NFC credit cards are broken by design


Short version: NFC enabled credit cards are broken by design. If your bank offers you one, you should refuse it. If you already have one be sure to drill a hole thru the card body to destroy the antenna.

Renaud Lifchitz (french security expert at BT ) gave a presentation today (friday 13th april 2012) at Hackito Ergo Sum 2012 conference on the lack of security in NFC enabled credit cards(no authentification and no encryption).

Security and convenience are diagonal opposite. What is convenient is rarely secure. What is secure is rarely convenient. For example my 63 characters long WPA2 WiFi passwords are a genuine pain in the rear end to enter on some devices (worst to date keyboardless Amazon Kindle) but I want to belive they are pretty secure.

NFC falls in the VERY convenient bin... some applications based on NFC are designed correctly some are not. For example the Navigo Pass used in the Paris public transportation is properly encrypted and authenticated. Another proper design is the electronic passport that requires reading the MRZ (machine readable zone) to unlock the access to the sensitive data.

On the other side of the spectrum lies the NFC enabled credit card. If you thought WEP encryption was broken, at least it tried to encrypt the data. NFC enabled credit cards don't require authentication to access the sensite data. This means that a bad guy in range can access your data and build a "clone". Or if he is in a good mood, kill the chip by doing 3 PIN failed access.

The sensitive data is sent unencrypted. This means that the bad guy (15 meters away) can eavesdrop a valid transaction and build a "clone" card.

The demo application ran on a computer and on an Android phone harvested the following data from the NFC enabled credit card:

  • the PAN (primary account number).
  • the holder first name, last name and gender.
  • the expiration date.
  • the transaction history.
  • the magnetic stripe data.

Eye roller snippets from the presentation:

  • But it's a shame and a big FAIL. They don't use any kind of authentication and any kind of encryption. So it's wide open. (at 10:40)
  • EMV (Europay MasterCard Visa) is simply poorly designed for NFC and needs a complete rewrite. (at 32:40)
  • EMV is not designed for contactless (at 32:50).
  • We haven't broke any security or tried to because there is none. (at 39:18)

From the email exchange with Renaud Lifchitz, no tricks were used. The card just communicates with the reader without encrypting data. As in the card was not forced to use a plain text mode. I'm not even sure it qualifies for security thru obscurity since it's pretty straight forward to buy a contactless smartcard reader. Renaud Lifchitz successfuly ran his "attack" on recent credit cards from Visa and MasterCard (latest from march 2012).

Given that I have a spare laptop and some contactless smartcard readers (ACG, SCM and Omnikey), I'll be able to give the demo code a try. The hardest part will be to find a NFC enabled credit card. I asked around me but I haven't found one yet.

The following Ustream video record is a boring static shot that doesn't allow to read the slides. The presentation slides are available in PDF form on the ReadNFCC Google Code project.

Video streaming by Ustream

Links and external references: