The Future of EMVCo Next Gen

Back in 2011, when I was part of American Express, I was part of the team responsible for our involvement in the work of EMVCo.  At this stage in the work of EMV the discussion had turned to the confusion the multiple contactless kernels was creating in the market and more importantly the challenges we would face as the external threats increased demanding that the length of the RSA keys increase accordingly.  Ultimately we collectively determined the best course of action was to begin the work on what began know as “Next Gen”.  From the beginning it was well understood the migration from where we are today to the “Next Gen” technology solution, both in the card and on the terminal, would be complex and expensive.  In September of 2014 an initial specification was released and my understanding is that a draft has been issued to subscribers and Associates for review and feedback.

This post stems from a conversation with a good friend, he asked me if I thought there was still relevance to what is now being called 2nd Gen.  In that discussion we reviewed the genesis of the work, the baseline for EMV and the unfortunately reality of how contactless was implemented.  Our conversation then turned to the question of what makes the most sense live with what we have today or suffer the expense of the migration to a new solution.

Thinking back to the original reason for “Next Gen” was to consolidate the 7 contactless kernels into one common kernel and replacement  RSA with what was called XDA or Elliptic Curves.  When I think about these two requirements one can only wonder why in the most recent EMVCo Stated EMV® 2nd Generation there is no  reference to enhanced cryptography.  In fact the only thing the document describes is the creation of one unique kernel.

Referring back to the September 2014 Net Gen Specification there is clear reference to enhanced security with specific call out of “an elliptic curve Diffie-Hellman key establishment protocol with blinding applied by the card”.  I then remember hearing about issues with Elliptic Curves and wonder why there is no reference to enhanced cryptograph in this most recent EMVCo document.

Back to the question raised in our conversation.

Do I see value in the world investing in the migration to 2nd Generation?

The answer is I am not sure anymore. 

When EMV started we had four agreed requirements, summarized on this slide I initially created back in 1994.  Offline Authorization, in other words, the issuer’s ability to securely approve a transaction without requiring the terminal to request an expensive online authorization request was the reason Offline Authentication was part of the original design of EMV.

  • If the value of offline authentication, given the ubiquity of wired and wireless telecommunications networks, is deprecated.
  • If  the performance efficiencies, original seen in Elliptic Curves, is no longer as significant, given the increased threats and vulnerability.

Then why make the investment in changing the software in both the card and the terminal to support XDA?

Next

  • If most if not all terminal manufacturers have addressed the complexity of the multi-kernel configurations, compounded by the existence of various unique national contactless kernels.

Then why demand the investment in supporting a complex migration from multiple kernels to a single EMVCo Licensed kernel?

Finally

The threat of quantum cryptograph suggests that most if not all asymmetric cryptographic algorithms commercially available will be broken.

It does beg the question.

What is the business case for driving the world into a expensive, long and complicated migration?

What we created in 1994, and EMVCo has maintained, is a very effective Online Authentication mechanism, the ARQC.  A mechanism based on symmetric cryptography which, as far as I can tell, will remain under the control of the Issuer and is not, as of yet, threatened by quantum computing.

I look forward to your feedback.

 

 

 

 

 

 

Tokenization and the search for Identification and Authentication

These two words began to fascinate me as I began to understand the value of cryptography while working through the goals we established when developing EMV and attempted to secure the payment credentials when used on the Internet.

With EMV we were trying to address the challenge of the fraud (an issuer cost) resulting from the ease of counterfeiting the token of the token which was a token of a token already.

This last broken token is the magnetic stripe on the payment card.

The payment card, in and of itself, is a token. An instrument imbued with physical security features e.g. the hologram and signature panel. Security features the merchant is supposed to check when attempting to allow a buyer, the consumer, to use the payment credential associated with the card to make payment for good and services.

The PAN is just a unique number, another token. This unique number is simply the index, The identifier within the payment credentials, which associates the payment with the underlining source of funds.

The source of funds, the PAN or Token pointing to, is then either a line of credit, prepaid balance or bank account.

The card, the hologram, the magnetic stripe and the printed security features and the PAN had reached the end of their useful life, as security features or tokens. The criminal knew how to compromise the card and associated static data.

As we entered the 90’s, the card as the carrier of the payment credential, with those physical security features, was longer a means of Authentication. These layers of authentication had been compromised. In other words the token was broken!

To address this concern, in 1993 the founders of EMV embraced the chip card and its Cryptographic capabilities. In particular, the use of symmetric and asymmetric algorithms to provide a new set of tokens the merchants (asymmetric) and Issuer (symmetric) could use to Authenticate the unique carrier of the payment credential – the token – the chip card.

