12

Visa payWave and MasterCard PayPass have similar description - the card is equipped with antenna that it uses to talk to the terminal. For small purchases (something like less that $50) the transaction is authorized by bringing the card close (smth like no more than two inches) to the terminal.

Now what if my card is in my pocket and someone gets close to me in a crowd with a fraudulent device behaving like a terminal? What if I lose my card and someone picks it up and uses for many small purchases? How is the fact that the card being close to the terminal is the only requirement for the transaction and no other participation of the card bearer is required to authorize a transaction addressed?

sharptooth
  • 2,889
  • 2
  • 25
  • 31
  • See related question about security of chip cards of the RFID variety (also called EMV) more so than Smart Card variety: http://money.stackexchange.com/questions/1080/are-the-new-smart-or-chip-credit-cards-better-from-a-security-standpoint I'm uncertain if this question is about chip cards as tagged, or not really...? – Ellie Kesselman Feb 05 '12 at 12:25
  • @Feral Oink: I've never seen a payWave or a PayPass without a chip and both payment systems claim they used some hardcore cryptography and that would require a chip anyway. – sharptooth Feb 06 '12 at 06:08
  • I thought I understood how this worked, and now I am more confused than before! I've read what you just said, from other sources too. – Ellie Kesselman Feb 07 '12 at 19:33

5 Answers5

5

They're not. Basically, other than the data being transmitted using the RFID chip, the protection is exactly the same as the one you have on your magnetic strip: NONE.

But, you tagged this as "chip-card". Don't confuse, a chip-card is something different. Chip-cards are used in Europe and in many other places where privacy and security are of a concern for people. This type of cards is very safe and is protected very well. The chip on the card is actually a smart-card processor, which transmits encrypted data that can only be used with a pin that you type in separately. Stealing the card or copying the data on the chip, even if possible, doesn't provide anything usable to the thief, similarly as stealing your ATM card without knowing its pin makes it totally useless. In many places in Europe, they won't accept the American cards with only magnetic stripe.

But, many cards provide zero-liability protection, and you can always dispute fraudulent charges. So, let the retailers suffer the damages of the insecure American banking system, and may be they'll push the banks to adopt the European chip-card system.

littleadv
  • 172,884
  • 15
  • 295
  • 479
  • 1
    I always secretly hoped that such a wireless card was a smart card with a microprocessor running a cryptographically encrypted protocol over the air so that while someone could eavesdrop the signal he still can't "read" the card and can't replay the protocol because the protocol uses disposable challenges (nonces). – sharptooth Dec 27 '11 at 09:45
  • Can you back the statement about there being no protection on the RFID communication up with a reference? Because I thought sharptooth was right. – DJClayworth Dec 28 '11 at 04:31
  • 1
    @DJClayworth RFID readers are freely available and pretty cheap. I'm sure you can find enough references with a simple google search. While smart card readers are pretty cheap as well, the smartcards themselves are costly, and very hard to reverse-engineer, definitely not on the fly while you have your card in your back pocket. They have their own processing and provide additional security through public-private key encryption in addition to the PIN. So even without the brain-readers to get the PIN, smart cards are much harder to fake than a RFID device (those have no processing). – littleadv Dec 29 '11 at 05:01
  • @sharptooth RFID devices have no processing capabilities as they have no power source. The RFID response is transmitted using the energy from the reader (the cash-register), that's why you need to put your card really close to it. What you describe is done in smart-cards, and requires additional power source. Since you're not likely to attach a Duracell to your credit card, smart-card cards require physical contact with the readers. – littleadv Dec 29 '11 at 05:04
  • @littleadv: Wireless smart cards do have a power source - it's the induction power system using the antenna and being fed by the magnetic field of the reader. – sharptooth Dec 29 '11 at 07:56
  • @sharptooth - you're again confusing terms. RFID chips are not smart cards. They don't have any processing power. They use the electrical power gathered from the magnetic field of the reader for a one-way transmission of a pre-recorded, constant chunk of data. That's exactly like using your employee card to open a door by passing it by the reader. Same kind of chip and same kind of operation. Nothing smart there. "Smart card" is a name given to a card that has a processor inside, and is capable of two-way communications and performs own data processing. – littleadv Dec 29 '11 at 08:11
  • @littleadv: Okay, do you state that a Visa/MC "wireless" card doesn'y have a processor for running a cryptographic protocol? – sharptooth Dec 29 '11 at 08:26
  • @littleadv - You are kind of right - The rfid chip links to a database that has the card information. So just getting the information from the rfid chip is not enough. That said it is easy for an attacker to get an account to use that information but would be much harder to profit from it. But an Anonymous style attack where they create bogus transactions for lolz is possible. –  Dec 29 '11 at 17:47
  • @Chad - RFID cards are prone to the classic "Man in the middle" attack, exactly as the magnetic stripes. – littleadv Dec 29 '11 at 20:54
  • @sharptooth yes, that's what I'm saying. The data transmitted by the card may be already encrypted, but its encrypted when recorded on it, not by the card itself. The main difference between the smart card and the RFID chips is that the smart card produces different information each time its read, while RFID provides constant information. Thus it doesn't matter if its encrypted or not, it can be just copied and retransmitted as is. – littleadv Dec 29 '11 at 20:58
  • @littleadv - They are but the actual account information resides in a database as opposed to the magnetic stripe which has it all neatly encoded and ready for use. You would need to get the info from the rfid. Then query the database to get the raw card information. –  Dec 29 '11 at 20:59
  • @Chad - it doesn't matter where the actual information is, as long as you can fool the reader to think that you're holding the actual card. If you're going shopping - you don't really care, as long as you get past the register. – littleadv Dec 30 '11 at 01:57
  • Be aware, I've retagged this "contactless-payment" while it was up here. –  Aug 17 '12 at 22:23
  • 1
    @littleadv payWave and PayPass both use smart cards, not simple RFID tags. These contain persistent memory and a CPU to perform cryptographic operations on the transaction data. While there are attacks against some contactless schemes, simply copying the card will not work. – lxgr Sep 15 '14 at 20:38
5

