Yeah, it strikes me as crazy that they'd make a new technology and not use some sort of public key/private key encryption to make non-duplicable transactions.
Based on my reading, there definitely are challenge/response protocols, but they also seem quite dependent on the specific merchant/POS (and issuer) as to whether or not they are enforced or effective (for example, there could be an offline-purchase system that reconciles latter in the day instead of with every transaction, or the issuer might use a static/clonable challenge). I'm still learning...
It outlines a few interesting hacks (ex, anticipatory challenge/response gathering). Mostly, it just seems very easy to get the card number and expiry - and apparently that's not a secret, or anything to be concerned about, as far as the credit card company is concerned.
You can't use it to back up your cards for use with PayPass.
The idea is that you can scan a card in one location and simultaneously use it in another location by using two phones as a proxy medium.
A successful skim would involve one person attempting to complete a paypass transaction with their phone in McDonalds, and another person attempting to scan someone's card in the restaurant (by the looks of it, it needs to be over WiFi?).
This is the proxy method, but I think in a worst-case scenario, it is possible to emulate the card from the perspective of an older non-cryptographically-challenge-based reader.
Specifically, there seems to be interoperability between PayPass (PayWave) M/Chip cards and MagStripe terminals (insecure), so they may only be as secure as the MagStripe terminal, which they have to maintain backwards compatibility with (even though it's called "MagStripe" I believe it is still a contactless interface). I'm still learning about it myself, so correct me if I'm wrong.
It's my understanding that the CVV3 is cryptographically generated for each transaction (like HOTP), and that the cardholder's name is not available over NFC. So you can't steal personal information or use the card undetected.
When someone at my office spotted this story earlier in the day, a bunch of us quickly ran around playing with an android app (which doesn't have permissions to phone home and censors out some of the data) to see what info we could pull off our cards.
Name, number, and expiry are readily available. We figured you could probably replay that data to get some free gas with stolen credentials... but the scanning range with phones is more akin to "hold the card up against it for several seconds to read" than "walk through a crowded room".
That is probably a moderately-variable function of the power output and sensitivity/gain of the radio in the phone (and card) used. (A crowded subway in Japan would probably be ideal conditions. :p) Other phones may have noticeably better range, or range might be increased by simply going out of spec using lower level RF controls (if lower level access is possible per-controller, since as I don't see anything about power control in the Android docs).
A high-gain antenna at the NFC frequency (13.56MHz) would be about 11 meters wide and 6 meters long. This is probably why there isn't much long-distance NFC skimming going on.
(If you're an ARRL member, there's a good article on building a 14MHz directional antenna at http://www.arrl.org/files/file/protected/Group/Members/Techn.... It's big, and one resonant at 13.56MHz would be a little bit bigger. But it is something that's physically possible and would make for an interesting experiment.)
He's talking about merchants that don't ask for any CVV, just a card number, zip code, and expiry. I've certainly successfully bought stuff with only that information, but it's not exactly common. (And I'm guessing when you call up to dispute a charge, the lack of a CVV makes it easier.)
Wouldn't a one-time code still allow the attacker to make one transaction later on?
Perhaps the solution is to require a button to be pressed or a switch to be flipped on the card before or during the scan. Although this would make using it slightly more inconvenient since you would need to open your wallet to push the button or flip the switch.
I just don't believe the reporting on this. They demo'd it. The girl had her credit card basically falling out of her pocket. A guy had to touch his phone to the credit card for a few seconds in order to get it to scan. He then used his phone to buy a coke at a coke machine using her card.
I'd like to see a demo of this where the credit card owner is not aware of whats going on. Presumably the phone can't scan the card when its inside a wallet, or even fully inside a pocket protected by 1/8" of cloth.
With access to the physical card, yes you can use someones credit card. Call 1985 - the problem is the exact same as with cards back then.
15 comments
[ 3.1 ms ] story [ 39.2 ms ] threadPretty cool to be able to back up and keep your cards on your phone in a usable way.
Is there really no challenge-confirm-response built into this technology?
Interestingly, CBC had an article a few years ago anticipating today's: http://www.cbc.ca/news/technology/story/2010/05/31/f-rfid-cr...
It outlines a few interesting hacks (ex, anticipatory challenge/response gathering). Mostly, it just seems very easy to get the card number and expiry - and apparently that's not a secret, or anything to be concerned about, as far as the credit card company is concerned.
The idea is that you can scan a card in one location and simultaneously use it in another location by using two phones as a proxy medium.
A successful skim would involve one person attempting to complete a paypass transaction with their phone in McDonalds, and another person attempting to scan someone's card in the restaurant (by the looks of it, it needs to be over WiFi?).
Specifically, there seems to be interoperability between PayPass (PayWave) M/Chip cards and MagStripe terminals (insecure), so they may only be as secure as the MagStripe terminal, which they have to maintain backwards compatibility with (even though it's called "MagStripe" I believe it is still a contactless interface). I'm still learning about it myself, so correct me if I'm wrong.
A bit of reading regarding the CVV3: http://randomoracle.wordpress.com/2012/09/11/cvv3-demystifyi...
I'm not 100% sure about the name not being there, however.
https://play.google.com/store/apps/details?id=com.samj.CardT...
Name, number, and expiry are readily available. We figured you could probably replay that data to get some free gas with stolen credentials... but the scanning range with phones is more akin to "hold the card up against it for several seconds to read" than "walk through a crowded room".
http://android.stackexchange.com/questions/5044/nfc-function... https://developer.android.com/guide/topics/connectivity/nfc/...
(If you're an ARRL member, there's a good article on building a 14MHz directional antenna at http://www.arrl.org/files/file/protected/Group/Members/Techn.... It's big, and one resonant at 13.56MHz would be a little bit bigger. But it is something that's physically possible and would make for an interesting experiment.)
Edit: Here's another idea (and the article is free): http://www.arrl.org/files/file/protected/Group/Members/Techn...
On p 27, there is reference to merchants not needing to support CVV3. (The good stuff starts on p 20.)
Perhaps the solution is to require a button to be pressed or a switch to be flipped on the card before or during the scan. Although this would make using it slightly more inconvenient since you would need to open your wallet to push the button or flip the switch.
I just don't believe the reporting on this. They demo'd it. The girl had her credit card basically falling out of her pocket. A guy had to touch his phone to the credit card for a few seconds in order to get it to scan. He then used his phone to buy a coke at a coke machine using her card.
I'd like to see a demo of this where the credit card owner is not aware of whats going on. Presumably the phone can't scan the card when its inside a wallet, or even fully inside a pocket protected by 1/8" of cloth.
With access to the physical card, yes you can use someones credit card. Call 1985 - the problem is the exact same as with cards back then.