Shane Balfe and Kenneth G. Paterson (2008) e-EMV: Emulating EMV for Internet payments using Trusted Computing technology v-2.
Full text access: Open
The introduction of EMV-compliant payment cards, with their improved cardholder verification and card authentication capabilities, has resulted in a dramatic reduction in the levels of fraud seen at Point of Sale (PoS) terminals across Europe. However, this reduction has been accompanied by an alarming increase in the level of fraud associated with Internet-based Card Not Present (CNP) transactions. This increase is largely attributable to the weaker authentication pro- cedures involved in CNP transactions. This paper shows how the functionality associated with EMV-compliant payment cards can be securely emulated in software on platforms supporting Trusted Com- puting technology. We describe a detailed system architecture encom- passing user enrollment, card deployment (in the form of software), card activation, and subsequent transaction processing. Our proposal is compatible with the existing EMV transaction processing architec- ture, and thus integrates fully and naturally with already deployed EMV infrastructure. We show that our proposal, which effectively makes available the full security of PoS transactions for Internet-based CNP transactions, has the potential to significantly reduce the oppor- tunity for fraudulent CNP transactions.
This is a Published version This version's date is: 07/03/2008 This item is peer reviewed
https://repository.royalholloway.ac.uk/items/db1f86f4-249b-455f-aed7-83b52b46b371/1/
Deposited by () on 13-Jul-2010 in Royal Holloway Research Online.Last modified on 13-Dec-2010
[1] M. Abadi and T. Wobber. A logical account of NGSCB. In Davidde Frutos-Escrig and Manuel N¶u nez, editors, Proceedings of the 24thInternational Conference on Formal Techniques for Networked and Dis-tributed Systems (FORTE 2004), volume 3235 of LNCS, pages 1{12.Springer Verlag, 2004.
[2] M. Al-Meaither and C. J. Mitchell. Extending EMV to supportMurabaha transactions. In Proceedings of the 7th Nordic Workshopon Secure IT Systems (NordSec 2007), pages 95{108, Gjovik Univer-sity College, Norway, October 2003. Department of Telematics, NTNU,Trondheim, Norway.
[3] A. Alsaid and C. J. Mitchell. Preventing phishing attacks using trustedcomputing technology. In Proceedings of the 6th International NetworkConference (INC 2006), pages 221{228, July 2006.
[4] AMD. AMD64 architecture programmer's manual: Volume 2: Systemprogramming, AMD Publication no. 24594 rev. 3.11 edition, May 2006.
[5] APACS. Card fraud the facts 2006. http://www.apacs.org.uk/resources_publications/documents/FraudtheFacts2006.pdf,April 2006.
[6] APACS. Card fraud losses continue to fall. http://www.apacs.org.uk/media_centre/press/07_14_03.html, March 2007.
[7] B. Balache®, D. Chan, L. Chen, S. Pearson, and G. Proudler. Secur-ing intelligent adjuncts using trusted computing platform technology.In Proceedings of the 4th working Smart Card Research and AdvancedApplications (CARDIS 2001), pages 177{195. Kluwer Academic Pub-lishers, Norwell, MA, USA, 2001.
[8] S. Balfe, A.D. Lakhani, and K.G. Paterson. Securing peer-to-peer net-works using trusted computing. In C.J. Mitchell, editor, Trusted Com-puting, pages 271{298. IEE Press, 2005.
[9] P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neuge-bauery, I. Pratt, and A. War¯eld. Xen and the art of virtualization. InProceedings of the 19th ACM Symposium on Operating Systems Princi-ples (SOSP 2003), pages 164{177, The Sagamore, Bolton Landing (LakeGeorge), New York, 19{22 October 2003. ACM Press, Bolton Landing,New York, USA.
[10] E. Brickell, J. Camenisch, and L. Chen. Direct anonymous attestation.In Proceedings of the 11th ACM conference on Computer and Commu-nications Security (CCS 2004), pages 132{145, Washington DC, USA,2004. ACM Press, New York, NY, USA.
