Archives for : June2009

    Trojan software has been found in ATMs located in Eastern Europe

    This is Great, I want one of these cards and a list of ATM’s.

    From the Security Now Podcast

    Steve: It’s like, oh, goodness, yeah. It’s quite something. So the big news, though, I just sort of had to kind of smile because I told all of our listeners this was going to happen. I said just wait, this is a bad idea, we’re going to see how bad it is. Trojans have – Trojan software has been found in ATMs located in Eastern Europe.
    Leo: Oh. Oh.
    Steve: From many different vendors.
    Leo: Oh, dear.
    Steve: But what one thing do all of the trojan-infected ATMs have in common, Leo?
    Leo: Let me guess.
    Steve: Mm-hmm.
    Leo: Windows?
    Steve: Windows XP.
    Leo: Ai yi yi.
    Steve: The LSASS service is the manager of protected content in the system. It’s not quite the right acronym. I can’t think of what it is right now. But it’s like the main security service. And fake ones have been found in the Windows directory. The LSASS EXE normally lives in the Windows System32 directory. They were written in Borland’s Delphi.
    Leo: You’re kidding.
    Steve: No.
    Leo: Well, that’s kind of sophisticated for a hacker. Wow.
    Steve: And it’s considered, I mean, it’s commercial-grade code. It’s good code.
    Leo: Oh, boy.
    Steve: These are not remote installation Trojans. It’s believed that somebody had to have access to the machines.
    Leo: Oh, even worse.
    Steve: But they have special credit cards. When they swipe the special credit card in the infected machine, it accesses the trojan software, which among other things allows them to dump out all the cash from the machine. But in the meantime it’s logging all of the users’ information and PINs, which it’s able to dump out encrypted with DES encryption from the printer, from the ATM printer in the front of the machine.
    Leo: Wow.
    Steve: So the – and anyway, so it’s interesting to me. Again, it’s, you know, people defended the idea of implementing these things that I contend should never have been written in Windows. They say, well, but it’s easier to write them. And it’s like, yes.

    DUKPT Overview and Transaction notes


    I was asked on another post relating to DUKPT to provide some backgound. Given I have lots of material on the subject, I thought I would create this thread. Link


    I will come back at some stage and expand on this when I get time.

    Transaction Process narrative:

    The diagram describes a mobile terminal/ATM is described using the a AS2805 (‘2805’) message type and 3DES DUKPT and dual direction auth SSL from the terminal to the aquirer (transaction switch).

    A good explanation of DUKPT can also be found at Wikipedia.


    Diagram of the flow


    DUKPT transaction flow - terminal to bank

    DUKPT transaction flow - terminal to bank


    Background notes:

    • The terminal or ATM firstly encrypts the user entered pin (may be a unique DUKPT key or static, depending on the design and banks involved) prior to incorporating it into the AS 2805 transaction message.
    • the message is then encrypted again using the DUKPT key which has been established through the merchant logon process within the aquirer Host Security Module (HSM) i.e. the user entered pin is encrypted separately and encapsulated within the DUKPT encrypted 2805 message to provide full message encryption.
    • In the diagram a separate dual authenticating SSL session is also used between the terminal/ATM and the aquirers infrastructure. This allowing the transaction including the pin to traverse the external Wired/GPRS/LAN within 2 primary independent layers of encryption, with a 3rd protecting the PIN.
    • When the transaction enters the aquirer environment the message encapsulation layer provided by SSL is removed.  This leaving the DUKPT’ed 2805 message which also encapsulates the separately encrypted PIN.
    • This encrypted message is passed to the aquirer switch engine through to the aquirer’s HSM for decryption of the 2805 message excluding the user entered pin.
    • This is when transactional information necessary for aquirer’s merchant reporting (truncated card number, transaction amount, transaction type, etc.) and fraud management data is collected.
    • The aquirer switch then passes the encrypted PIN to the aquirer HSM requesting that the PIN be decrypted using the aquirer’s PIN encryption and translated to the next banks (Bank 1)  PIN Encryption Key (Pin translation only occurs within the aquirer HSM) This is then sent back to the aquirer Switch engine as the Bank 1 encrypted PIN.
    • The aquirer switch engine then send the decrypted 2805 message with the newly encrypted PIN back to aquirer HSM to be encrypted with the Bank 1 MAC key.
    • The resultant Bank 1 key encrypted message is then sent to Bank 1 for processing and/or passing to the card issuer (using a similar process as described above).
    • When the result is received back from the issuing bank it is encrypted with the Bank 1 MAC key (the pin will not be present in the result message).
    • This is then decrypted by the aquirer HSM, the transaction fate result stored into the aquirer merchant reporting system and the transaction fate re-encrypted with the original aquirer DUKPT key (should be different per terminal/merchant instance) and the result sent back to the terminal through the original established SSL encrypted terminal connection.

    The aquirer may terminate the the SSL connection on a hardware device such as a CISCO Content Service Switch (CSS), or equivalent instead of the design described in the diagram which terminates onto a SSL session server/gateway (Possibly including a Certificate Authority) or on the aquirer transaction switch.

    When PIN blocks are received by the aquirer processing centre, the PIN encryption is translated from the terminal key to the Local Master Key (LMK) by the Host Security Modules (HSM).

    When the message is sent on the upstream bank interchange link to the issuer or gateway , the aquirer HSM translates the encrypted PIN block from the LMK to the Zone Master Key (ZMK) of the aquirer interchange link. The PIN block is always encrypted using DEA3 (3DES) whenever outside of the Terminal or ATM.

    HSM-8000-User Guide V2.2