Optimised to Fail: Card Readers for Online Banking

  • Saar Drimer
  • Steven J. Murdoch
  • Ross Anderson
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5628)


The Chip Authentication Programme (CAP) has been introduced by banks in Europe to deal with the soaring losses due to online banking fraud. A handheld reader is used together with the customer’s debit card to generate one-time codes for both login and transaction authentication. The CAP protocol is not public, and was rolled out without any public scrutiny. We reverse engineered the UK variant of card readers and smart cards and here provide the first public description of the protocol. We found numerous weaknesses that are due to design errors such as reusing authentication tokens, overloading data semantics, and failing to ensure freshness of responses. The overall strategic error was excessive optimisation. There are also policy implications. The move from signature to PIN for authorising point-of-sale transactions shifted liability from banks to customers; CAP introduces the same problem for online banking. It may also expose customers to physical harm.


banking security reverse engineering authentication liability chip and PIN 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Anderson, R.J., Needham, R.M.: Robustness principles for public key protocols. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 236–247. Springer, Heidelberg (1995)Google Scholar
  2. 2.
    APACS: Online banking usage amongst over 55s up fourfold in five years (August 2007),
  3. 3.
    APACS: APACS announces latest fraud figures (September 2008),
  4. 4.
    RedTeam: iTAN online-banking security system. CAN-2005-2779 (August 2005),
  5. 5.
    EMVCo, LLC: EMV 4.1. (June 2004),
  6. 6.
    Taylor, M.: Police think French pair tortured for pin details. The Guardian (July 2008),
  7. 7.
    Jenkins, R.: ‘brainless thugs’ get life term. The Times (May 2008),
  8. 8.
    Wong, R.M., Berson, T.A., Feiertag, R.J.: Polonium: an identity authentication system. In: IEEE Symposium on Security and Privacy, p. 101 (1985)Google Scholar
  9. 9.
    Drimer, S., Murdoch, S.J.: Keep your enemies close: Distance bounding against smartcard relay attacks. In: USENIX Security Symposium (August 2007)Google Scholar
  10. 10.
    Finn, C.: MTN not budging on fraud issue. IOL technology (May 2008),
  11. 11.
    Lomas, N.: Government gateway 2.0 looks to fatter future. (October 2007),,3800010403,39168629,00.htm
  12. 12.
    Make Card Readers Optional (2008),
  13. 13.
    Samuel, H.: Chip and pin scam ‘has netted millions from British shoppers’. Telegraph (October 2008),
  14. 14.
    ZKA: ZKA-TAN-Generator: Belegungsrichtlinien für die Dynamisierung der TAN (January 2008),
  15. 15.
    Rütten, C., Bachfeld, D.: Ausweispflicht: Sicheres home-banking mit der chipkarte. c’t (17), 98–103 (2008),
  16. 16.
  17. 17.
    Davida, G., Frankel, Y., Tsiounis, Y., Yung, M.: Anonymity control in E-cash systems. In: Luby, M., Rolim, J.D.P., Serna, M. (eds.) FC 1997. LNCS, vol. 1318, pp. 1–16. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  18. 18.
    Kerckhoffs, A.: La cryptographie militaire. Journal des sciences militaires 9, 5–38 (1883)Google Scholar
  19. 19.
    Bohm, N., Brown, I., Gladman, B.: Electronic commerce: Who carries the risk of fraud? The Journal of Information, Law and Technology (3) (October 2000),
  20. 20.
    Banking Code Standards Board: The banking code (March 2008),
  21. 21.
    Drimer, S., Murdoch, S.J., Anderson, R.: Thinking inside the box: system-level failures of tamper proofing. In: IEEE Symposium on Security and Privacy, Oakland, May 2008, pp. 281–295 (2008)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Saar Drimer
    • 1
  • Steven J. Murdoch
    • 1
  • Ross Anderson
    • 1
  1. 1.Computer LaboratoryUniversity of CambridgeUK

Personalised recommendations