Possible Serious Security Flaw In ATMs 167
sfjoe writes "According to a story at MSNBC.com, researchers at Algorithmic Research (ARX) have shown it may be possible for 'someone with access to the ATM network to attack the special computers that transmit bank account numbers and PIN codes, called hardware security modules'. Using these methods, an attacker could trick the security modules into exposing a PIN. It has long been considered impossible to access PINs as they are traveling through the ATM network without the encryption key used by the card-issuing bank. If PINs can be compromised, the almost 8 billion transactions per year they handle may be in danger. Not to mention all the transaction at retail stores."
Poink-Poink-Poink-Poink (Score:5, Funny)
Stop reading my tones!
Re: (Score:2)
If this is like a windows exploit then we're all in for it.
If on the other hand it's like a linux issue: If you're local, have this obscure package installed, stand on your head and swallow a glass of water you can become root, then I'm not nearly as worried. Still needs to be fixed, but much less worried.
-nB
Re: (Score:3, Interesting)
There's almost no State/Federal regulation (that I'm aware of).
Re:Poink-Poink-Poink-Poink (Score:5, Interesting)
http://www.beyondrobson.com/tech/2006/10/avoid_ba
Therefore, not only is the ATM network insecure, it always has been for other reasons.
--jeffk++
The reality of this is... (Score:5, Funny)
Re:The reality of this is... (Score:5, Insightful)
Re:The reality of this is... (Score:4, Insightful)
Having said that, I hope that even if they do know who you are, that they ask to see ID every time, like my teller colleagues and I did. A lot of people have this silly notion that the only time we ask for ID is if the person in front of us is not the person on the account. For some reason they didn't understand that we had no way of knowing that until we had seen ID. When we asked we actually had idiots say "Why? I'm the owner of the account," as if we would turn red in the face and say "Of course you are. How silly of me to ask. Certainly a criminal would have provided us with ID without being asked."
But if tellers ever get to the point that store clerks do (and I suspect many have) then any old schmoe will be able to take money out of your account. I can't tell you how many times I've had cashiers ring up a sale without ever even looking at either my ID or my signature on the back of the credit card. I've had times where I offered and was refused, as if they didn't want to have anything to do with security checks of any variety as that might bring upon them responsibility or something. I'm not talking about small purchases here either.
So my point is, if bank tellers get to the point of laziness as most cashiers, you're money isn't safe in the bank whether or not you have an ATM card. The best you can do is keep an eye on it and report anything as soon as it happens.
Re: (Score:3)
A little bit worrying if somebody could swipe my card and pull out cash right in front of the teller.
Re: (Score:2)
Re: (Score:3, Interesting)
Re: (Score:2)
I like that anecdote on page 2 about a cashier having the card owner sign the card in front of her. Reminds me of when I was at my local supermarket and for some reason the Chip+Pin machine rejected my card and I had to give my signature. It'd been so long since I'd signed that I'd not noticed that the signature had faded away to the point that you could tell there used to be something there but couldn't make out what it was. The checkout clerk called a manager and the manager had me re-sign my card and go
Re: (Score:2)
You don't need ID (Score:3, Informative)
They're supposed to check your signature, but not your ID.
Remember those Visa Check Card commercials from a few years back, where some easily recognizable celebrity would walk into a store without his ID, try to pay for something with a check, and be frustrated when the clerk couldn't recognize him? The point was you don't need ID when you pay with Visa, y
Re: (Score:2)
Wow. I didn't know that. I guess I shall be calling it soon - EBGames always checks ID for all credit card purchases. (They have a sign, too...) And yes, they take Visa - I
Re: (Score:2)
Indeed. Here [visa.com] are the merchant rules (PDF). Page 29 says "merchants cannot refuse to complete a purchase transaction because a cardholder refuses to provide ID. Visa believes merchants should no
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Yes, it is. From page 28 of the Rules for Visa Merchants [visa.com]:
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Fraud occurs
Bill comes
You discover fraud
You dispute charges
End of story
Whereas the story for check cards will more like go like this:
Fraud occurs
You get a notice from your landlord/mortgage company that your check bounced
You get a notice from your credit card company that your check has bounced and that your 6.9% credit card is now a 21% credit card
You discover the fraud
You dispute the charges
A day or tw
Re: (Score:2)
Indeed. The big difference between credit and debit cards isn't the ease of committing fraud, but the consequences of fraud if it occurs.
