X
Tech

It's time to fix Banking security from the ground up

The fundamental problem with Banking security for both ATM and credit cards is that it's still using shared secret keys in the first place and not whether retailers are doing a good enough job keeping the secret keys secret or not. When you use a Smartcard (or any kind of cryptographic token), it never divulges its secret keys in the first place.
Written by George Ou, Contributor

In recent news on a massive compromise on ATM debit cards and secret pin numbers, the real problem with banking security has been largely overlooked.  All the attention is on the ineffective rules and regulations pertaining to PIN storage procedures but that isn't root cause of our banking woes.  Security Certification standards like PCI are mostly a bureaucratic exercise that are slim on security standards and fat in process.  In a discussion on our TechRepublic forums, many of our readers expressed anger at the retailers who were careless about the ATM card PIN secrets, but I see this as a more fundamental issue.  The fundamental problem with Banking security for both ATM and credit cards is that it's still using shared secret keys in the first place and not whether retailers are doing a good enough job keeping the secret keys secret or not.

PKC (Public Key Cryptography) - which uses Public and Private Keys - is the strongest and most practical cryptographic authentication ever invented.  PKC has been around for three decades and Smartcards are essentially cryptographic tokens that implement PKC by securely storing and processing Public and Private Keys.  European nations have already adopted Smartcard technology on a wide scale.  When you use a Smartcard (or any kind of cryptographic token), it never divulges its secret keys in the first place.  Had the banking industry standardized on Smartcards, there would be no opportunity for retailers to compromise ATM cards and secret PIN numbers in the first place.

Even if you walked up to a fake ATM machine set up for the purpose of stealing ATM cards and PIN numbers, the Smartcard would not be compromised.  The only way to compromise a Smartcard is to physically steal it, but that would alert the owner of the card that it's missing.  That whould immediately prompt the owner of the card to report the loss and the Bank would immediately issue a certificate revocation making the stolen Smartcard worthless.  The way ATM security is now, the only way to know something is wrong when you find out someone has cashed out your entire Bank account.

Having a simple numeric PIN pad on the Smartcard would strengthen security further.  If such a Smartcard is stolen, the thief would have to know the PIN to use the Smartcard.  Having the PIN on the Smartcard itself instead of some external PIN verification mechanism would also protect a user's PIN against sloppy retailers since the PIN would never actually leave or be used outside of the Smartcard.  All the PIN does is activate the Smartcard and it's no one else's business what your secret PIN is, not even your Banks.  Another option is use a biometric finger print reader to ensure that only the owner of the Smartcard can use it, but this is usually a lot more expensive and reliability of finger print readers come in to question.  (Note that this is actually the proper use of Biometrics since a Biometric is essentially a really long constant secret that's hard to replicate.  Biometrics by themselves should never be though of as an elixir of security.)

The other huge benefit of using Smartcards is that it would be possible to consolidate all of your ATM and Credit cards in to a single Smartcard or some other standardized cryptographic token.  A cryptographic token can store multiple profiles and credentials of numerous entities making it ideal for consolidating multiple authentication tokens.  I raised this possibility last year in my blog "Why stop with single sign-on, why not universal sign-on".  Why in age of the Internet we should still be carrying a separate electronic car key, building badge, VPN token, 10 different ATM and Credit cards, and Driver's license most of which use weak authentication is beyond me.

Editorial standards