Jump to content
  • 0

Why Tap-to-Pay Is Safer Than a Credit Card Swipe



US was very slow to adapt this tech. COVID really pushed the era of digitization for our society

What people don't get about magstripe is that all your data is recorded on the stripe (like music on a cassette tape) and easy to read. To clone a credit card's magstripe, you just have to read the stripe and write it to another card. You get a perfect copy. But with chip and pin (and tap and pay - although the mechanism is a bit different) on the chip, there's a section of memory called "write-only memory" where a cryptographic key (half of a pair) is stored. It's called "write only" because you can write to it, but only the processor inside the chip can read it and even then, not directly. There's no reasonable way for a cloner to get the data back out short of decapping the chip (removing the top of it, also known as delidding) and using microprobes to trace the circuits while making a request.

The write only memory is attached to a dedicated crypto processor which cannot be asked for the key, rather you give it data and it either encrypts or decrypts using the key in write only memory and then returns the result. Because of how PKI (the system for the keys) work, there are two half keys - A and B and because of the maths involved, if you encrypt a message with A, ONLY B can decode it and if you encode it with B, ONLY A can decode it. If you have either A or B, it's extremely difficult to figure out the other key (it would take hundreds of years minimum even with the most powerful computer, although quantum computers may change that).

Your card has one of the two keys assigned to the card (A) - the bank has the other (B) - so when you tap, the terminal picks a random number, asks your card to encrypt it with A, then sends that encrypted message to the bank which then decrypts the message using your B key. It then re-encrypts the message using your B key and sends that back.

Remember, if you encrypt with A ONLY B can decrypt, and if you encrypt with B, ONLY A can decrypt. So if the card is valid, the card encrypts it with A which the bank can decrypt with your B. It never looks at the content - it just re-encrypts it with the B key and sends that back. ONLY your A key - the one on the card can decrypt it. And that results in the original random number that was sent. If they match, it's valid.

There are very few known ways to trick this system. There was a bug in the early version of the system that, if the attacker got the timing just right, could inject a repeat purchase into the pay terminal (it wasn't a bug with the card) that would look like the first purchase and cause two payouts, but the attacker had 45 seconds to complete it, and the bug has since been patched. Most attacks actually copy the magstripe and then make it look like the tap and pay or the chip card has failed to get you to fallback and use the magstripe.


Link to comment
Share on other sites

0 answers to this question

Recommended Posts

There have been no answers to this question yet

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Answer this question...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


Chatroom Rules

Be polite with others.

Respect is give-n-take and it doesn't cost anything!


  • Create New...