EMV-card. Payment Security Mechanisms

Payment cards are firmly embedded in our lives. More recently, only cards with a magnetic strip were used everywhere. Today you will not surprise anyone with a card with a chip. Everyone knows that a chip, microprocessor, or, more consonant, payment EMV card is a modern and reliable way to access a current account. It is safer than a magnetic stripe card and it is almost impossible to fake. However, the details of the implementation of the “insides” of the EMV-card are little known. Everyone who is interested in how the EMV-card works, why EMV technology ensures the security of payments and how much it is worth trusting all this, welcome under cat.

1. Introduction

What cards will we talk about?

Today, international payment systems (MPS) use the EMV standard to conduct bank card transactions. One of the most famous MPS, which is at the origins of the development of this technology, are VISA Inc and MasterCard Worldwide. Since the microprocessor cards of these companies are based on the common EMV technology, we will consider a generalized EMV card without going into details of the implementation of a company.

It should be immediately noted that the EMV specification is quite large, so the article does not claim to be a full description of the standard. Many things will be presented in a simplified form without the use of specific terminology. Since the standard is open, you can always read and understand the details on the EMVCo website if you wish.

Describing payment transactions and the functionality of an EMV card, we will refer to other participants in the system. In addition to the payment system itself, the transaction process involves:

    issuing bank – the bank that issued the payment card, and whose account is in this bank
    acquiring bank – a bank that serves a payment terminal
    payment terminal – a device that provides work with a payment card

Considering the EMV payment card in more detail, we will focus not only on the capabilities of the microprocessor. EMV technology has changed both the cards themselves and the messages exchanged between system participants; expanded the functionality of applications for terminals, acquiring banks and issuers.

2. Magnetic and EMV card authentication

One of the main tasks of the bank that issued the card is to authenticate the card during its use. In this case, authentication refers to the process of proving that a given card (or application on a card) is issued by a bank authorized for this by the relevant payment system.

How does the card authentication process work?

In general, after reading the card data, the terminal sends them through the acquiring bank and the payment system to the issuing bank. Based on the card data, the issuer determines its authenticity.

This process is one of the main problems of the security of payments by magnetic cards. On the one hand, the integrity of the magnetic card data is reliably protected by the CVV / CVC code (CVC – Card Verification Code, CVV – Card Verification Value) and it is useless to modify them. On the other hand, it’s pretty easy to copy the entire map.

2.1 Magnetic card authentication based on static data

For authentication in magnetic card transactions, static card data is used. This card data is transmitted to the issuing bank each time and does not change throughout the card’s validity period. In addition, the payment terminal practically does not assess the risks of transactions with magnetic stripe cards. As a result, in the case of a complete copying of the card, the issuing bank will not be able to reliably determine the authenticity of such a card. Accordingly, the probability of a fraudulent operation is quite high.

2.2 EMV Card Authentication Based on Dynamic Data

How do EMV cards solve this issue?

The solution to the above problem is to digitally sign static card data and transaction data that are sent to the issuer. Since a digital signature is unique for each transaction, faking or copying an EMV card is not a trivial task.

Let us consider in more detail how dynamic authentication of a card occurs during an EMV transaction. The transaction process begins when the card is installed in the terminal. The terminal transmits transaction data to the card (amount, currency, country, etc.). Then the card and the terminal mutually verify the risks of the transaction. If both devices are “satisfied”, then the card signs the transaction data, and the terminal fills in the received field (tag or tag) “DE 55” and sends it to the acquirer bank. That, in turn, sends a message to the issuing bank.

The issuer, having received the “DE 55” field, verifies the authenticity of the signature (hereinafter cryptograms) of the card, which is calculated based on the dynamic data of the current transaction, thereby verifying the authenticity of the card itself.

The process described above is a highly simplified model of an EVM transaction. However, it reveals the main security aspect of EVM payments – the use of dynamic data instead of static data for card authentication.

It should be noted that the issuer has new opportunities:

    checking dynamic cryptograms of a card
    mutual authentication: the issuer can send its cryptogram to the card
    the ability to update the card data after authentication (for example, block the card or change the limit).

Also in EMV transactions, the terminal and its risk assessment system play a significant role, according to which both the terminal and the card can make decisions about the possibility of a transaction.