23-07-2012, 01:23 PM
TellerPass
[attachment=28487]
Abstract:
TellerPass is a 3.5kbyte SIM Card applet for GSM phones, which
dynamically generates cryptographically secure PIN passwords that get
changed every 30 sec, and are used only once. These PINs can be utilized to access
bank accounts through ATM kiosks, or web-banking and phone-banking
sessions.
TellerPass is engineered to run in-synch with banking login servers,using an
autonomous and link-free architecture. PIN generation and check is performed
using synchronous distributed digital signatures. TellerPass bypasses the manin-
the-middle attack shortfall of conventional hardware OTP (One-Time-Pin)
generators, by utilizing the wireless network.
TellerPass applets from many different banking issuers can co-exist securely
inside a SIM card, adding a strong layer of security in the administration and
use of multiple banking account PINs.
Usability and interface
From a usability point-of-view, the user interacts with TellerPass in the following
manner.
The ATM user inserts his debit card in the card insert slot; the ATM immediately recognises
that this customer is a TellerPass user. Optionally, a 5 digit number is projected on
the ATM kiosk's screen (ATM check code) prompting the user to enter this number as a
launch code in his TellerPass application. Since most ATMs do not perform a video
capture of their user, this is an additional security feature, which helps to certify that a
legitimate user is present in-front of the ATM, and not somebody spoofing the transaction.
The user runs TellerPass in his cellphone , types the ATM suggested launch code and
presses the OK button. One second later TellerPass responds by displaying on the mobile's screen a 5 digit PIN password which is valid for 30 sec. The user enters this
TellerPass dynamic PIN on the ATM kiosk's keyboard and is immediately granted
access to his account. This dynamic PIN is automatically invalidated following its 30 sec
life-span.
Should the user need to use the ATM at a later time, a new TellerPass dynamic PIN must
be generated. The total amount of time required to run the applet, enter the optional
launch code and receive a dynamic PIN is less than 10 sec. TellerPass is a password
protected SIM application, although the user can disable this protection, simply relying
on the cellphone's SIM card PIN code protection.
The theory
Having described the user interface, it would be quite interesting to discuss how this
miniature application works. TellerPass and the Bank's ATM login server use a shared
secret to provide security. TellerPass is downloaded wirelessly and is installed on the
user's cellphone just like any other sim-card applet. Immediately afterwards, TellerPass
generates a Public-Private key pair inside the SIM Card. TellerPass sends its public key
with an SMS message to the OTA server. The OTA server sends back an SMS message
containing a secret bank-assigned subscriber ID, encrypted with the TellerPass public
RSA key.
TellerPass receives this encrypted SMS message and decrypts it with its private key. It
retrieves the secret subscriber ID that the bank has assigned and a displayable TellerPass
ID. TellerPass stores both keys safely inside the SIM card. In the test application we
have submitted, we used the standard mobile network DES encrypted SMS delivery,
which is adequately sophisticated to demonstrate the secure delivery concept of the
secret subscriber ID to the cellphone.
Alternatively, a bank might opt to send this data in writing by registered post-mail to the
user. The user would just have to type the data manually (usually a 16 digit number or
128 bit key) on his cellphone. As a secret number, a bank could equally well utilize the
user's current 'static' bank account PIN; the user will enter it once in TellerPass, which
will in turn get it transformed into a dynamic PIN. There are so many different options
that every possible security strategy can be accommodated.
[attachment=28487]
Abstract:
TellerPass is a 3.5kbyte SIM Card applet for GSM phones, which
dynamically generates cryptographically secure PIN passwords that get
changed every 30 sec, and are used only once. These PINs can be utilized to access
bank accounts through ATM kiosks, or web-banking and phone-banking
sessions.
TellerPass is engineered to run in-synch with banking login servers,using an
autonomous and link-free architecture. PIN generation and check is performed
using synchronous distributed digital signatures. TellerPass bypasses the manin-
the-middle attack shortfall of conventional hardware OTP (One-Time-Pin)
generators, by utilizing the wireless network.
TellerPass applets from many different banking issuers can co-exist securely
inside a SIM card, adding a strong layer of security in the administration and
use of multiple banking account PINs.
Usability and interface
From a usability point-of-view, the user interacts with TellerPass in the following
manner.
The ATM user inserts his debit card in the card insert slot; the ATM immediately recognises
that this customer is a TellerPass user. Optionally, a 5 digit number is projected on
the ATM kiosk's screen (ATM check code) prompting the user to enter this number as a
launch code in his TellerPass application. Since most ATMs do not perform a video
capture of their user, this is an additional security feature, which helps to certify that a
legitimate user is present in-front of the ATM, and not somebody spoofing the transaction.
The user runs TellerPass in his cellphone , types the ATM suggested launch code and
presses the OK button. One second later TellerPass responds by displaying on the mobile's screen a 5 digit PIN password which is valid for 30 sec. The user enters this
TellerPass dynamic PIN on the ATM kiosk's keyboard and is immediately granted
access to his account. This dynamic PIN is automatically invalidated following its 30 sec
life-span.
Should the user need to use the ATM at a later time, a new TellerPass dynamic PIN must
be generated. The total amount of time required to run the applet, enter the optional
launch code and receive a dynamic PIN is less than 10 sec. TellerPass is a password
protected SIM application, although the user can disable this protection, simply relying
on the cellphone's SIM card PIN code protection.
The theory
Having described the user interface, it would be quite interesting to discuss how this
miniature application works. TellerPass and the Bank's ATM login server use a shared
secret to provide security. TellerPass is downloaded wirelessly and is installed on the
user's cellphone just like any other sim-card applet. Immediately afterwards, TellerPass
generates a Public-Private key pair inside the SIM Card. TellerPass sends its public key
with an SMS message to the OTA server. The OTA server sends back an SMS message
containing a secret bank-assigned subscriber ID, encrypted with the TellerPass public
RSA key.
TellerPass receives this encrypted SMS message and decrypts it with its private key. It
retrieves the secret subscriber ID that the bank has assigned and a displayable TellerPass
ID. TellerPass stores both keys safely inside the SIM card. In the test application we
have submitted, we used the standard mobile network DES encrypted SMS delivery,
which is adequately sophisticated to demonstrate the secure delivery concept of the
secret subscriber ID to the cellphone.
Alternatively, a bank might opt to send this data in writing by registered post-mail to the
user. The user would just have to type the data manually (usually a 16 digit number or
128 bit key) on his cellphone. As a secret number, a bank could equally well utilize the
user's current 'static' bank account PIN; the user will enter it once in TellerPass, which
will in turn get it transformed into a dynamic PIN. There are so many different options
that every possible security strategy can be accommodated.