It wasn't supposed to be an ATM card. Photo credit: sjschen

Security consultant Harald Welte would be glad to say the same thing. Speaking at the annual Chaos Computer Club (CCC) Congress here Wednesday, he explained how he was able to break Taiwan’s smartcard-based transportation-payment system, which was expanded this year to be a larger citywide payment system, using a $40 smartcard reader and a few hours of time.

“Using this in the year 2010 as a payment system is ignorant, clueless, and a sign of gross negligence,” he told the audience here.

Taipei’s EasyCard system has been in place since 2001, largely as a means of paying for the subway, bus, taxis and parking. It has also been widely known to use a smartcard system called MIFARE Classic, produced by NXP Semiconductors, the security of which was publicly demonstrated to be broken by CCC members at their annual congress three years ago.

This break is no secret. It was publicized at the time, is noted on Wikipedia, and the issue was noted by NXP itself on its Web site, which today says the MIFARE Classic offers “basic levels of data security.”

“We are actively cooperating with various universities to learn and to improve our products,” the company’s statement reads. “This fits into our mission to provide world-class products that contribute to optimal security and privacy.”

The problem, Welte said, was when the city government decided to adopt a broader card-based payment system for stores and other functions, and EasyCard stepped in with its old, now-broken technology.

According to Welte, researchers from the University of Taiwan wrote a letter protesting the decision, noting the security problems. But early in 2010, the EasyCard system was rolled out on a widespread basis, now upgraded to store the equivalent of nearly $350 in Taiwanese New Dollars, which was spendable at major department stores, 7-11s, Starbucks and other shops.

That’s where Welte got interested, He’s worked on RFID issues in the mid-2000s, and worked often enough in Taiwan to be familiar with the system, .

Welte knew the MIFARE system was weak. That isn’t necessarily a problem — if, say, someone tries to hack a $50 dollar card to read $500, but there’s a backend server verification check that says this card is only supposed to have $50, the problem is more or less solved.

He decided to test the system. The cards are encrypted with a 48-bit proprietary cipher called CRYPTO1. Many security professionals don’t think much of proprietary encryption, because it can’t go through the acid test of public testing — and indeed, this is part of what was broken several years ago.

With a $40 card reader and an open source program designed to break the encryption, Welte extracted a test card’s encryption keys in about three hours, he said. That allowed him to read the raw data in each sector of the card. This was initially incomprehensible, but after adding and spending money with the card, and watching what changed, he was able to understand how the card stored purchases, dates, points of sale and other information.

So he ran it through its paces. He bought a Starbucks drink, looked at the changes on the card, and manipulated it to look as though the drink had cost more than it had. Inserting the card into the main machines showed that he had successfully subtracted money, and that the card still functioned.

That meant no backend verification. A bad sign.

He tried creating money the same way, buying something and then reducing the purchase price, and boosting the stored value. Again, no problem with the official machine readers. Welte was careful to note that he afterward added real money to the card in the same amount, and then manipulated the value downward again. Thus, the correct amount of real money had actually been spent, and he wasn’t cheating the system, merely demonstrating how easy it would be to cheat.

A few more tests convinced him. The cards were easily manipulable, susceptible to a hack that could create money that could be spent in relatively large amounts all over town.

The city government and EasyCard know about the problem, he said. Taiwanese researchers have tried to warn them, and the research is publicly available online. The problem is companies trying to rely on “security through obscurity” — using proprietary but unsafe encryption — and trying to save money by not investing in solid security.

“It reminds me of 15 or 20 years ago, of manipulating saved game points on a PC,” he said. “It’s really not that different in this case, aside from the three-hour key crack.”

His advice to companies and other organizations investing in card technology in the future? Spend a bit more money, and use a stronger security algorithm. Implement verification procedures that will prevent cards from being manipulated so simply. And when designing systems that are to last many years, build in room for software updates, once the inevitable flaws have been found.

Otherwise there is risk of creating another accidental ATM card.

Authors: John Borland

to know more click here