Researcher: Lack Of Random Number Generation Hurts EMV

Lack of enough random numbers in the point-of-sale (POS) terminals keep EMV ("Chip N Pin") from being fully secure, says one researcher.

The research paper looked at how cryptography is done on the POS terminal. Typically ingredients include the purchase amount, the date, and a random number.

But lead researcher Ross Anderson, professor of security engineering at Cambridge, said "Payment cards contain a chip so they can execute an authentication protocol. This protocol requires point-of-sale (POS) terminals or ATMs to generate a nonce, called the unpredictable number, for each transaction to ensure it is fresh. We have discovered that some EMV implementers have merely used counters, timestamps or home-grown algorithms to supply this number. This exposes them to a "pre-play" attack
which is indistinguishable from card cloning from the standpoint of the logs available to
the card-issuing bank, and can be carried out even if it is impossible to clone a card phys-
ically (in the sense of extracting the key material and loading it into another card). Card
cloning is the very type of fraud that EMV was supposed to prevent."

The report is one of many research projects that challenge the supposed invincibility of EMV vs conventional credit card and ATM use worldwide.

Ross concludes: "This flaw challenges current thinking about authentication. Existing models of verification don't easily apply to a complex multi-stakeholder environment; indeed, EMV has already been verified to be secure. We explained why such verications don't work and discussed the sort
of analysis that is required instead. Ultimately we feel that the tools needed to build robust
systems for millions of mutually mistrustful and occasionally hostile parties will involve game-
theoretic analysis as well as protocol-theoretic modelling. In addition, mechanisms for rolling
out fixes across networks with huge installed bases of cards and terminals, and strong externalities, will have to be much better than those we have at present, with incentives that put the
pain where it's deserved and technical mechanisms that oer the prospect of remedial action
to the sufferers.

"In the meantime, there is a structural governance failure that gives rise to systemic risk. Just
as the world's bank regulators were gullible in the years up to 2008 in accepting the banking
industry's assurances about its credit risk management, so also have regulators been credulous
in accepting industry assurances about operational risk management. In a multi-party world
where not even the largest card-issuing bank or acquirer or scheme operator has the power to
x a problem unilaterally, we cannot continue to rely on a slow and complex negotiation process
between merchants, banks and vendors. It is time for bank regulators to take an interest. It's
welcome that the US Federal Reserve is now paying attention, and time for European regulators
to follow suit."