WO2009103136A2 - Procédé et équipement pour indiquer la falsification d'un terminal de lecture de carte - Google Patents

Procédé et équipement pour indiquer la falsification d'un terminal de lecture de carte Download PDF

Info

Publication number
WO2009103136A2
WO2009103136A2 PCT/BR2009/000043 BR2009000043W WO2009103136A2 WO 2009103136 A2 WO2009103136 A2 WO 2009103136A2 BR 2009000043 W BR2009000043 W BR 2009000043W WO 2009103136 A2 WO2009103136 A2 WO 2009103136A2
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
terminals
voltage
equipment
adulteration
Prior art date
Application number
PCT/BR2009/000043
Other languages
English (en)
Other versions
WO2009103136A3 (fr
Inventor
Alessandro Santiago
Ed Wilson Gabriel De Menezes
Marcel Serra Da Fonseca
Original Assignee
Redecard S/A
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Redecard S/A filed Critical Redecard S/A
Publication of WO2009103136A2 publication Critical patent/WO2009103136A2/fr
Publication of WO2009103136A3 publication Critical patent/WO2009103136A3/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/83Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/85Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/86Secure or tamper-resistant housings

Definitions

  • the present invention refers to the field of cards used to effect payments in commercial establishments and similar businesses, and refers more particularly to reading and password input terminals used in association with the said cards.
  • debit and credit cards constitute almost universal means to effect payments, due to the advantages afforded thereby over other means, such as currency or checks.
  • debit cards represent a secure means for conducting financial transactions, since the transfer of amounts between the accounts of the payer and the beneficiary is practically instantaneous.
  • the information carried in the cards is recorded in a magnetic strip or in an embedded chip, and such information relates to the card holder, the bank account number, the bank or financial institution where the card holder has an account, the term of validity of the card, etc.
  • the use of the card for financial transactions comprises the reading of the magnetic strip by the equipment and the typing of the password in a numeric keypad by the card holder.
  • This data is transmitted through a data communication line (usually by means of a dial-up connection) to the financial institutions involved in the transaction, and there is issued a receipt confirming the transfer.
  • a data communication line usually by means of a dial-up connection
  • One of the manners of defrauding these systems consists in the use of a device known by the designation of skimmer, which stores the data of the terminal users that utilize the same to effect payments.
  • the same are provided with security means such as normally closed contacts which open if the cover is removed, erasing the application software and the cryptographic key installed in the terminal.
  • security means such as normally closed contacts which open if the cover is removed, erasing the application software and the cryptographic key installed in the terminal.
  • the defrauder is able to close the said contacts permanently (by soldering, for example), in order to preserve the normal operation of the terminal even after the same has been opened. After installation of the skimmer the holes are concealed or obstructed such that they might not be noticed in a perfunctory examination.
  • the defrauder makes/performs/realizes the alterations in the apparatus, such alterations consisting in the installation of a data pickup unit to capture the data of each transaction, including in addition to the skimmer, a microcontroller and a high capacity memory.
  • the skimmer is connected in parallel with the magnetic strip reader, in order to extract the card identification data contained in the strip.
  • the defrauder maps each point of the keypad, by means of connections between the key contacts and the said pickup unit, to thereby store the user password together with the data extracted during the readout of the strip.
  • the next phase of the fraud which consists in extracting the data stored in the memory.
  • extraction can be conducted at the establishment itself, using normally unused contacts of the terminal's output connector, and connecting thereto a processor adapted/prepared/programmed - for example, a notebook computer - and using a password that releases the access to the information recorded in the memory.
