What prevents "money card" (offline smartcard system) from getting duplicated for payment fraud?

Question

I don't know how well known this system is or maybe there are equal systems better known international. So I'll introduce the related points of the system:

It is a paymentsystem where your wallet is saved on the cardchip itself. The terminals you are able to pay with such a card on do not have to have a permanent internet connection.

And even if they have, the system isn't designed for synchronisation on real time. It has at least intervals of multiple hours (AFAIK even just 1 time per day) where the moneychange gets updated.

So if such terminals aren't sharing there information of moneychange in any kind of netwrok to other terminals, what is preventing a bad guy from just duplicating the chip and its data and paying with each chip on a diferent terminal? As the available money is just stored on the chip how could a terminal know that the represented ballance is invalid? Or even the chip it self is?

Of course in the synchronisation process it will get noticed. But untill that a lot of time can elapse

If this is Off-Topic in any kind, let me please know, how to improve the question. — Zaibis, Dec 02 '14 at 11:11
You don't store the balance on the card itself, for exactly that reason. These cards have encryption capabilities to help prevent fraud by stealing the card, but this is generally to protect individual consumers, not processors. Terminals that process Debit transactions almost always _are_ hooked up with a realtime connection (to an ACH or the bank itself), specifically to mitigate these types of attacks - on older systems, this was the only way to verify the pin! Used for Credit they might not be, but you'd still be on the hook, so... — Clockwork-Muse, Dec 02 '14 at 11:41
@Clockwork-Muse That was exactly what I was thinking too, with exactly the same reasons. But I had yesterday a discussion with my teacher and he was at the point there isn't any network the terminals are in. And tryed to fight this statement. when I was at home resarching for the system on wikipedia and also other more strict to the topic forums all I was geting on information was: The terminals do not have any extern connections except the one which is needed 1 time per day to check the ballances. I also can't imagin/belive that. Thats why I'm here. I can't disproof it. But also can't belive. — Zaibis, Dec 02 '14 at 12:09
Okay, sorry, I thought that you were referring to _bank_ cards, where it was your bank balance that was saved. In that case, absolutely not (the card wouldn't know about online transactions, for example). Otherwise, yes, the card is loaded with money, and the crypto capabilities prevent tampering. This is effectively holding cash, just stored on a card. The system may not even keep track of the balance on each card, just aggregate transaction amounts for each register. No terminal maintains a db of all balances on all cards, only _maybe_ what it's processed. — Clockwork-Muse, Dec 02 '14 at 12:24
@Clockwork-Muse Nope, it is a special german system called "Geldkarte" in english it would be "money card". And the main point of the system is that its terminals need no realtime data exchange. And my question is about what kind of crypto capabilities could it be that imagin I have 10 binary identical smardcard's holding information of the money system amount X. So a) I can't pay with card 1 on terminal A and with card 2 on terminal B (given A and B have no way to communicate with each other) OR b) I can't even vreate such binary identical duplicates? — Zaibis, Dec 02 '14 at 12:32
@Zaibis We have a similar system in Brazil, and I, like you, would love the answer for this question. The balance IS saved JUST on the card. — Lucas NN, Dec 02 '14 at 18:54
http://www.superinformado.com.br/wp-content/uploads/2013/03/Sodexo-Saldo-Atual-360x270.jpg, image of our system in Brazil, NO internet connection. — Lucas NN, Dec 02 '14 at 18:55
@Zaibis "I have 10 binary identical smardcard's" And that is where you run in to a problem. The smart cards can't be copied (Without destroying them for finding a flaw in the software running on them) So there is no way to get 10 copies of the card, you will only ever have 1 copy. — Scott Chamberlain, Dec 02 '14 at 22:53
Posting this to validate the question as worthy to be asked: Some stored value cards actually store the value on the card itself. Here is an example where the protocol (to deduct the value) is insecure, and the "deduct payment" instruction is hidden https://www.youtube.com/watch?v=vZ4MqMUO5NY — makerofthings7, Dec 03 '14 at 15:35
Possible duplicate of [EMV Security? How is it possible that it's secure?](http://security.stackexchange.com/questions/16017/emv-security-how-is-it-possible-that-its-secure) — Gilles 'SO- stop being evil', Dec 12 '15 at 20:00

score 0 · Answer 1 · edited Dec 20 '16 at 07:43

0

Offline system has an overwhelming advantages of minimal infrastructure server and network cost and the transaction is fast and reliable.

There is no way you can avoid duplication even with the most advanced encryption technology of smart cards.

The preventive solutions:

setting an upper limit to reduce the total lost each time.
verify ad-normal transaction and ad-normal card ID and black-list them.
With CCTV in place in many stores, it will discourage people to take the risk.

edited Dec 20 '16 at 07:43

bummi

109
2
2
6

answered Dec 20 '16 at 07:25

Keith Lau

1

Hi, and welcome! Please, no signatures and no self-promotion. Answers should stand on their own. – schroeder Dec 20 '16 at 07:48
How would blacklisting work in an offline procdeure? – Zaibis Dec 20 '16 at 18:00

Zaibis · Accepted Answer · 2014-12-03T11:54:32.683

I could figure out some informations about the smart card it self. The chip isn't just holding binary data which every terminal is able to access. The chip contains a micro controller which can get its own firmware set up. So the terminals aren't communicating with the stored data, they just have a API to the microcontroller.

So if you want to copy the data, you have to request the mc to read the data for you. What he ofcourse will deny.

So the other way is, to physically produce a identical chip containing the same controller with the same firmware running on, made for that chip. because only that chips own mc is able to access its binary data and read it correctly. (What sounds almost impossible to me. Even if not, the amount of money won't be enough for the work this would effort)

Or the other option for doing so is: get the controller seperated from the binary data, without destroying it. and hack the encryption he stored the data with, to be able to write plain data in the chips memory.

Without hacking the encryption we could try to shortcircuit the mc...

Even to short circuit the mc wouldn't work, as the money using terminals will use the API to the controller and are also not accesing the data directly.

And I would bet, you can't short circuit the mc, access the data directly and then set back the undamaged microcontroller, without at least making it invalid by some secruity flags or such kind of stuff.

Also notable is that the terminals in generell are just able to decrease the money amount. Such that are able to increase the money are hold by the bank it self and not given out. So they are probably on a way encrypted, that the chip contains a public key which keeps some information about how the "money decrese" has to be encrypted. What would missmatch in case of a increase.

That was all I figgured out, and I would guess this is enough to be an answer even in some one else eyes.

Great answer. I didn't know about the mc's. Your answer would benefit from some links or references to (credible) sources though. — agtoever, Dec 03 '14 at 16:34
http://en.wikipedia.org/wiki/Smart_card#Design The other article is german only. — Zaibis, Dec 04 '14 at 06:57

What prevents "money card" (offline smartcard system) from getting duplicated for payment fraud?

2 Answers2