Time to breakup with Magnetic Strip, and move on to EMV

We ease to enter in the era of Smart Technologies, smart phone, smart home, smart car, and of course now smart cards, is this the reason that everything including the the word ‘Smart’ so we need to add this in our cards also or we really need our card to be smart.

Closeup of a credit card with a gold chip

Magnetic Strip can cloned or skimmed but not chip

There are 2 tracks (called Track 1 and Track 2) which are used for processing electronic payments.

Components of Track 1

FIELD DATA
PAN 4300 1234 4321 3232
Expriation Date 08/19
Cardholder’s First name Abhishek
Cardholder’s last name Agrawal
Service Code 101
CVV 123

Components of Track 2

FIELD DATA
PAN 4300 1234 4321 3232
Expriation Date 08/19
Service Code 101
CVV 123

How Cloning Is Achieved

The biggest  problem with Magnetic card is that the data is static, making it easier for fraudsters to lift your information and clone it onto a new card. In fact, there’s something called a skimmer — which they can get or make for as little as $20 — that can do this pretty easily.

Cards can be cloned using a system called skimming, in which the cloning device is perhaps concealed in the pocket of the person you’re paying – or in extreme situations, attached to the payment machine.

The information from the magnetic strip on your card is then copied and the PIN observed or recorded as it is entered for payment. With your card details captured, they can be entered online or programmed into a brand new card which the thieves will then use, charging their purchases to your account.

You’re probably thinking that the nice girl in your local supermarket or takeaway wouldn’t dream of cloning your card, and you would probably be right… in most cases, but there are also many other ways to copy or hack you sensitive data from POS terminal or merchant  systems,  even just knowing the Track 2 data is enough to make the fraud.

So how EMV protect us.

A chip also holds a secret number. However, it is securely embedded in the chip. When you use the card, the chip performs a public key operation that proves it knows this secret number. However, it never reveals that secret number. If you put a chipped card in a bad guys machine, they can impersonate you for that one transaction, but they cannot impersonate you in the future.

The data on chip cards is constantly changing, making it extremely hard to isolate and extract. To rip it off, someone would have to get into the physical chip circuit and manipulate things to get your bank information. Not only is this level of data surgery really difficult, but it also requires a set of high-tech equipment that can cost north of $1 million. That’s probably not the kind of cash your average fraudster has handy.

The chip carries out a cryptographic operation on data passed to it that requires knowledge of the key that is strongly protected within the chip – so an attacker cannot easily copy the card.

The magnetic strip contains the exact information used to identify the card. The chip holds a piece of information that it doesn’t share, but that it can use to prove it has that information.

Thus, a magnetic stripe is dumb and can be copied, but since the chip doesn’t give out its secret, a vendor can’t simply copy it when you use it.

A magnetic stripe says ” I’m credit card XYZ. ” when the point of sale asks the number. With a chip the point of sale says “what is your response to this random value?” and the chip gives a response that the point of sale can validate, but since the next point of sale will use a different random value, the response is useless to a thief.

So, I think we have now many good reasons to break-up with Magnetic Strip, and move on to EMV.

Let’s have a small chunk of PCI (Payment Card Industry)

Standards are an interesting phenomenon, especially in the information technology field. On the one hand, they create bureaucracy, kill creativity, and scare away many talented people. On the other hand, standards save resources, provide reliability, and allow totally different people and organizations to speak to each other using the same language.

In the payment card industry (PCI), this phenomenon is even more interesting. There are established security standards without underlying technology standards. Simply put, most security standards for payment applications tell you what to protect without explaining how to do it. This in no way means that the technology does not exist. It’s just not defined and not standardized enough.

PCI is a great invention. It helps to make payment systems much more secure. The problem with PCI standards is that they came out too late, when the (insecure) technologies around payment card processing had already been established and widely deployed. Any deviation from current technologies (which is necessary in order to provide real security) would require rebuilding the entire system from scratch, which would cost millions of dollars if implemented worldwide.
As a result, instead of offering a new secure technology, the main method of PCI security standards is compensating for the vulnerability (by design) of electronic payment systems by building up several extra layers of security controls around existing technologies. This makes the end users (payment processors, service providers, hardware/software vendors, and finally merchants who often have no clue about security) responsible for their implementation. Therefore, the payment systems are often insecure even if they are PCI compliant.