  • a processor adapted/prepared/programmed - for example, a notebook computer - and using a password that releases the access to the information recorded in the memory.
  • the information obtained by means of the above mentioned fraud are then used for cloning credit cards, and more often, debit cards.
  • a first object of the invention consists in detecting the presence of a defrauding device installed in a terminal.
  • One other object of the invention consists in providing means to effect such detection without the need of gaining access to the inside of the terminal by removing the cover thereof.
  • One further object of the invention consists in the provision of means that may be adapted to terminals of various origins.
  • the said alterations consist in the change of the original electrical characteristics of the communication connectors of the terminals.
  • the said alterations consist in the change of the voltage value present in certain contacts of the said connectors.
  • the said alterations consist in the change of the impedance value between certain contacts of the said connectors.
  • the said alterations consist in the presence of an electrical voltage between contacts between which there is normally no difference of voltage.
  • the said alterations consist in an alteration of the voltage present between certain contacts of the said connectors.
  • the said alterations consist in a consumption of energy outside of the ranges of normal consumption of the said terminals.
  • the said alterations comprise an impedance value outside of the range of normal values of the said terminals, when measured between the points used to supply power to the terminal.
  • the said alterations consist in the change of the value of the electrical current in certain contacts.
  • the said alterations comprise the occurrence of a transient with characteristics different from that which normally occurs when the terminal is powered up.
  • the equipment used comprises circuits that provide a luminous indication of the existence of adulteration in the terminals.
  • the said equipment is coupled to one of the external connectors of the terminal being tested, where the said luminous indication occurs when the voltages present in certain pins of the said connectors show values different from those presented in original unadulterated terminals.
  • the said equipment comprises serial circuits including a light emitting diode (LED) intercalated between the said certain pins, where the lighting of the said LED indicates the presence of a difference of voltage between pins, while there is no such difference of voltage between those pins in the genuine terminals.
  • LED light emitting diode
  • the said equipment comprises a device that prevents the flow of current through a LED when the voltage between the said certain pins is lesser than the value existing in the genuine terminals.
  • Figure 1 is an electrical blueprint diagram of the equipment used to detect adulterations in terminal model i5100 of the manufacturer Ingenico.
  • Figure 2 is an electrical blueprint diagram of the equipment used to detect adulterations in terminal model i3500 of the manufacturer Ingenico.
  • Figure 3 is an electrical blueprint diagram of the equipment used to detect adulterations in terminal model Nurit 8320 of the manufacturer Verifone.
  • Figure 4 is an electrical blueprint diagram of an alternative version of the equipment shown in the preceding figure.
  • the identification of adulteration in the terminals is carried out by detecting a voltage in contacts between which there is normally no difference of voltage.
  • this voltage difference is apparent between contacts nos. 1 and 4 of the RS232-1 external connector.
  • the detector equipment comprises a male connector 10 that plugs into the terminal's RD232-1 communication connector, the said connector being connected by way of an eight-conductor cable 11 to the detector equipment itself 12. Inside the latter there is provided a serial circuit formed by a 47-ohms resistor 14 provided in series with a LED 15, intercalated between contacts nos. 1 and 4.
  • the presence of a difference of voltage between the contacts nos. 1 and 4 of the RS-232 connector is transferred to the detector equipment, causing a current to flow across the resistor 14 and the LED, which will light up to indicate the existence of adulteration in the terminal.
  • detector 24 depicted in Figure 2 which identifies alterations in the external connector of the PinPad terminal model i3500 of the manufacturer Ingenico.
