings alone; must be on Mondex card
Loaded through ATM
– ATM does not know transfer protocol; connects
with secure device at bank
• Spending at merchants having a Mondex value
transfer terminal
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Mondex Overview
SOURCES: OKI, MONDEX USA
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Mondex Security
• Active and dormant security software
– Security methods constantly changing
– ITSEC E6 level (military)
• VTP (Value Transfer Protocol)
–
–
–
–
Globally unique card numbers
Globally unique transaction numbers
Challenge-response user identification
Digital signatures
• MULTOS operating system
– firewalls on the chip
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Payment Cards
EMV =
EUROPAY INT’L,
MASTERCARD,
VISA
• 8-128 Kb
• Data rate 115 Kb/sec
MPCOS =
MULTI PAYMENT CHIP
OPERATING SYSTEM
• ISO 7816 compliant
• Visa-certified
• PIN management and verification
• 3DES algorithm for authentication, secure messaging
• Epurse with payment command set (debit,
credit, balance, floor limit management)
SOURCE: GEMPLUS
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Contactless Cards
• Communicates by radio
–
–
–
–
–
–
–
–
–
Power supplied by reader
Data rate 106 Kb/sec
Read 2.5 ms, write 9 ms
8 Kb EEPROM, unlimited read, 100,000 writes
Effective range: 10 cm, signals encrypted
Lifetime: 2 years (data retention 10 years)
Two-way authentication, nonces, secret keys
Anticollision mechanism for multiple cards
Unique card serial number
SOURCE: GEMPLUS
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Wireless Card Authorization
SOURCE: SAMSUNG
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Comparison of Payment Methods
PAYMENT
TYPE
ADVANTAGES
DISADVANTAGES
Cash
Anonymous, universal,
free
Risk of theft/loss, bulky
Credit Card
Almost universal
High transaction cost,
fraud/forgery
EFTPOS
Direct access to cash
Must be online, security
only moderate
Disposable
smart card
Fast, private
Risk of loss, limited to
small amounts
Personalized
smart card
Long useful life,
security, like eCash
Not anonymous, lack of
international standards
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS
Q&A
20-763 ELECTRONIC PAYMENT SYSTEMS
FALL 2001
COPYRIGHT © 2001 MICHAEL I. SHAMOS