On the Internet the challenge is different. The physical features of the card are not easily accessible, hence useless. In 1993, when WWW became the thing of conferences, everyone said lets think of the internet in the same way we allow merchants to sell stuff via mail and telephone. Everyone simply decided and agreed to exploit the acceptance rules agreed on for those other virtual environment, the phone and the mail.

Bottom line, in the world of mail order / telephone order and now a browser; merchant simply agrees to accept the cost of fraud, given the CARD is NOT PRESENT. Worse still how do they prove the right cardholder in present?. For the merchant, given the potential of the Internet, it is was a small price to pay.

Everyone simply accepted that be capturing the data embossed on the front (PAN, expiry date and cardholder name) and the CVV printed on the back of the card and, in some cases, using the power of AVS “Address Verification Service” a modicum of security could be factored in. At least for a time!

SET “Secure Electronic Transactions”, a cryptographic mechanism Visa and MasterCard cooked up, was developed circa 1995-1996 and deployment was attempted. The challenge, the limitations of the then deployed technologies and the inability to provide a reasonably convenient user interface. The problem begins with loading payment credentials into the browser and more importantly figuring out how to use them when shopping.

A set of great ideas foiled by convenience.

Next came 3D-Secure, an invention of Visa. This time the idea was to exploit the power of passwords and secret questions to authenticate the user.

Nice idea, well thought out; but, unfortunately not designed with the consumer in mind.

Another feeble failed attempt to develop a mechanism to authenticate the buyer. Or better put, solve the dilemma the New Yorker so aptly described

“On the Internet nobody knows your a dog”.

All this begs the question – how will we secure payments on the Internet?

3D-Secure 2.0, maybe? Or maybe W3C and the FIDO Alliance have the answer in what is called WebAuthN.

To address this question we must begin by defining the problem.

When we think about payments and we think about shopping on the internet it is all about someone or something {read issuer} agreeing that the consumer will make good on the promise to pay and therefore the issuer is willing to guarantee payment towards the merchant. The challenge, how do we confirm it is the legitimate person seeking to pay with their means of payment.

In other spheres of endeavour it’s about granting access to someplace or some website. In the physical world we have a key that we can insert into the lock or a security device {card} we can insert or tap on a reader programmed to recognize our credential and allow us access.

On the Internet, the use of a physical card with physical security features, numbers, letters, and a magnetic stripe was not feasible. Instead, we ended up employing user names, passwords, and payment encryption. Payment encryption, which secures sensitive financial information during online transactions, offers a crucial layer of protection. The user name – a unique identifier, and the password, a secret, support the identification of the person using the browser or connected device, from somewhere out there.

If we could each create and remember complex secrets, these cumbersome things call passwords. And, more importantly, never share them with nefarious individuals seeking to take advantage of our naiveté. All would be at peace in the world of security and convenience. The problem is expecting you and I to remember the myriad of complex passwords and not get tricked into sharing our secrets.

Is there an answer, I believe so and at Money 2020 October 25 we will be discussing this very topic. Wednesday Morning at 8:30 in the Titian room at The Venetian in Las Vegas on Level 2, join us as we discuss Identity is Fundamental: What You Need to Know About Identity & The Future of Money.

America needs to embrace the Future

Back in 1993 I had the opportunity to help in forming the working group who developed and ultimately published the EMV Smart Card Specifications for Credit and Debit Cards.  Since then, as a member of the Europay and Visa Canada executive teams I promoted the virtues of smart cards and the business case for EMV. 

As a consultant, one of the focuses of my practice is EMV.  In both Europe and Canada I counseled executives on the what, how, when, business value and future opportunities of EMV, smartcards. mobile payments and internet payments

One question has always been asked of this American – “when will the USA migrate”.  Up until recently I was stuck, giving bland answers.  I suggested that we would have to wait until after fraud migrated to the USA,  away from EMV protected countries.  I tried to explain to people, committing comparable sums of money, that  the size of the investment required of US Issuers, Acquirers and Merchants is enormous and frankly cannot be justified. 

Why they ask,  simple economics I answered.  I explained that when one looks at the  quality of the fraud management systems in place, the level of on-line authorization and the losses incurred; it simply does not make sense.

Debit is the real reason to Migrate to EMV

In 2007 I was working with “The Exchange”, a Canadian network that supports sharing of ATM services such as deposit, bill pay and account to account transfers.  The focus of my work was to help them to understand the implications of EMV and to work with them to develop their go forward strategy. 

Part of the research led me to talk with the Fiserv, the Brand owner and their strategic partner.  While discussing what the Canadian entity needed to do with the America responsible for the USA Exchange and Accel network; the conversation drifted to when will the USA move to EMV.

