Reducing HSM Reliance in Payments through Proxy Re-Encryption

Credit and debit-card payments are typically authenticated with PINs. Once entered into a terminal, the PIN is sent as an encrypted \emph{PIN block} across a payments network to the destination bank, which decrypts and verifies the PIN block. Each node in the payments network routes the PIN block to the next node by decrypting the block with its own key, and then re-encrypting the PIN block with the next node\u27s key; nodes establish shared secret keys with their neighbors to do so. This decrypt-then-encrypt operation over PIN blocks is known as \emph{PIN translation}, and it is currently performed in Hardware Security Modules (HSMs) to avoid possible PIN exposure. However, HSMs incur heavy acquisition and operational expenses. Introduced at EUROCRYPT\u2798, proxy re-encryption (PRE) is a cryptographic primitive which can re-encrypt without exposing sensitive data. We perform an extensive study of PRE as applied to PIN translation, and show through formalization, security analysis, and an implementation study that PRE is a practical alternative to HSMs. With PRE, we eliminate the need for HSMs during re-encryption of a PIN, thus greatly reducing the number of HSMs needed by each participant in the payments ecosystem. Along the way we conduct practice-oriented PRE research, with novel theoretical contributions to resolve issues in comparing so-called honest re-encryption to chosen-ciphertext PRE security, and a new efficient PRE scheme achieving a type of chosen-ciphertext security

Investigating EMV chip and pin card security

Following the COVID-19 outbreak in 2019, there was a global shift towards card payments over traditional cash transactions, preferring chip and pin cards. Within the context of this study, these are called EMV cards. In the financial industry, the EMV protocol is a global standard for credit and debit card transactions using chip enabled smart cards. EMV stands for Europay, MasterCard, and Visa, the three companies that initially developed the standard. As the adoption of these cards rose, so did the incidents of hacking and exploitation attempts. Motivated by these challenges, the author chose to investigate the security aspects of the EMV protocol. Throughout the investigation, the author successfully executed a MITM attack on three bank cards, effectively intercepting the communications between the cards and the terminal. By carefully analyzing these intercepted packets, the author was able to extract crucial card details, including the card number, expiry date, card type, transaction amount, and currency. The author also managed to obtain the PIN code for two of the cards successfully This report aims to achieve a deeper understanding of the EMV protocol's functioning and identify the specific protocol features employed in Chip-and-PIN cards. Additionally, the study seeks to identify any potential security vulnerabilities in the transaction process. The findings and insights gained from this study are expected to contribute valuable knowledge to enhance the overall security of card payment systems in today's interconnected financial landscape

Analysing and Improving the Security of Contactless Payment Cards

Europay, MasterCard, and Visa (EMV) is the most used payment protocol around the world with 85.9% of the payment cards in the EU and the UK being EMV based cards in 2019. The EMV payment protocol has made contactless transactions faster and more convenient for cardholders as they only need to place the card next to the Point of Sale (POS) to make a payment. According to the latest report of the UK Finance, the total value of contactless card transactions in 2019 was higher than the cash ones for the first time ever. On the other hand, the introduction of the wireless interface in the EMV contactless transactions opens the door for several attacks to be launched on contactless cards such as skimming, eavesdropping, replay, and relay attacks. Since April 2020, the limit of contactless transactions has increased to £45 as a response to the Covid-19 crisis. This might create an extra motivation for launching more attackers on contactless cards. This thesis is primarily concerned with investigating and analysing the security of contactless card’s payments and uncovering the impact of key vulnerabilities in the EMV contactless card specifications. The two main vulnerable are the one-way authentication methods and the lack of cardholder verification in such transactions. The thesis also proposes the following four practical protocols to improve the security and the privacy of the EMV contactless cards. 1- A new tokenization protocol to replace the actual Primary Account Number (PAN) with a token to prevent the EMV contactless cards from revealing the actual PAN. 2- A mutual authentication protocol to address the vulnerabilities related to the EMV one-way card authentication methods in the EMV payment protocol. 3- A novel gyroscope sensor into EMV contactless cards to be used for activating the cards by perfuming a simple move by the cardholder. 4- A protocol to use cardholders’ NFC enabled smartphones to activate contactless cards. The two main aims of these four proposed protocols are to prevent such cards from being read by unauthorised NFC enabled readers/smartphones and to give cardholders more control of their contactless cards in order to prevent several attacks. Moreover, the thesis also describes a Java framework to mimic a genuine EMV contactless card and validate the four proposed solutions. The thesis argues that the first two proposed solutions require minimal changes to the existing EMV infrastructures and do not have any impact on the user’s experience while the last two proposed solutions require some changes the users’ experience when making contactless card transactions