PCI Standards

PCI standards cover several different aspects of the electronic payment life cycle.

  • PCI Data Security Standard (PCI DSS) : Tells merchants (such as retailers) and service providers (such as payment processors and gateways) how to protect sensitive cardholder information.
  • Payment Application Data Security Standard (PA-DSS) : Tells the payment application developers how they should design their products to be compliant with PCI DSS.
  • PIN Transaction Security (PTS) : Takes care of hardware devices, such as POI and HSM (hardware security modules), and their cryptographic modules and firmware.
  • Point-to-Point Encryption (P2PE) : A point-to-point encryption (P2PE) solution is provided by a third party solution provider, and is a combination of secure devices, applications and processes that encrypt data from the point of interaction (for example, at the point of swipe or dip) until the data reaches the solution provider’s secure  encryption environment.

Source: Hacking Point of Sale

Answer To Reset (ATR)

An Answer To Reset (ATR) is a message output by a contact Smart Card conforming to ISO/IEC 7816 standards, following electrical reset of the card’s chip by a card reader. The ATR conveys information about the communication parameters proposed by the card, and the card’s nature and state.

When a card is inserted in a terminal, its contacts are first mechanically connected to those of the terminal. The five active contacts are then electrically enabled in the correct sequence. Following this, the card automatically executes a power-on reset and then sends an Answer to Reset (ATR) to the terminal. The terminal evaluates the ATR, which contains various
parameters related to the card and data transmission, and then sends the first command. The card processes the command and generates a response, which it sends back to the terminal. This back-and-forth interplay of commands and responses continues until the smart card is deactivated.

ATR

General states of a smart card during activation and communication with the terminal

The presence of an ATR is often used as a first indication that a Smart Card appears operative, and its content examined as a first test that it is of the appropriate kind for a given usage.

The ATR is the string of characters These characters consist of an initial character, TS, followed by a maximum of 32 additional characters. Together, these characters provide information to the terminal about how to communicate with the card for the remainder of the session. Each character is described in the following sections.

Basic EMV ATR for T=0 Only

Character Value Remarks
TS ‘3B’ or ‘3F’ Indicates direct (3B) or inverse (3F) convention.
T0 ‘6x TB1 and TC1 present, TA1 and TD1 absent; x indicates the number of historical bytes present.
TB1 ’00’ VPP is not required.
TC1 ’00’ to ‘FF’ Indicates the amount of extra guard time required. Value ‘FF’ has a special meaning. (See TC1 description below.)

Basic EMV ATR for T=1 Only

Character Value Remarks
TS ‘3B’ or ‘3F’ Indicates direct (3B) or inverse (3F) convention.
T0 ‘Ex’ TB1, TC1, and TD1 present, TA1 is absent; x indicates the number of historical bytes present.
TB1 ’00’ VPP is not required.
TC1 ’00’ to ‘FF’ Indicates the amount of extra guard time required.
TD1 ’81’ TA2, TB2, and TC2 absent; TD2 present; T=1 to be used.
TD2 ’31’ TA3 and TB3 present; TC3 and TD3 absent; T=1 to be used.
TA3 ’10’ to ‘FE’ Returns IFSI, which indicates the initial value for the card’s information field size and IFSC of 16 bytes to 254 bytes.
TB3 m.s. nibble* ‘0’ to ‘4’; l.s. nibble ‘0’ to ‘5’ BWI = 0 to 4
CWI = 0 to 5
TCK Check character. Exclusive ORing of all ATR bytes from T0 to TCK inclusive is null.

*Note: m.s. nibble = most significant nibble; l.s. nibble = least significant nibble.