  • the detector is intercalated between the RJ45type Jack 28d, which connects to the original feed cable connected to the cash register, and the female RJ45 connector 21 of the PinPad i3500 (not shown).
  • the connector 21 is mounted on the first end of an eight-conductor cable 22, in which second end there is mounted a male RJ45 connector 23, which couples to the input connector 25 of the detector equipment 24.
  • the pins 2 and 3 of this latter connector are connected, by means of the said cable, to the pins with the same numbering of the PinPad connector 21.
  • these pins are connected to the pickup unit in order to provide an access through which the defrauder will extract the stored data. Due to this connection, there is a voltage difference between pins nos. 2 and 3 of the external connector 21 of the PinPad terminal. This voltage difference is transferred to the detector equipment and activates the LED 27, accusing the presence of adulteration in the terminal.
  • FIG 3 there is illustrated a blueprint diagram of a detector that indicates the existence of the pickup unit installed in a terminal of the type described.
  • the voltage between pins nos. 1 and 3 of the external connector intended for connection with a PinPad is of the order of 16 Volts. In an adulterated terminal, this voltage has s substantially lesser value, which may be as low as 5 Volts.
  • the detector circuit comprises, in addition to the LED 38 and the resistor 37 connected in series, a voltage regulator 34 also connected in series with the mentioned components, forming a serial arrangement between pins nos. 1 and 3 of connectors 31 and 33.
  • the voltage regulator In normal conditions, that is, with a voltage in the order of 16 Volts between the said pins, the voltage regulator operates normally, supplying sufficient power to light up the LED 38. In case of a lower voltage between the said contacts, the regulator ceases to operate and the LED 38 does not light up, which indicates the existence of adulteration in the terminal due to the installation of a pickup means.
  • the voltage regulator integrated circuit may be substituted with a component or a set of components that block the flow of current when the voltage between the monitored contacts falls below its normal value.
  • Figure 4 illustrates an alternative version of this circuit, where the voltage regulator L7805 was substituted with a Zener diode 39 with a voltage conduction value of the order of 16 Volts. Should the voltage between contacts nos. 1 and 3 be lower than this value - for example, 10 Volts - the Zener will cease to conduct and the LED will remain unlighted.
  • the detection can be carried out by monitoring the current transient that occurs upon applying power to the terminal.
  • the characteristics of the power-up transient such as the current intensity peak, the duration thereof, its shape, etc.
  • this survey there will be determined the range of values deemed normal, such that the detection of values outside of that range - for example, of current peak - will indicate the existence of adulteration in the terminal.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Cash Registers Or Receiving Machines (AREA)
  • Medical Treatment And Welfare Office Work (AREA)
  • Details Of Connecting Devices For Male And Female Coupling (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un procédé et un équipement pour indiquer la falsification dans un terminal de lecture de carte du type POS ou PinPad, sur la base de l'identification de modifications dans les caractéristiques électriques du terminal. Une telle falsification consiste en l'installation frauduleuse, à l'intérieur du terminal, d'un dispositif de collecte qui stocke les informations et les mots de passe des cartes qui sont traitées par le terminal, ces données étant utilisées ultérieurement pour le clonage de cartes. Lesdites caractéristiques électriques comprennent, entre autres, des modifications dans les valeurs de tension mesurées entre certaines broches du connecteur externe du terminal, lesdites modifications étant la conséquence de l'installation frauduleuse dudit dispositif. L'équipement indique la présence du dispositif de collecte par l'activation d'un témoin lumineux, tel qu'une DEL.
PCT/BR2009/000043 2008-02-21 2009-02-19 Procédé et équipement pour indiquer la falsification d'un terminal de lecture de carte WO2009103136A2 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
BRPI0800254-1 2008-02-21
BRPI0800254 BRPI0800254A2 (pt) 2008-02-21 2008-02-21 método e equipamento indicador de adulteração em terminal de leitura de cartões