What sat front and center inour discussion is the American banks that issue PIN Based Debit Cards have a much stronger rational to migrate to EMV than the credit card and signature based Debit issuers.  In the PIN Based Debit arena the “reputational risk” has and will continue to be the real justificationfor the migrate from magnetic stripe to Chip and PIN.

Why you may ask.  My answer is simple.  The cost to a criminal to install a fascia and PIN hole camera on an ATM, capture the magnetic stripe and PIN; offers these international criminals a very rewarding business case.  They are also funding aggressive operations that embed people into factories that produce magnetic stripe and PIN Pads with the imbedded capability of capturing and transmitting the magnetic stripe and associated PIN to the Mafia

Reputational Risk is the catalyst

 

So how does this affect “Reputational Risk”? 

1.       When the criminal perpetrates debit card fraud, they focus the attack at ATMs the cardholder would probably visit.  The Issuers’ fraud management systems are finding it hard to differentiate between a valid transaction and a fraudulent transaction, so out pops the cash, 100% fungible no need to fence the goods and cheaper and more profitable than robbing the bank

2.       Weeks later the cardholder notices that there is not as much money in their checking account as they expect and they call the Bank’s call center.  The argument follows – But only people who know your PIN can withdraw funds from your account, who did you tell your PIN to, your ex, your children …

3.       Eventually after a lot of time explaining, crying, shouting and generally getting on each other’s nerves; the Bank’s customer service agent will final accept that the cardholder did everything to protect the PIN and card; so the bank will reluctantly restore the funds to the cardholders account.

4.       Bottom line the cardholder feels that the bank does not care; their systems are not safe and the cardholder is now afraid to use their debit card.  The Bank and its ATM network are now at “Risk”.

No one should be surprised at this form of attack.  I knew and teh media presented the realtities of such attacks back in 1994.  As the size cost of the equipment shrinks and the capabilities of technology expands the incidence simply increase and proportional to the rewards.

To put a point on my analysis; when most countries decide to migrate to EMV it is not the Credit side of the cardholder relationship that seals the deal for the CEO and senior executives.  It is the Debit side that pushes the bankers to say yes we must migrate to EMV.  MasterCard and Visa,  who participant in both credit and debit, want the publicity.  Whereas the debit networks would prefer to not talk about the problem.   End result we are left thinking credit cards drive the migration to EMV.  Compounded by the reality that for credit cards in the USA, there is simply not a business case.

For the US banks to come together to decide that EMV is the right thing to do; there must be a place where the Issuers and Acquirers can come to terms with the cost and agree on an equitable way to fund the investment required.  For the debit card side of the Banks there is not an obvious place to have this discussion.  Most PIN Debit networks are either regional or owned by publicly traded organizations.  There does not appear to be a common forum capable of bringing the executives together to agree and commit.

Migration to EMV is expensive – YET really it is not

 

Everyone talks about how expensive it would be for America to migrate to EMV. 

Yes if we are to approach the migration with the Big Bang theory it will be ridiculously expensive.  Instead what the powers that be should agree is that all cards and terminals will be EMV by say 2019, ten years.

Let’s acknowledge that most of the major acquirers and processors have already implemented EMV on their international platforms; so the implications are understood and if they where intelligent when upgrading for Canada, England, Europe, Latin America, Middle East and Asia, they should have considerted how to cost effective assure the inclusion of EMV on their American platforms, someday. 

So now they simply have to add it to the list of requirements that will be included in one of the yearly upgrades, or, as part of their technology replacement plans.  Remember we are saying EMV in 10 years. 

Ten years is a long time when we think about technology.  Therefore they have no justification to argue it is punitive to force them to implement EMV.

On the terminal side we must remember that for the merchant there are only intangible benefits to implementing EMV.  Yes, like MasterCard Visa etc, EMV can be positioned as the cost of doing business and included in one of the compliance upgrades. 

Or, if we are intelligent, we say to the ATM operators, merchants, ISOs and acquirers, the next time you upgrade your point of sale system – buy an EMV compliant PIN pad and include EMV as one of the requirement for the systems that drives the device and transmits the approval requests and clearing records to the acquirer. 

Any ATM/POS supplier who sells outside the USA has EMV devices in their catalogue.  All the Value Added Resellers who sell international have support for EMV within their software.  NCR, Wincor-Nixdorf, IBM, EFunds, ACI, S1 … all support EMV.