From a technical POV, there are two main versions of contactless payment cards - For MasterCard there is PayPass M/Chip and PayPass MagStripe. I believe the Mag Stripe version may just be used in the US, where there are fewer chip cards, while M/Chip is used on cards which have EMV chips. (ref)

I believe the current versions of PayPass M/Chip do perform crypto on the chip and produce dynamic hashes, meaning the transactions can not be replayed. This value is called CVC3 and can be static or computed dynamically depending on your issuer. (ref) I think dynamic is more common now, but I'm no expert. Naturally, only dynamically generated CVC3 values can't be replayed.

I've heard plenty of people ask the question about someone in a crowd with a PayPass terminal. I can't believe any merchant would allow this to happen - because MasterCard and VISA and probably their bank, would be very, very upset and would shut the merchant down quickly. As the fraud is being performed by a merchant, not a customer I think it would be found and stopped quickly. Maybe I'm naive, but it seems this would be a terrible method of committing fraud.

From a banking point of view, in Australia at least, provided you report your card as lost or stolen, your liability is limited to some nominal amount (I am not a lawyer - consult your bank). The transaction amounts here are limited to $100. I assume banks / MasterCard / VISA have run the numbers and still feel the possibility of more transactions and associated transaction fees, outweighs the risks.

Additionally, we're also now seeing small value VISA transactions not require a PIN or signature - so this kind of issue now exists for non-paypass transactions.

Regardless of all this, I'm pretty sure VISA and MasterCard will at some point mandate the inclusion of PayPass/Paywave in newly issued cards.

dkam
  • 309
  • 2
  • 4
2

Don't mix security with RFID. A contact Chip-card is NOT more or less secure that a contact-less one. You have to think it as the transport layer that is not secure in any way. The security is elsewhere : protocol, crypto, keys, etc...

bmussard
  • 21
  • 1
1

EMV contactless cards (which by now should include almost all newly issued cards) use an offline transaction counter to increase security. This counter is maintained inside the card and incremented every time a contactless transaction is confirmed by the card.

At least some issuers use that counter to limit the number of contactless transactions before the card has to be used for a contact transaction, which would usually require cardholder verification by PIN entry or signature.

This limits the risk to the number of allowed contactless transactions times the maximum amount per transaction.

lxgr
  • 177
  • 5
-1

I believe contact does have one way in which it is inherently more secure. The card has to go inside the reader. What if a thief could take money out of your wallet simply by running his hand near your pocket? Without proper PDOL implementation it seems this could be possible.

NDawg
  • 1