These days everyone has a stake in Chip and PIN security - it can be the topic of the over-the-counter conversation as you pay, of the boardroom executives at a bank, or over a pint at the pub. So how is EMV, the electronic payments standard underlying Chip and PIN shaping up? And what is the modern landscape of payments fraud? Here, Mike Bond, Technical Director at Cryptomathic, shares his opinion.
First of all, EMV truly is a new age in electronic payment. EMV brings together two familiar security concepts into one heavyweight architecture: a payment token which is hard to counterfeit - the chip; and an authentication method which does not depend upon human judgement - the PIN. Neither of these factors in themselves is intrinsically new, but it is a third factor which heralds the new age: the scale of deployment. The potential is for billions of cardholders, millions of terminals.
Because of the size of EMV, the fundamental concepts upon which it is founded can actually be shifted by its deployment, as if in a never-ending feedback loop. For example, the chip models currently used for EMV may have been hard to counterfeit when they were first issued, but advances in technology, for instance in electromagnetic emissions analysis, could reduce their security. This is an external factor. But consider now the amount of money protected by EMV and the significance of its security for our economies - such a driver actually prompts research, be it in criminal communities, industry, or academia. Such research activities when focussed could quickly undermine the security of one design of chip.
The defence built into EMV is support for diversity. While such a level of complexity brings other worrying security implications, it enables EMV to tread the fine line between global interoperability and diversity. We get security, but when one piece does inevitably break, the whole system does not crumble. Thus EMV supports both offline and online transactions, transactions based upon symmetric and asymmetric cryptography, multiple routes and methods for verifying the PIN, and each issuer can customise the issuer to card protocols within the EMV framework. The level of support for customised risk management is unprecedented.
Yet why, despite these strengths, is there such dispute over whether EMV is being successful, and if Chip and PIN (as customers know it) is a good thing or a bad thing? Why did Shell pull the plug on Chip and PIN at 500 or so petrol stations after a spate of phantom withdrawals ? Why do some militant customers cut up their cards and demand Chip and Signature replacements? Put simply, EMV is a fraud bulldozer. It is a large earth-moving tool for changing the landscape of payments security.
In the UK, EMV has already changed the landscape substantially: stolen card fraud is down and collusive merchants are no longer a problem (because they take the liability when the PIN is not verified). Instances of card skimming, phantom withdrawals and card-not-present fraud, however, are all increasing; some radically so.
Financial crime is like the illegal narcotics trade. It is such a significant part of the global economy that it's here to stay. No change in the payments landscape will dam the flow, there will simply be an overspill of fraud elsewhere. The recent UK news stories about fraud at Shell Garages may claim to expose Chip and PIN failures, but are in fact reporting the first signs of change in the landscape; Chip and PIN has not broken, but its strength has made the ATM system of "magstripe and PIN" considerably weaker. This is one of the places to which fraud is now flowing, and when a flow passes through a different player's back yard that player inevitably gets upset.
So often in electronic payments, debates about the effectiveness of the bulldozer are muddled up with debates about what sort of landscape we should build. Everyone wants to have a say on what is built next to their housing estate, but the availability of the tools to do the job is rarely in question. Partly this blurring is a plain mistake, but sometimes it arises from the genuine blurring of business and technology. Just as our tastes and concepts of music evolve in parallel with marketing models for music (singles, albums, charts, ringtones), so the technological architectures of payments systems are evolving in parallel with business models for the payments industry. This is why, for instance, there is so much risk management built into EMV at a protocol level.
There are indeed shortcomings of EMV as a bulldozer -- landscapes it cannot build -- but they are few. The first arises from the chosen form-factor of the smart-card: it is a device with no trusted user interface. The cardholder thus has no way to be 100% certain who the card is doing business with, and how much money is being transacted whenever the card is proffered. This gives rise to the relay attacks described by Anderson, Bond and Murdoch . Mobile phones as portable trusted interfaces, or specialised card readers such as those planned for use with the CAP internet banking scheme could be the solutions here. A third hi-tech option which could raise the bar without demanding a trusted interface could be electronic range bounding, where the time it takes the electronic signals to travel (at the speed of light) can be measured with exceptional accuracy, bounding a card's location within 10 metres or so. Such technology is still under development but could certainly mitigate the relay attack threat.
So don't believe that EMV is anything other than successful: there is just some inevitable conflict to be ironed out about what the payments landscape of the future should look like.
References and Further Readings
-  "Petrol Firm Suspends Chip and PIN", BBC News Online, http://news.bbc.co.uk/1/hi/england/4980190.stm
-  "Chip and Spin", R. J. Anderson, M. K. Bond, S. J. Murdoch http://www.chipandspin.co.uk/spin.pdf
- Selected articles on Key Management (2012-16), by Ashiq JA, Chuck Easttom, Dawn M. Turner, Guillaume Forget, James H. Reinholm, Matt Landrock, Peter Landrock, Steve Marshall, Torben Pedersen, Maria Stokes, John Trankenschuh and more
Previously published in Cryptomathic NewsOnInk, 2006