[11] PCI Security Standards Council. Payment Card Industry Data SecurityStandard { Version 1.1. https://www.pcisecuritystandards.org/tech/download_the_pci_dss.htm, 2006.
[12] R. Dhamija, J. D. Tygar, and M. Hearst. Why phishing works. InProceedings of the SIGCHI Conference on Human factors in computingsystems (CHI 2006), pages 581{590, Montreal, Qubec, Canada, 2006.ACM Press, New York, NY, USA.
[13] EMVCo. Book 3 - Application Speci¯cation, 4.0 edition, December 2000.
[14] EMVCo. Book 1 - Application independent ICC to Terminal Interfacerequirements, 4.1 edition, May 2004.
[15] EMVCo. Book 2 - Security and Key Management, 4.1 edition, May2004.
[16] EMVCo. Book 3 - Application Speci¯cation, 4.1 edition, May 2004.
[17] EMVCo. Book 4 - Cardholder, Attendant, and Acquirer Interface Re-quirements, 4.1 edition, June 2004.
[18] S. Gajek, A-R. Sadeghi, C. StÄuble, and M. Winandy. Compartmentedsecurity for browsers{or how to thwart a phisher with trusted computing.ARES, 0:120{127, 2007.
[19] E. Gallery and A. Tomlinson. Conditional access in mobile systems: Se-curing the application. In First International Conference on DistributedFrameworks for Multimedia Applications (DFMA 2005), pages 190{197.IEEE, 2005.
[20] V. Haldar, D. Chandra, and M. Franz. Semantic remote attestation: Avirtual machine directed approach to trusted computing. In USENIXVirtual Machine Research and Technology Symposium, pages 19{41.USENIX, May 2004.
[21] E.V. Herreweghen and U. Wille. Risks and potentials of using EMVfor internet payments. In Proceedings of the 1st USENIX Workshop onSmartcard Technology, pages 163{174. USENIX, May 1999.
[22] IBM-Global-Services. IBM Global Business Security Index Report,February 2005.
[23] Intel-Corporation. LaGrande Technology Preliminary Architecture Spec-i¯cation, intel publication no. d52212 edition, May 2006.
[24] C. Jackson, D. Boneh, and J. Mitchell. Attack of the transaction gen-erators. http://crypto.stanford.edu/SpyBlock/spyblock.pdf.
[25] C. Jackson, D. Boneh, and J. Mitchell. Spyware resistant web au-thentication using virtual machines. http://crypto.stanford.edu/antiphishing/spyblock.pdf.
[26] T. Jaeger, R. Sailer, and U. Shankar. PRIMA: policy-reduced integritymeasurement architecture. In Proceedings of the 11th ACM Symposiumon Access Control Models And Technologies (SACMAT 2006), pages19{28, Lake Tahoe, California, USA, 2006. ACM Press, New York, NY,USA.
[27] V. Khu-Smith and C.J. Mitchell. Using EMV Cards to Protect E-commerce Transactions. In Proceedings of the 3rd International Confer-ence on E-Commerce and Web Technologies (EC-WEB 2002), volume2455, pages 388{399. Springer-Verlag, London, UK, January 2002.
[28] J.M. McCune, B. Parno, A. Perrig, M.K. Reiter, and A. Seshadri. Mini-mal TCB Code Execution. In Proceedings of the 2007 IEEE Symposiumon Security and Privacy, pages 267{272. IEEE Computer Society, Wash-ington, DC, USA, 2007.
[29] P. Meadowcroft. Combating card fraud. http://www.scmagazine.com/uk/news/article/459478/combating+card+fraud/, January 2005.
[30] C.J. Mitchell, editor. Trusted Computing. IEE Professional Applicationsof Computing Series 6. The Institute of Electrical Engineers (IEE), Lon-don, UK, April 2005.
[31] C. Radu. Implementing Electronic Card Payment Systems. ArtechHouse, Inc., Norwood, MA, USA, 2002.
