Credit card payment systems touch all of our lives, and because of this there’s a lot riding on the security of that technology. The best security research looks into a widely deployed system and finds the problems before the bad guys do. The most entertaining security presentations end up finding face-palmingly bad practices and having a good laugh along the way. The only way to top that off is with live demos. [Karsten Nohl], [Fabian Bräunlein], and [dexter] gave a talk on the security of credit-card payment systems at the 32nd annual Chaos Communications Congress (32C3) that covers all the bases.
While credit card systems themselves have been quite well-scrutinized, the many vendor payment networks that connect the individual terminals haven’t. The end result of this research is that it is possible to steal credit card PINs and remotely refund credits to different cards — even for purchases that have never been made. Of course, the researchers demonstrate stealing money from themselves, but the proof of concept is solid. How they broke two separate payment systems is part hardware hacking, part looking-stuff-up-on-the-Internet, and part just being plain inquisitive.
The first hack fools someone into entering their credit card PIN into a terminal, and then logging it to a PC. With the stripe data and the PIN, the credit card is totally compromised. Normally, you shouldn’t be able to change this part of the terminal’s behavior, but they manage to figure out the terminal’s secret password that enables creating arbitrary menus, and the game is over.
This was possible because the terminal checks the validity of the password byte by byte. You could therefore look for times that the CPU took a couple more cycles to respond and determine that you had a correct byte. Iterate this eight times, and the eight-byte password is cracked.
The second hack is even more embarrassing. Armed with a password that [Fabian] found in a leaked document on the Internet, a terminal’s ID number (printed on every receipt), and a brute-forceable port address, they could initiate random purchases and refunds remotely.
Finally, and this is our favorite part, [dexter] goes through how he defeated the supposedly-secure hardware security machine (HSM) that holds the “secret” passwords on every card reader machine out there. The clever design stores the password in SRAM with a battery backup, and makes it very difficult to open the box without disconnecting the power, causing the bits to fade away.
After breaking a couple machines to see how they work, [deter] figured out just the right place to wedge a grounded needle under the shield and the secrets weren’t so secret anymore.
Is there a lesson in all this? Don’t store passwords on devices that you’re giving out to hundreds of thousands of stores. Someone will buy a couple on eBay and get those passwords. Using asymmetric encryption, like with public-key cryptography schemes, would mean that the secret key wouldn’t need to reside on the device at all, and would have thwarted our presenters fairly early on.