Cryptography Reference
In-Depth Information
2. The card issuer contacts the card holder and requests authentication informa-
tion. While EMV-CAP (see Section 12.4.5) provides a natural way to enable
this, a common instantiation is for the card issuer and card holder to have pre-
agreed a password, which the card holder must enter into a form presented to
them in an embedded frame on their browser.
3. If authentication is successful, the card issuer computes a MAC on the critical
transaction data, using a symmetric key known only to them. This MAC is
known as a
Cardholder Authentication Verification Value
(CAVV) and acts as
sort of 'signature', vouching for the authentication of the card holder and the
transaction data. The CAVV will be used to resolve any subsequent disputes
about the transaction.
3DSecure appears to be a popular technique and is widely adopted.
12.4.5
Using EMV cards for authentication
The increase in uptake of remote banking services, both online and over the
telephone, presents banks with the challenge of coming up with strong entity
authentication mechanisms in order to reduce the risk of fraud. A wide range of
entity authentication mechanisms are used for access to remote banking services,
including dynamic password schemes, as discussed in Section 8.5. Such solutions
require bank customers to possess a device with cryptographic capability.
Since EMV cards have cryptographic capability, and EMV-supporting bank
customers have such a card by default, it is natural to consider using the EMV
card as part of an entity authentication mechanism. This is precisely the thinking
behind the
Chip Authentication Program
(CAP), which specifies a range of entity
authentication options (EMV-CAP explicitly refers to MasterCard technology,
while Visa have a similar scheme known as
Dynamic Passcode Authentication
).
These are supported by a
CAP reader
, which is a handheld device with a display
and keypad. This is much the same as the token that we described in our example
dynamic password scheme in Section 8.5.2, except that the CAP reader also has a
slot into which an EMV card can be inserted. The customer authenticates directly
to the CAP reader by means of a PIN. The CAP reader can then support several
different entity authentication mechanisms:
Identify
. This option displays a number on the CAP reader that is computed
from a symmetric key on the EMV card and an EMV customer transaction
counter, which is also stored and updated on the card. This mechanism is a
type of sequence-number-based dynamic password scheme. The cryptographic
computation essentially involves computing a CBC-MAC (see Section 6.3.3)
on the input.
Response
. This option works in almost the same way as our example dynamic
password scheme in Section 8.5.2. In this case the bank provides the customer
with a randomly generated challenge. The customer types the challenge into
