Chip and PIN is Broken
The EMV protocol is used worldwide for credit and debit card payments and is commonly known as “Chip and PIN” in the UK. Our analysis of EMV has discovered flaws which allow criminals to use stolen cards without knowing the correct PIN. Where these flaws are exploited – in the “wedge” attack – the receipt and bank records would show that the PIN was correctly verified, so the victim of this fraud may have their request for a refund denied. We have confirmed that this attack works in the UK, including for online transactions (where the terminal contacts the bank for authorization before completing the purchase). It does not apply to UK ATM transactions, which use a different method for PIN verification.
In a normal transaction the customer enters their PIN into the payment terminal, and the terminal sends the PIN to the card to check if it is correct. The card then sends the result to the terminal so that the transaction continues if the PIN was correct (see top part of above figure). The attack uses an electronic device as a “man-in-the-middle” in order to prevent the PIN verification message from getting to the card, and to always respond that the PIN is correct. Thus, the terminal thinks that the PIN was entered correctly, and the card assumes that a signature was used to authenticate the transaction (see bottom part of above figure).
Credit of:
Computer Laboratory Security Group
Dr Steven J. Murdoch
University of Cambridge
Computer Laboratory
15 JJ Thomson Avenue
Cambridge CB3 0FD
United Kingdom