Publications (2)

Publication Number Publication Date
WO2009103136A2 true WO2009103136A2 (fr) 2009-08-27
WO2009103136A3 WO2009103136A3 (fr) 2009-10-22

Family

ID=40897331

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/BR2009/000043 WO2009103136A2 (fr) 2008-02-21 2009-02-19 Procédé et équipement pour indiquer la falsification d'un terminal de lecture de carte

Country Status (2)

Country Link
BR (1) BRPI0800254A2 (fr)
WO (1) WO2009103136A2 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2466505A1 (fr) 2010-12-01 2012-06-20 Nagravision S.A. Procédé d'authentification de terminal
US11062548B2 (en) 2017-05-17 2021-07-13 The Toronto-Dominion Bank Card reader tampering detector

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH02165582A (ja) * 1988-12-19 1990-06-26 Nec Corp 接続チェック回路付コネクタ
FR2659770A1 (fr) * 1990-03-14 1991-09-20 Sextant Avionique Dispositif de detection de carte a circuit integre frauduleuse.
US6799274B1 (en) * 2000-03-30 2004-09-28 Western Digital Ventures, Inc. Device comprising encryption circuitry enabled by comparing an operating spectral signature to an initial spectral signature
JP2006109943A (ja) * 2004-10-12 2006-04-27 Kita Denshi Corp 不正検出回路、遊技機及び遊技場システム
WO2008034653A1 (fr) * 2006-09-19 2008-03-27 Siemens Aktiengesellschaft Procédé et arrangement pour constater une manipulation non autorisée d'un équipement électrique

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH02165582A (ja) * 1988-12-19 1990-06-26 Nec Corp 接続チェック回路付コネクタ
FR2659770A1 (fr) * 1990-03-14 1991-09-20 Sextant Avionique Dispositif de detection de carte a circuit integre frauduleuse.
US6799274B1 (en) * 2000-03-30 2004-09-28 Western Digital Ventures, Inc. Device comprising encryption circuitry enabled by comparing an operating spectral signature to an initial spectral signature
JP2006109943A (ja) * 2004-10-12 2006-04-27 Kita Denshi Corp 不正検出回路、遊技機及び遊技場システム
WO2008034653A1 (fr) * 2006-09-19 2008-03-27 Siemens Aktiengesellschaft Procédé et arrangement pour constater une manipulation non autorisée d'un équipement électrique

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2466505A1 (fr) 2010-12-01 2012-06-20 Nagravision S.A. Procédé d'authentification de terminal
US8683581B2 (en) 2010-12-01 2014-03-25 Nagravision S.A. Method for authenticating a terminal
US11062548B2 (en) 2017-05-17 2021-07-13 The Toronto-Dominion Bank Card reader tampering detector

Also Published As

Publication number Publication date
BRPI0800254A2 (pt) 2011-04-19
WO2009103136A3 (fr) 2009-10-22

Similar Documents

Publication Publication Date Title
US7840493B2 (en) Prepayment system for electric power meters using a contactless smart card with an automatic supply cut-off device
Scaife et al. Fear the reaper: Characterization and fast detection of card skimmers
RU2428743C2 (ru) Фискальный принтер
US8522049B1 (en) Secure processor for extreme outdoor temperature conditions
JP2008516354A5 (fr)
US20110253788A1 (en) Monitoring current level and current into and out of the icc reader power contacts to detect a parasitic shim
CN106355096A (zh) 篡改检测
CN103794000A (zh) 读取非接触ic卡数据失败的处理方法及实施该方法的设备
US8985447B2 (en) Secure payment card interface
US9595848B2 (en) Controlling power provided to an automated banking system
WO2009103136A2 (fr) Procédé et équipement pour indiquer la falsification d'un terminal de lecture de carte
US10360416B1 (en) Card reader anti-theft devices and methods
EP1808830B1 (fr) Système de détection de fraude pour des terminaux d'un point de vente
US7202782B2 (en) Method and apparatus for disabling an integrated circuit (IC) when an attempt is made to bypass security on the IC
CN102542690A (zh) 自动交易装置以及自动交易方法
US20090064340A1 (en) Apparatus and Method to Prevent the Illegal Reading of Smart Cards
CN107808463B (zh) 提供用于进行交易的电力的设备、方法和计算机可读介质
US20220108591A1 (en) ATM Frauds Detection by Machine Learning System: SentryWare and SentryManager
WO2022064780A1 (fr) Dispositif de traitement d'informations et dispositif de transaction automatique
GB2028555A (en) Portable memory module
CN101000701A (zh) 用于避免挡住安全摄像机和非法取款的自动金融交易设备和方法
KR20030083805A (ko) 후불형 전자화폐 거래 시스템 및 그 방법
KR20040008747A (ko) 스마트 카드를 이용한 전자화폐 구매 단말기에서의전자화폐 수집, 정산장치 및 그 방법
KR20100025312A (ko) 금융자동화기기
KR20020089250A (ko) Usb 또는 ieee1394 인터페이스 방식의 구매 거래 수집 정산 장치

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09711635

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase in:

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09711635

Country of ref document: EP

Kind code of ref document: A2