TS Initial Character
The first character of the ATR sequence is defined as the initial character, TS. By virtue of its bit pattern, this character synchronizes information and defines the polarity of all subsequent characters. The first four bits of TS consist of a low start bit, followed by two high bits, followed by an additional low bit. This fixed-bit pattern allows timing synchronization. The following three bits are either all high to indicate direct convention, or all low to indicate inverse convention. For direct convention, a high state on the I/O line is equivalent to logic 1, and the data is transmitted least significant bit first. For the inverse convention, a low state on the I/O line is equivalent to logic 1, and the data is transferred most significant bit first. While the specifications allow inverse convention, EMV recommends that the direct convention be used for all current card designs. The final three bits are two low bits followed by a high bit. The last bit in this, or any other 10-bit character frame, is the parity bit; it will be set or cleared to make the number of 1s in the frame an even number.

T0 Format Character
The second character of the ATR sequence is defined as the Format Character, and is called T0. This character contains two parts, both of which determine what characters are contained in the remaining ATR sequence. The most significant four bits are referred to as Y1, and they indicate whether TA1, TB1, TC1, or TD1 will be transmitted. For each logic 1 of Y1, the presence of the respective character is determined as follows:

Bit 8 (msb) = 1 indicates character TD1 will be transmitted
Bit 7 = 1 indicates character TC1 will be transmitted
Bit 6 = 1 indicates character TB1 will be transmitted
Bit 5 = 1 indicates character TA1 will be transmitted

The least significant four bits of T0 are referred to as K. These bits determine the number, 0 to 15, of “historical bytes” that will be contained in the remaining ATR sequence. Historical bytes convey general information about the card such as the card manufacturer, the chip in the card, the masked ROM in the chip, or the card’s state of life. Neither the ISO 7816 nor EMV specifications define precisely what (if any) information is conveyed.

As can be seen in Table 2 above, Y1 bits b7 and b6 are high and bits b8 and b5 are low (‘6x’). This indicates that TC1 and TB1 will be transmitted, and characters TA1 and TD1 will not (as indicated in the table). For protocol T=0, characters TB1 and TC1 complete the basic ATR sequence. In Table 3, bit 8 of Y1 is also high, so character TD1 will also be transmitted for protocol T=1.

TA1 Character
While the character TA1 is not transmitted in the basic EMV ATR response for either the T=0 or T=1 protocols, it is defined in the ISO 7816 specifications for other communications. When used, TA1 is broken into upper and lower nibbles. The upper nibble determines the clock-rate conversion factor, F, that is used to modify the frequency of the clock signal. The lower nibble determines D, the bit-rate-adjustment factor that can be used to adjust the bit duration subsequent to the ATR. Use of these parameters is shown in Equation 2 above. The default values of F = 372 and D = 1 are used for the Initial ETU value during the ATR, and will continue to be used during subsequent exchanges unless changed outside the basic ATR.

TB1 Character
The TB1 character conveys information on the smart card’s programming voltage requirements. Bits b1 to b5 (called PI1) convey the programming voltage, and bits b6 and b7 (called II) convey the maximum programming current required by the smart card. For the basic ATR, TB1 = ’00’ indicates that the VPP pin is not connected in the smart card.

TC1 Character
The TC1 character conveys the value of N, which determines the extra guard time to be added between consecutive characters sent to the smart card from the terminal. This value does not apply to characters sent from the card to the terminal, or to two characters sent in opposite directions. N is a binary number representing the additional ETUs to be added as extra guard time. When TC1 = ‘FF’, the minimum delay between characters should be used. For protocol T=0, this is 12 ETUs, and 11 for T=1. The value of N can be anything between 0 and 255; if TC1 is not returned in the ATR, the terminal will continue as if a value of 00 had been received. Since this value can add time to character transmission, it should be minimized to speed transactions.

TD1 Character
The TD1 character indicates if any further interface bytes are to be transmitted, and if so, which protocol will be used. The character TD1 is a specific instance of the generalized character, TDx. The most significant nibble of TDx indicates whether TA(x + 1), TB(x + 1), TC(x + 1), or TD(x + 1) will be transmitted. For each logic 1, the presence of the respective character in subsequent transmissions is determined as follows:

Bit 8 (msb) = 1 indicates character TD(x + 1) will be transmitted
Bit 7 = 1 indicates character TC(x + 1) will be transmitted
Bit 6 = 1 indicates character TB(x + 1) will be transmitted
Bit 5 = 1 indicates character TA(x + 1) will be transmitted

The least significant nibble of the TD1 character (TDx generalized) contains either the value 0x0 or 0x1, indicating protocol T=0 or T=1 respectively.