With this plan in place, over time EMV will progressively be enabled at the point of sale. with minimal cost impact.   Yes the vendors will have to be told to play nice and not exploit the opportunity.  Yes for merchants that attact significant International clientele they should migrate sooner.  Yes, locations that are known to be high risk merchants they should be made to implement EMV sooner. 

This leaves the Issuer with an easy question to answer, when do I add an EMV chip to my card.  Well the answer is easy and it is complex.  On the simple side, when they think there are enough terminals to achieve the fraud saving then do it.  Or, we can add the contactless and mobile payment dimension and start talking about Combi cards, embedding EMV into the handset, considering Multi-application opportunities.  I’ll talk about that another day.

Agree to move and give people enough time so that there is no pain

 

Bottom line my message to the US market is the question is no longer about who will pay it is simply about how much time should we allow everyone, so that the incremental cost is irrelevant.

 This Blog was driven by reading a recent review from CTST

U.S. getting squeezed by EMV  Wednesday, May 6, 2009 in News

http://www.contactlessnews.com/2009/05/06/u-s-getting-squeezed-my-emv

With Canada and Mexico both going to EMV and most of the rest of the world doing the same it may be a matter of time before U.S. card issuers are forced to go to chip and PIN. EMV in the U.S. was the topic of a panel at the CTST Conference in New Orleans.

Crooks Have Your Card and You Don’t Even Know It

How Thieves Copy Credit and Debit Cards and Drain Accounts

By ELISABETH LEAMY – ABC News

May 2, 2008—

 While your ATM card is tucked in your wallet, thieves half a world away could be cloning it and using it. The crime is called “white card fraud,” and ABC News investigated just how easy it is for thieves to make a copy of your card and use it to drain your account.

It’s difficult to get an exact figure, but it’s estimated that identity thieves net an estimated $345 million this way every year. Gary Burkey of Wilmington, Del., discovered somebody was withdrawing money from his account at ATM machines in a part of Pennsylvania he had never even visited.

Criminals get people’s numbers in a variety of ways. One way they capture card numbers is by installing skimmer devices over the slot where you insert your card when you use an ATM.

They also use hidden cameras to record your PIN. Miami Beach police have actual footage from a crook’s camera in Florida that shows a victim inputting his PIN. Clear as day: 1-4-2-6.

Click here for tips to protect you from today’s modern identity thieves.

“What makes this really sneaky, really devious, is once the criminals get the account information, they wait on it for a little while, said Cpl. Jeff Whitmarsh of the Delaware State Police. They replicate the cards and when the consumer least expects, that’s when they go in and hit the account.”

ABC News found the machines used to copy cards for sale right on the Internet, even though there are very few legitimate uses for them. We had our choice of 30 machines and bought one for about $500. We were even able to request priority shipping and received the package the next day.

ABC took the device to Chris O’Ferrell, an ethical hacker for a computer company called Command Information, which helps the federal government secure its systems.

We handed over an ABC News credit card and O’Ferrell swiped it so the machine could capture the information on the magnetic strip. Right away, the data popped up on the computer screen: name and account information.

With another swipe, O’Ferrell transferred it to a blank white card that came with our kit. Any card with a magnetic strip can be made into a clone — gift cards, hotel key cards, etc.

In less than five seconds, we had a duplicate credit card.

“That’s it. That’s all there is to it,.” O’Ferrell said.

We cloned an ATM card too. At one point we even accidentally deleted the data on one of our source cards, but since we had a clone, we were able to put the data back on.

Once we had clones of our cards, the question was, would they work? We tried the Visa card out at a gas pump. Without actually making a purchase (we didn’t want to violate any laws) we inserted the card to see if it would get authorized.

When the “lift the handle and begin fueling” message came up, we knew our clone was working. We tested the cloned ATM card by checking our balance at an ATM machine. When the screen read “Hello Elisabeth Leamy,” that was our first clue that that one was working.

It’s a bonanza for crooks. They used to have to risk going into stores to buy pricey merchandise, which they then sold for cash. Now they can just drain ATMs. Authorities say specialized crews do nothing but hit ATMs, cashing out on behalf of other identity thieves and taking a commission. One Bulgarian gang pulled $200,000 out of a single cash machine in Florida.

More than 65 other countries in Europe, Asia and South America now use smart chip technology that makes card cloning almost impossible. But the United States has stayed with magnetic strips to avoid the cost of converting ATMs. By one estimate, we have 400,000 cash machines in this country.

“It’s totally unacceptable,” O’Ferrell said. “It makes it extremely easy for the criminals to clone our cards and steal our identities.” Experts say since U.S. credit and debit cards are so much easier to tap, U.S. cardholders have become targets.

Copyright © 2008 ABC News Internet Ventures