However, the other debit cards are worse. Finding your PIN isn't any harder for a scammer than forging your signature, and on PIN debit cards, you don't have the fraud guarantees that you do with Visa - so not only will your checks bounce and your credit score fall, but you'll never see that money
Re: (Score:2)
No, you still have to sign when you use them. Forging a stranger's signature is harder than watching him type his PIN.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
The rental itself may or may not require the showing of ID but is unrelated to the payment.
In other words, if you pay for the car rental in cash and don't provide a credit card in any way shape or form (good luck with that) then they would still demand ID - specifically a driver's license.
Re: (Score:2)
Re: (Score:3, Funny)
Re: (Score:2)
Lucky You (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
You dad was right, though. Cash is, indeed, king. The problem is that you have to be willing to save until you can afford to buy without credit. This is something that most of us, not even your dad, is willing to do. Credit is an all or nothing deal. You either play the game with all the risks, or you are generally excluded from borrowing money from anywhere except the insti
Re: (Score:2)
If the thing you are buying on credit does not make you more productive, and help you at least recoup the interest, then your finances are poorly managed; you spend more than you make, and end up paying more for the same quality of life.
If however, you buy something that helps you make more money, then credit is a good idea: it helps you grow faster than a strict cash-only strategy.
Note that the line between productive and unproductive investments is rath
Re:The reality of this is... (Score:4, Insightful)
Re: (Score:2, Insightful)
When I read the article, I couldn't believe that anyone would even consider building a "secure" system where third-party machines have to decrypt and re-encrypt such sensitive data... or any encrypted data for that matter... that's why it's encrypted in the first place.
What did they hope to accomplish by doing this?
Re: (Score:2, Interesting)
Re: (Score:2)
Who knew the system was this broke? (Score:3, Interesting)
There must be some reason (I hope) but the security model that they're describing in TFA seems horribly flawed. It depends purely on the security of some black-box hardware modules embedded at different points in the system.
Basically, what they're saying is that there's no end-to-end encryption of your "PIN block" (PIN+Account number, don't ask me why they're transmitted together instead of separately with some random transaction identifier). Instead, the ATM encrypts it for the next mac
Re: (Score:2)
No, it's not. Translators of this nature are used in numerous crypto systems.
In any system you have to balance risk with practicality. The risk in this case (a symmetric system) is protocol insecurities and protecting the physical security of several processing points. The practical value (besides not having to change a system that has worked for decades) is that symmetric crypto is cheap to implement in hardware (asymmetric has been very expensive unti
Re: (Score:2)
Intercepting Transmission (Score:5, Interesting)
He was able to get credit card numbers, pins, and all of the other information transmitted, and stole a lot of money before being caught. And he wasn't caught by bank security or software, he was caught because a clerk was paying attention, IIRC.
Re:Intercepting Transmission (Score:5, Informative)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
The only one that had inflammatory hand wringing was the Mp3 player that Sound emitted from the line is then interpreted using a modem line tap, or passed through a Ukrainian computer software program which is illegal to purchase.
And yes, there is crypto, at least for US ATM networks, between the ATM and end unit HSM.
This isn't a comment regarding the original article, just this particular story.
Re: (Score:3, Interesting)
Also covered here [timesonline.co.uk].
And here. [com.com]
If there was crypto used, it absolutely sucked.
If all you need is a modem line tap or an illegal program to crack ATM's, there isn't much security is there?
I don't think there is crypto. I think the information is sent across the phone lines as plain text. The purpose of the modem line tap or illegal program is to convert the signal going over the line (the same signal you hear when you pick up the phone during a fax or internet connection) to text. From there, no men
Let's just get this clear right now... (Score:5, Funny)
Re: (Score:3, Funny)
Re: (Score:2)
Is this ATM machine based on Windows NT technology?
