German banking association: German EC cards not vulnerable to manipulation attempts
According to the German Central Credit Committee (Zentralen Kreditausschuss - ZKA), the method for manipulating EMV chip cards demonstrated by researchers at the University of Cambridge will not work with German Girocards (formerly called EC cards). "The German girocard system's EC cards are designed in a way that effectively prevents the demonstrated manipulations", said the ZKA in an official statement (German language link). The same is said to apply to credit cards running the SECCOS chip card operating system.
The UK researchers had described a method for bypassing the EMV system in EC cards and credit cards that apparently causes the cards to accept any four digit number as a valid PIN. According to their report, a man-in-the-middle attack can signal a terminal that the card has accepted the PIN entered, while signalling the card that the terminal has switched to signature authorisation.
The ZKA does not specify what exactly it is that supposedly prevents these manipulations from being successful with German systems. However, the banking association states that the EMV specifications used in Germany already offer mechanisms for counteracting the attacks described. The ZKA statement said these mechanisms are implemented in the girocard system by default. This makes simulating a successful PIN check impossible.
Ross Anderson, a member of the Cambridge research team, had already predicted the banks' "specification prevents this attack" response last week. According to the researcher, UK banks are giving the same answer, although Anderson and his colleagues have already demonstrated the attack in practice. The researcher says that therefore, only practical tests at German banks will show whether the specification has been implemented correctly and attacks aren't just theoretically impossible, but also fail in practice. In an email to The H's associates at heise Security, Anderson expresses his doubts about the (average) German bank carrying out this test. He writes, "They probably lack the required technical know-how".
In fact, the EMV specification offers several options for detecting manipulations caused by man-in-the-middle attacks. These include evaluating and comparing certain data elements passed between terminal and card, for instance the Cardholder Verification Method Results (CVMR), the Cardholder Verification Results (CVR) and the Terminal Verification Results (TVR). One of the solutions suggested by the Cambridge researchers involves sending the CVMR to the chip as a parameter of the generate-AC command for generating cryptograms. According to the research team, the card should be able to detect discrepancies using its own CVR element and abort the transaction.
- PIN check in EMV protocol for EC and credit cards bypassed, a report from The H.
- EC card disaster: French manufacturer Gemalto takes responsibility, a report from The H.
- EC card problem persists, a report from The H.
- Problems obtaining cash from German ATMs, a report from The H.