Agenda - PowerPoint PPT Presentation

1 / 21
About This Presentation
Title:

Agenda

Description:

Application Cryptograms ... This MAC is called application cryptogram. ... Application cryptogram (8 bytes) Mar 18, 2003. M rten Trolin. 17 ... – PowerPoint PPT presentation

Number of Views:44
Avg rating:3.0/5.0
Slides: 22
Provided by: mortens
Category:

less

Transcript and Presenter's Notes

Title: Agenda


1
Agenda
  • Parts that need to be secured
  • Card authentication
  • Key management

2
Security with Smart-cards
  • Avoid use of fake cards for off-line transactions
  • Detect use of skimmed cards in on-line
    transaction
  • Secure sensitive data sent to the card from the
    issuer

3
Parts That Need to Be Secured
  • Card terminal authentication
  • Card issuer interaction
  • Scripts sent to card by issuer

4
Card Terminal Authentication
  • The issuer has a certificate signed by the
    payment net (VISA, Europay or MasterCard)
  • The payment net acts as CA (Certificate
    Authority)
  • The issuer signs its card with its private key
    and puts the signature on the card
  • The issuers public key certificate is placed on
    the card
  • The terminal knows the root (CA) certificate
  • Using the root certificate, the terminal can
    verify the signature presented by the card is
    valid.

5
Overview of Keys Used
6
Static Data Authentication (SDA)
  • Each card is equipped with a signature on
    important card data.
  • No secret key on card.
  • Data signed include card number, expiration data,
    verification methods etc.
  • The signed data is sent to the terminal when
    transaction is started.
  • Same data and signature used every time
    (therefore static).

7
Signed Static Application Data, Generation
Hashed valued
Encrypt with issuer private key
Signed Static Application Data
8
Signed Static Application Data, Verification
Signed Static Application Data
Decrypt with issuer public key
9
Dynamic Data Authentication (DDA)
  • Each card is equipped with a private key and a
    public key.
  • The public key is in a public key certificate
    signed by the issuer.
  • At transaction time, the card signs random data
    with its private key.
  • The terminal checks the signature and verifies
    the certficate chain.
  • Different data used every time (therefore
    dynamic).

10
Dynamic Data Authentication
11
Comparison SDA vs. DDA
12
Card Issuer Authentication
  • Issuer needs a permanent proof that the
    transaction has taken place.
  • Protection against fraud that comes from the
    merchant.
  • Based on symmetric cryptography
  • Issuer places a key on the card at issuing.
  • Issuer keeps the same key for use in
    authorization processing.

13
Overview of Keys Used
Sent during transaction
14
Application Cryptograms
  • In every request to the issuer, the cards
    computes a MAC over certain parameters.
  • This MAC is called application cryptogram.
  • The exact algorithm is defined between the issuer
    and the card.

15
Issuer Authentication and Secure Messaging
  • If the issuer sends a MAC in the response, the
    card can verify that the message originates at
    the issuer.
  • When secure messaging is used, data sent from the
    issuer to the card is authenticated and/or
    encrypted.
  • Necessary for script processing
  • Change of risk parameters requires the messages
    to be secured with a MAC.
  • Change of PIN requires the new PIN to be
    enciphered.

16
Computing Application Cryptograms
Application cryptogram (8 bytes)
MAC computation with card key
17
Computing Response Cryptogram (ARPC)
XOR last two bytes with the response from issuer
Encrypt with card key
Application Response Cryptogram (ARPC,8 bytes)
Application cryptogram (8 bytes)
18
Key Derivation
  • Each key to be put on the card is derived from an
    issuer master key.
  • An issuer has (at least) one master key for each
    key type to be placed on the card.
  • The derivation process is performed by taking
    card data and encrypt it with the corresponding
    master key.
  • The card information used is PAN (i.e., card
    number) and sequence number.

Card information
Encryption
Issuer master key
Unique card key
19
Session Keys
Session information
  • For security reasons it is often a good idea to
    use different keys for each transaction.
  • Keys used only for one transaction are called
    session keys.

Encryption
Unique card key
Session key
20
Deriving Session Keys
  • Session keys are derived from the card key and
    session information.
  • The session information can be the transaction
    counter, ATC, or some other information sent in
    the transaction.
  • The data used for session key generation must be
    available to the issuer to allow the issuer to
    create the same key.
  • Transaction counter is sent in clear.
  • Other data used for key generation must be
    availablethrough other means.

21
Summary
  • Smart-cards protects the merchant, issuer and
    card-holder against fraud from counterfeited
    cards and fake transactions.
  • For card terminal authentication different
    levels of security is possible, e.g., SDA vs.
    DDA.
  • Card issuer authentication gives an electronic
    seal on transaction data.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Agenda" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!