Re: (Score:2)
What's the big deal? (Score:2, Insightful)
Re: (Score:2, Insightful)
Re: (Score:2)
Actually it has surfaced before. These researchers have extended attacks that were described in 2003, which in turn extended earlier attacks. Even before that ANSI & ISO issued several updates to PIN encryption standards to protect against known weaknesses.
The oldest standards for PIN encryption used the naive approach of padding the PIN and encrypting it. For a 5 digit PIN this gives only 10,000 possible ciphertexts per key. The attacks describes by the Israeli researchers target this format.
Be
Holding All the Cards (Score:5, Interesting)
The cost of chipcards that generate onetime passwords, to protect from replay attacks, is minimal. Especially compared with fraud and theft. What's taking them so long?
Re: (Score:2)
Try reading one of those cards when you've had your pupils dialated sometime.
Re: (Score:2)
Re:Wrong (Score:2)
The cost of chipcards that generate onetime passwords, to protect from replay attacks, is minimal.
Not even close. Everything about the change is gigantic considering they would need to somehow inte
Re: (Score:2)
The cost of chipcards, and the key infrastructure, is minimal compared to the profits the banks make off of us. And compared to the costs of losses in security. And the costs of losing customers. What about the ATM thefts we're disc
Re:Yes and No (Score:2)
Because this is easier and more profitable than going to a proper microprocessor smart card. More importantly, the banks get to promote the perception that they are running a tight ship.
I entirely agree with your comments regarding the history and profile of banking. In the U.S. anyway, it seems policy/regulation is not preventative. Sadly, I think another massive failure will be required.
Your commen
Re: (Score:2)
Re:Smart Card (Score:2)
Better e-purses already do this. They don't do multiple bank accounts though. That would require either multiple e-purses or "one purse to rule them all..."
encrypt the transactions for transmissions
Better epurses do something like this now. Essentially mutual authentication followed by password. From there the entire transaction is encrypted between the terminal and the card. The beauty of a proper smart ca
Re: (Score:2)
Re: (Score:2)
The entire protocol that the banks currently use on my plaintext PIN is irrelevant. I have no way of knowing whether the ATM I'm swiping somewhere in the crowded downtown bar district, so drunk that I must have that pack of chocodiles and Dr Pepper, though I've spent all my cash on whiskey, is a trojan horse that's harvesting my PIN before sending it to the real ATM interface embedded in the trojan. Months later they replay my PIN and steal my money. I'll never find
Danger (Score:2)
It was as if the entire NCC had suddenly received the news, and the voices of NCC staffers across the country had cried out as one. We could only look at each other in stunned silence, afraid to speak, as if any utterance would risk making our greatest fear become real, and the terror would come out of the cold dark depths...t'would come for us - the KRACKEN!!!
Easier to manually do it (Score:4, Insightful)
Using the information directly at an ATM to get a couple of hundred dollars would be too much effort, too high risk, and too little return. More likely, the PIN would be used to obtain larger sums of cash via other methods - calling in a bank transfer or something to that effect.
While on the surface it seems unlikely that somebody would go through the hassle, if one gained access to the ATM network, and had means to unencrypt the traffic at least in part, there is a great deal more potential for crime than simply obtaining an ATM PIN number.
Banks shouldn't be reliant on security at the switches either - all it takes is one bad employee to reduce the effectiveness of on site security to nothing, and I imagine with the pay rates they are kicking out, there are more than a few employees vulnerable to trouble of one sort or another.
New Title to Earn? (Score:4, Funny)
Sorry, obvious pun joke. Had to make it. Any others?
Re:New Title to Earn? (Score:4, Insightful)
Re: (Score:2)
Re: (Score:3, Funny)
Re: (Score:2)
So just use it as a credit card? (Score:4, Interesting)
Re: (Score:3, Insightful)
Re: (Score:2)
I never quite understood the reason for using it like an ATM when it takes so fucking long. I use a card because I want it to be fast (no ID checks, no signature, no change).