[32] A-R. Sadeghi, M. Selhorst, C. StÄuble, C. Wachsmann, and M. Winandy.TCG inside?: a note on TPM speci¯cation compliance. In Proceedingsof the 1st ACM workshop on Scalable trusted computing (STC 2006),pages 47{56, Alexandria, Virginia, USA, 2006. ACM Press, New York,NY, USA.
[33] A-R. Sadeghi and C. StÄuble. Property-based attestation for computingplatforms: caring about properties, not mechanisms. In Proceedingsof the 2004 workshop on new security paradigms (NSPW 2004), pages67{77, Nova Scotia, Canada, 2004. ACM Press, New York, NY, USA.
[34] A-R. Sadeghi, C. StÄuble, and N. Pohlmann. European Multilateral Se-cure Computing Base: Open Trusted Computing for You and Me. http://www.prosec.rub.de/Publications/SaStPo2004Web.pdf, 2004.
[35] U.S. Securities and Exchange Commission. Form 10-K { The TJX Com-panies, INC. http://www.sec.gov/Archives/edgar/data/109198/000095013507001906/b64407tje10vk.htm, 2007.
[36] A. Seshadri, M. Luk, N. Qu, and A. Perrig. SecVisor: a tiny hypervisorto provide lifetime kernel code integrity for commodity OSes. In Proceed-ings of 21st ACM SIGOPS symposium on Operating Systems Principles(SOSP 2007), pages 335{350, Stevenson, Washington, USA, 2007. ACMPress, New York, NY, USA.
[37] SETCo. SET Secure Electronic Transaction 1.0 speci¯cation |the formal protocol de¯nition. http://www.cl.cam.ac.uk/research/security/resources/SET/, May 1997.
[38] E. Shi, A. Perrig, and L.V. Doorn. BIND: A Fine-Grained AttestationService for Secure Distributed Systems. In Proceedings of the 2005 IEEESymposium on Security and Privacy, pages 154{168. IEEE ComputerSociety, Washington, DC, USA, 2005.
[39] TCG. TCG PC Speci¯c Implementation Speci¯cation, 2003. https://www.trustedcomputinggroup.org/downloads/specifications.
[40] TCG. TCG Speci¯cation Architecture Overview, 1.2 edition,2004. https://www.trustedcomputinggroup.org/downloads/specifications.
[41] TCG. Trusted computing: Opportunities and challenges. https://www.trustedcomputinggroup.org/downloads/tcgpresentations/, 2004.
[42] TCG. Interoperability Speci¯cation for Backup and Migration Services,1.0 revision 1.0 edition, 2005. https://www.trustedcomputinggroup.org/specs/IWG/.
[43] TCG. TCG Mobile Trusted Module Speci¯cation, .09 draft edition, 2006.https://www.trustedcomputinggroup.org/specs/mobilephone/.
[44] TCG. TCG Speci¯cation Architecture Overview Revision 1.2, 1.2 re-vision 93 edition, 2006. https://www.trustedcomputinggroup.org/downloads/specifications.
[45] TCG. TPM Main: Part 1 Design Principles, 1.2 revision 93 edi-tion, 2006. https://www.trustedcomputinggroup.org/downloads/specifications.
[46] TCG. TPM Main: Part 2 Structures of the TPM, 1.2 revision 93 edi-tion, 2006. https://www.trustedcomputinggroup.org/downloads/specifications.
[47] TCG. TPM Main: Part 3 Commands, 1.2 revision 93 edi-tion, 2006. https://www.trustedcomputinggroup.org/downloads/specifications.
[48] The Sunday Times. Don't use cards at petrol stations. http://business.timesonline.co.uk/, Febuary 18 2007.
[49] Visa. 3-D SecureTM Protocol Speci¯cation: System Overview. http://international.visa.com/fb/paytech/secure/main.jsp, May 2003.
[50] Visa. Cardholder information security program { list of vali-dated payment applications. http://usa.visa.com/merchants/risk_management/cisp_payment_applications.html, October 2007.
[51] Visa. Cardholder information security program bulletin 102307{visa announces new payment application security mandates.http://usa.visa.com/merchants/risk_management/cisp_payment_applications.html, October 2007.