Securing the World’s InformationSecuring the World’s Information

Secure Dynamic Credit and Debit Cards

Stop Credit Card and Identity Theft

Andre Brisson

Stephen Boren

Co founders/ Co Inventors 2006 Narrated

The Problem

Rampant credit card and Identity Theft

The Approach

Use of Identity Management keys in a non-cryptographic context by association of a unique key to a unique account

Immediate malfeasance detection – Dynamic Identity

Verification and Authentication [DIVA]

Immediate revocation

Compatibility

This technique can be used independently. It can be used in conjunction with existing PKI approaches to add an additional layer of protection and by enabling theft detection and immediate revocation capability.

The credit or debit card is initially issued to the user and contains a random 1k chunk of data generated from the user’s unique key. The card has write-back capacity. The server has all the pertinent user, key and offset information. The user’s card does not have the offset. The user’s card does not have its private key so the key can never be stolen.

The Secure Process

the credit card has write back capacity

db at bank server for processing transactions

a separate db at bank server with unique WN distributed keys for each and every card holder

The goal is to make each and every transaction unique

1. The WN keys are highly random and unpredictable. There were no randomness failures against the NIST test suite. It is impossible for a thief to guess or break.

2. The offsets are never transmitted or written to the card so they can’t be stolen. The user’s private keys is never written to the credit card. The keys are kept on a separate bank server db than the cardholder information to keep the offset separate from the key. The keys can be kept at the bank in an encrypted state. They can be encrypted either with Whitenoise or AES.

3. Each transaction becomes a unique event because the 1k chunk of data is updated on every transaction.

4. Cards can easily be refreshed or updated by going to a web site and having a new chunk of data written to the card. This eliminates the majority of card replacement which is expensive.

Secure Characteristics

Name Credit Card Number PIN Offset point to WN key DBAndre 8888 8888 8888 8888 basic authentication WN9794939453DB WN keys Andre’s WN

Key – 3938589898989898989898989989898989894978345784583485348583858328306380-5387086045684-9084568-345689086-349068-468-46490585858etc.

A B C1

2

43

1

Step 5 – The offset is updated to then beginning of the next 1k chunk of data, and finally this new 1k chunk of data is written back to the card for the next use.

The Secure Process

A = Client card

B = Bank database

C = WN Key database (separate from offset)

Step 1 – A purchase is made and the card A is run through a swipe. The first level authentication PIN number is entered and the transaction begins.

Step 3 – The offset is noted and the 1k chunk of data is compared between the server DB and the card.

Step 4 – If the 1k chunk of data matches up between the card and the server, the transaction is processed.

Step 2 – Another level of authentication is verifying that the serial number on the card is the same that is listed at the bank db.

Let us imagine a crook has managed to double swipe your card and capture all of the information on the card including the random chunk of key data. There is no offset to capture. There is no key to capture.

This assumes that a thief can break the user MS .net2 robust password that has a brute force odds of being broken of 1 in 80 trillion.

This also acknowledges that there is NO key and NO offset information that can be stolen. Only the card number and the random chunk of data is available to a thief.

There are only two possible outcomes!

1. The legitimate owner uses his/her card first, the chunk of random key data is updated on the legitimate card. The thief then uses the stolen card and it won’t process because the 1k chunk does not match between the stolen credit card and the server. The account is immediately disabled.

2. The thief uses the stolen card first successfully. The next time the card holder uses their card the transaction is refused because the stolen card has been updated, the offset on the server database has been updated, but NOT chunk of data on the legitimate card. Theft has been identified. The account is immediately disabled. We know where the theft occurred because of the previous transaction.

Either Or Outcomes

Assume the thief can make a copy of a client credit card and somehow has broken or captured the password.

Securing the World’s InformationSecuring the World’s Information

100 % Theft Prevention

Credit Card companies like AMEX are already issuing smart cards to combat theft.

If credit cards and debit cards are simply manufactured with chips that have unique identifiers or unique serial numbers burned into the chips, then theft prevention can be 100% effective.

Smart Cards and unique identifiers

Bank Key, Private Key and Piracy Prevention

USER CREDIT CARD PRIVATE KEY

• The user private key is securely stored at the bank vault - it is never transmitted electronically. The user key is not ever on the user credit card. This key is not used cryptographically but rather is a Random Number Generator. (Keys are enormous but storage is easy. See multiplicity in our technical presentation)

• The private key is unique for each credit card and account. The serial number on the client card is used as a seed to set the initial offset and create unique private key associated with a specific credit card. This serial number is used with the Bank Application key to decrypt the clients private key during a transaction.

Private Key

• pre-authenticated distributed key is never given to the credit card holder. It is kept securely by the bank.

• It has never been transmitted electronically. It is never given out. It never leaves the bank’s control.

• Private keys can be kept encrypted to prevent internal malfeasance at the bank with WN or AES.

• Serial number on chip/device etc.

• The smart credit card has a unique serial number [NAM, identifiers..] burned onto its chip

Bank Application Key

This can be a unique key for the bank or credit card company and is used to decrypt the user credit card private key in order to generate the appropriate random strings of data for transaction authentication.

Credit Card Theft Stopped Dead in its Tracks!

The credit card transaction is initiated.

The server reads the card’s unique serial number. The first authentication step is simply to compare this serial number with the device serial number associated with the account. It then uses this serial number with the NEVER transmitted bank key at the server to decrypt the credit card account private key in order to generate and compare the random chunks of data

At the bank server, the application key will be able to decrypt and use private key if the serial number is correct. The identical corresponding random chunk of data is regenerated from the offset for comparison.

A pirated or copied key will be copied to another medium/media with a different serial number or without a serial number at all

The bank application key will be unable to decrypt the credit card Private key for the comparison of random data. The server recognizes the illegal attempt and immediately disables the account.

Should the thief make it this far, the random chunk of data between the card and the server must still match 100% before the transaction continues

Scotia Bank Secure Network Server

1. Server reads serial number from existing smart card.

2. Server generates unique key and unique startingoffset associated with that specific card and updates itself

with UID, starting offset, key info, encrypts private key with application key. This all stays at the server. The server

sends the first chunk of random data to the card.

New credit card

Coming in from the cold

1. Expand secure credit card networks in 2 steps electronically

2. Secure legacy distributed smart credit cards – MFG acceptance is helpful

3. Persons can add password for access and two factor authentication