Attack on the GridCode one-time password
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Human-computer interaction for security research: the case of EU E-banking systems
INTERACT'11 Proceedings of the 13th IFIP TC 13 international conference on Human-computer interaction - Volume Part IV
Verified by visa and mastercard securecode: or, how not to design authentication
FC'10 Proceedings of the 14th international conference on Financial Cryptography and Data Security
Might financial cryptography kill financial innovation? --- the curious case of EMV
FC'11 Proceedings of the 15th international conference on Financial Cryptography and Data Security
hPIN/hTAN: a lightweight and low-cost e-banking solution against untrusted computers
FC'11 Proceedings of the 15th international conference on Financial Cryptography and Data Security
ICDCIT'12 Proceedings of the 8th international conference on Distributed Computing and Internet Technology
Formal analysis of the EMV protocol suite
TOSCA'11 Proceedings of the 2011 international conference on Theory of Security and Applications
Using NFC phones for proving credentials
MMB'12/DFT'12 Proceedings of the 16th international GI/ITG conference on Measurement, Modelling, and Evaluation of Computing Systems and Dependability and Fault Tolerance
Designed to fail: a USB-Connected reader for online banking
NordSec'12 Proceedings of the 17th Nordic conference on Secure IT Systems
Hi-index | 0.00 |
The Chip Authentication Programme (CAP) has been introduced by banks in Europe to deal with the soaring losses due to online banking fraud. A handheld reader is used together with the customer's debit card to generate one-time codes for both login and transaction authentication. The CAP protocol is not public, and was rolled out without any public scrutiny. We reverse engineered the UK variant of card readers and smart cards and here provide the first public description of the protocol. We found numerous weaknesses that are due to design errors such as reusing authentication tokens, overloading data semantics, and failing to ensure freshness of responses. The overall strategic error was excessive optimisation. There are also policy implications. The move from signature to PIN for authorising point-of-sale transactions shifted liability from banks to customers; CAP introduces the same problem for online banking. It may also expose customers to physical harm.