If protocol T=0 is used, the character TD1 will not be included in the ATR sequence; protocol T=0 will be used for all subsequent transmissions. If protocol T=1 is used, TD1 will be included and will contain the value of 0x81. This latter value indicates that TD2 will be present and protocol T=1 will be used for all subsequent transmissions.

TA2 Character
While the character TA2 is not transmitted in the basic EMV ATR response for either the T=0 or T=1 protocols, it is defined in the ISO 7816 specifications. The presence or absence of TA2 determines whether the smart card will operate in specific mode or negotiable mode, respectively, following the ATR. The absence of TA2 indicates that the negotiable mode of operation will be used.

TB2 Character
While the character TB2 is not transmitted in the basic EMV ATR response for either the T=0 or T=1 protocols, it is defined in the ISO 7816 specifications. The character TB2 conveys PI2, which determines the value of programming voltage required by the smart card. The value of PI1 in character TB1 is superceded when the character TB2 is present.

TC2 Character
While the character TC2 is not transmitted in the basic EMV ATR response for either the T=0 or T=1 protocols, it is defined in the ISO 7816 specifications. When present, TC2 is specific to protocol type T=0. TC2 conveys the work waiting-time integer (WI) that determines the maximum interval between the leading edge of the start bit of any character sent by the smart card and the leading edge of the start bit of the previous character sent either by the card or the terminal. The value of the work waiting time is given as:

Work Waiting Time = 960 × D ×WI

where D is the bit-rate adjustment factor (see description in TA1 above).

When TC2 is not contained in the ATR sequence, the default value of WI = 0x0A is assumed.

TD2 Character
The TD2 character has the same function as the TD1 character. For details, see the TD1 description above. In Table 3 for protocol T=1, TD2 is present and contains the value 0x31. This value indicates that: TA3 and TB3 will be present, TC3 and TD3 will be absent, and the protocol type will be T=1.

TA3 Character
The TA3 character conveys the Information Field Size Integer (IFSI) for the smart card. IFSI determines the Information Field Size for the smart card which is the maximum length of the Information Field (INF) of blocks that can be received by the card. The Field Size can be any value between 0x01 and 0xFE. Values of 0x0 and 0xFF are reserved for future use. In the basic ATR and using the T=1 protocol, TA3 will have a value in the range of 0x10 to 0xFE, thus indicating an IFSC in the range of 16 to 254 bytes. For an ATR not containing TA3, the terminal will assume a default value of 0x20.

TB3 Character
The TB3 character indicates the value of the Character Waiting Time Integer (CWI) and the Block Waiting Time Integer (BWI) used to compute the Character Waiting Time (CWT) and Block Waiting Time (BWT). The least significant nibble of TB3 (b1 to b4) indicates the value of CWI; the most significant nibble (b5 to b8) indicates the value of BWI. In the basic ATR for the T=1 protocol, the TB3 character will have the least significant nibble in the range of 0 to 5 (CWI = 0 to 5), and the most significant nibble in the range 0 to 4 (BWI = 0 to 4).

TC3 Character
While the character TC3 is not transmitted in the basic EMV ATR response for either the T=0 or T=1 protocols, it is defined in the ISO 7816 specifications. When TC3 is present, it indicates the type of block-error detection to be used. When TC3 is not present, the default longitudinal redundancy check (LRC) is the block-error checking used.

TCK Character
The TCK character is the check character, and has a value that allows the integrity of the data sent in the ATR to be verified. The value of TCK can be anything, as long as the exclusive ORing of all bytes from T0 to TCK inclusive is zero. TCK is not used for T=0, but will be returned in the ATR in all other cases.

ATR Summary
After the necessary parameters have been transferred from the card to the terminal following the terminal’s reception of the last character in the ATR sequence, any necessary adjustments to the interface parameters can be made to the DS8007. Further communications can then commence.