Important holiday information (Score:2)
convergence! (Score:2)
Chicago (Score:2)
As long as the ATMs in Chicago are secure I'll be fine ;-)
Re: (Score:2)
No. Fcking. Way. (Score:2)
Holy crap! People with access to a network can attack it? Next you're going to tell me that the only secure computer is one that's turned off, locked in a safe, and dropped to the bottom of the Marianas Trench.
ok mr. paranoid (Score:2)
Re: (Score:2, Insightful)
What a coincidence! (Score:3, Interesting)
FWIW, ARX was actually something of a leader and had some cool ideas... several years ago. I'm not sure whether it was because of financial trouble, incompetent management, neither, or both, but they were lapped by players like nCipher, Luna (now part of SafeNet), Utimaco, even Thales, which focuses on serving the credit card transaction market but doesn't have things like Diffie-Hellman key exchange because VISA and Mastercard don't require them, and yes, even the old low-cost option, Eracom (bought by Safenet in order to do away with a pesky competitor).
Not impressed by the banking industry reassurances (Score:2)
(Still trying to wrap my head around every "switch" (router?) in the network decrypting and re-encrypting the PIN block. These being systems outside the control of the data owner).
Really Unlikely... (Score:2, Interesting)
Usually the people that have the technical know-how don't have userid's or passwords to
Root cause: playing with ciphertext (Score:2)
End-to-End Encryption? (Score:2)
It is generally considered safer to do end-to-end encryption. The first ATM encrypts all the information and the intermediaries just pass through a collection of bytes (without needing to know what the bytes mean), once the bytes reach the target bank, the information is decrypted, verified and the response is send back (possibly encrypted as well). This way all tempering at interm
This is highly unlikely (Score:3, Informative)
Re: (Score:2)
The attacks described are against the PIN Translation function, not PIN Verification.
PINs, as you will know, must be formatted before encryption. ANSI X9.8 and ISO 9564 provide standards for PIN formats. You should also know that in its passage across a network, a PIN goes through several zones, and is changed not only from one encryption key to another, but also from one format to another, according to the zone.
The attacks exploit the fact that you can change the PIN's format, in particular the abili
real serious security flaw In ATMs .. (Score:2)
"At the STM, the information is combined into a format called a PIN block, scrambled, then passed along the network. The intermediate steps are called switches, and these are rarely owned by the cardholder's bank. So at each step, the PIN block is unscrambled and rescrambled with a new key i a machine called a hardware security module (HSM). It's at these intermediate points where hackers could trick the machines into divulging PINs, Israeli researchers say."
Re: (Score:3, Funny)
Re: (Score:2)
Expensive? When was the last time that you stayed in a hotel with electronic door locks using magnetic cards? Most of them have card writers at the front desk where they pull a "blank" card from a pile, run it through the machine...
Well... hmm... I'm making an assumption here that they *are* writing to the card instead of just pulling a pre-written number off the card to tell the electronic lock
Re: (Score:2)
Re: (Score:2)
It might have changed nowadays but there used to be a one way hash of the PIN (or more likely of something like the PIN + some other not so easy to retrieve info such as the account number) on the magnetic strip so that the PIN could be authenticated by ATMs that didn't handle the embedded chip.
AFAIK most ATMs still support the magnetic strip
Re: (Score:2)
Re: (Score:2)
If i read Inside Windows NT correctly, Windows hashes them with an algorithm, gets the hash from the server and compares the hashes alone.
So the password is never ever sent across.
What can't we do the same for the ATM cards.
I believe the new Smart Cards in use in UK are capable of doing that.
Even in 2001, Australia's EFTPOS had a similar facility. I had bought Sydney Morning Herald, and a bottle of LIFT (c
Re: (Score:2)
The problem with designs like this is that the PIN usually is just 4 digits. So while you can put a lot of effort in a complicated encryption mechanism that is supposed to be nonreversible, it is very easy to bruteforce. Just try all 10000 possible pins (in fact fewer, because combinations like 0000 are never issued) and see if you arrive
smart cards irrelevent .. (Score:2)
"a fundamental weakness in the system that banks use to keep debit card PIN codes secret while they are transported across bank networks"
was Re:Not possible with smart cards