Advertisement

Might Financial Cryptography Kill Financial Innovation? – The Curious Case of EMV

  • Ross Anderson
  • Mike Bond
  • Omar Choudary
  • Steven J. Murdoch
  • Frank Stajano
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7035)

Abstract

The credit card system has been one of the world’s great successes because of its adaptability. By the mid-1990s, a credit card had become a mechanism for authenticating a transaction by presenting a username (the card number) and a password (the expiry date, plus often a CVV) that was already used in mail order and could be adapted with little fuss to the Internet. Now banks in Europe, and increasingly elsewhere, have moved to the EMV “Chip and PIN” system which uses not just smart cards but also “trusted” hardware. The cryptography supported by this equipment has made some kinds of fraud much rarer – although other kinds have increased, and the jury is still out on the net effect. In the USA in particular, some banks and others oppose EMV on the grounds that it will damage innovation to move to a monolithic and inflexible system.

We discuss the effects that cryptographic lock-down might have on competition and innovation. We predict that EMV will be adapted to use cards as keys; we have found, for example, that the DDA signature can be used by third parties and expect this to be used when customers use a card to retrieve already-purchased goods such as air tickets. This will stop forged credit cards being used to board airplanes.

We also investigate whether EMV can be adapted to move towards a world in which people can use bank cards plus commodity consumer electronics to make and accept payments. Can the EMV payment ecology be made more open and competitive, or will it have to be replaced? We have already seen EMV adapted to the CAP system; this was possible because only one bank, the card issuer, had to change its software. It seems the key to innovation is whether its benefits can be made sufficiently local and incremental. We therefore explore whether EMV can be adapted to peer-to-peer payments by making changes solely to the acquirer systems. Finally, we discuss the broader issue of how cryptographic protocols can be made extensible. How can the protocol designer steer between the Scylla of the competition authorities and the Charybdis of the chosen protocol attack?

Keywords

Credit Card Smart Card Message Authentication Code Competition Authority Transaction Data 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Anderson, R.: Security Engineering – A Guide to Building Dependable Distributed Systems. Wiley (2008)Google Scholar
  2. 2.
    Anderson, R.: How to get money back from a bank, on LightBlueTouchpaper.org (March 29, 2010), http://www.lightbluetouchpaper.org/2010/03/29/how-to-get-money-back-from-a-bank/
  3. 3.
    Anderson, R., Bond, M.: The Man-in-the-Middle Defence. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds.) Security Protocols. LNCS, vol. 5087, pp. 153–156. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  4. 4.
    The Smart Card Detective: a hand-held EMV interceptor, Omar Choudary, MPhil thesis at University of Cambridge, Computer Lab, http://www.cl.cam.ac.uk/~osc22/scd/
  5. 5.
    Drimer, S., Murdoch, S., Anderson, R.: Thinking inside the box: system-level failures of tamper proofing. In: IEEE Symposium on Security and Privacy, pp. 281–295; journal version as Failures of Tamper-Proofing in PIN Entry Devices. IEEE Security and Privacy 7(6), 39–45 (November-December 2009)Google Scholar
  6. 6.
    Murdoch, S., Drimer, S., Anderson, R., Bond, M.: Chip and PIN is Broken. In: IEEE Symposium on Security and Privacy, pp. 433–444 (2010)Google Scholar
  7. 7.
    Drimer, S., Murdoch, S.J., Anderson, R.: Optimised to Fail: Card Readers for Online Banking. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 184–200. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  8. 8.
    Evans, D.S., Schmalensee, R.: Failure to Launch: Critical Mass in Platform Businesses. Review of Network Economics 9(4) (2010), http://www.bepress.com/rne/vol9/iss4/1
  9. 9.
    Kelsey, J., Schneier, B., Wagner, D.: Protocol Interactions and the Chosen Protocol Attack. In: Christianson, B., Lomas, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 91–104. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  10. 10.
    Murdoch, S.J., Anderson, R.: Verified by Visa and Mastercard Securecode: Or, How Not to Design Authentication. In: Sion, R. (ed.) FC 2010. LNCS, vol. 6052, pp. 336–342. Springer, Heidelberg (2010)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Ross Anderson
    • 1
  • Mike Bond
    • 1
  • Omar Choudary
    • 1
  • Steven J. Murdoch
    • 1
  • Frank Stajano
    • 1
  1. 1.Computer LaboratoryUniversity of CambridgeCambridgeUK

Personalised recommendations