One Eyed Techs

127.0.0.1 WHOIS

04/10-2020

The insecurity of NFC payments at Roskilde Festival

This post was originally planned to be released shortly after Roskilde Festival 2019, but the writing was discarded after an invitation to discuss my concerns on a radio program. Since then, I have revisited the field of proximity integrated circuit cards and even wrote my Bachelor project about contactless communication with the Danish travelcard.

In the light of Roskilde Festival 2020 being cancelled, I've decided to finish and publish the original post regarding the security of the NFC payment option at Roskilde Festival 2019.

As a new thing in 2019, Roskilde Festival added a chip with a proximity integrated circuit. Specifically a MIFARE Ultralight EV1. Several chip types exist within the MIFARE Family, the most popular being MIFARE Classic type. The MIFARE family is produced by NXP Semiconducters - formerly known as Philips Semiconducters.

Ultralight Memory Layout

Most of the MIFARE chip types offer some sort of security measure. For example read and write protection with keys, encrypted communication and even the possiblility of implementing things such as rolling key codes.

The Ultralight chip however, will not provide such precautionary measures. This essentially entails storage of unprotected data. So what better idea to use it as a payment token inderectly linked to your credit card?

As shown in memory layout from the MIFARE Ultralight EV1 datasheet, The Ultralight chip carries a total of 20 pages, each containing 4 bytes. Pages 0 through 3 are specially reserved for manufacturer data such as the unique identifier and lock bytes as well as one time programmable bytes. Page 4 though 15 allows for reprogrammable data storage while page 16 through 19 are used to configure memory access restrictions.

Ultralight Memory Layout

Without diving too deep into the technical details, the Ultralight chip is compliant with ISO/IEC 14443 A 1-3, which primarily means that it is compatible with other environments compliant with this standard. For example, the Ultralight chip will work with a normal payment terminal supporting contactless payments with credit cards. In fact, the chip type used in modern circuit integrated credit cards are of the MIFARE family as well. The much safer and secure DESFire chip type.

Everyone purchasing a ticket for Roskilde Festival 2019, would receive a wristband with a chip attached to it once entering the festival site. The chip was not mandatory for regular festival participants to use, but was used for access control at the entrance to the camping area belonging to volunteers and employees.

Everyone had the opportunity to link their wristband chip to a mobile application named 'RF Wallet'. Money could be transferred to the wallet with a credit card; or an automatic refill service could be set up, refilling the wallet once below a certain account balance.

The UID and manufacturer data is programmed on to the card at production and is not changeable by consumers. It is however possible to purchase chips allowing overwriting of data such as UID and manufacturer data. Cards with these chips are known as 'magic cards'.

With this in mind, lets take a look at the Roskilde Festival wristband chip memory.

Block#   | Data        |lck| Ascii
---------+-------------+---+------
  0/0x00 | 04 30 91 2D |   | .0.-
  1/0x01 | 2A 64 62 81 |   | *db.
  2/0x02 | AD 48 00 00 |   | .H..
  3/0x03 | 00 00 00 00 | 0 | ....
  4/0x04 | 00 00 00 00 | 0 | ....
...
 15/0x0F | 00 00 00 00 | 0 | ....
 16/0x10 | 00 00 00 FF | 0 | ....
 17/0x11 | 00 05 00 00 | 0 | ....
 18/0x12 | 00 00 00 00 | 0 | ....
 19/0x13 | 00 00 00 00 | 0 | ....
---------------------------------

The UID is programmed into the first two pages of the chip memory. It consists of byte 0, 1, 2 on page 0 and byte 4 through 7 on page two. Knowing this we can conclude the UID of the dump above is 04 30 91 2A 64 62 81. This is usually identified automatically when reading cards from NFC capable devices.

The certain chip type and the possibility of using it as a payment method raised some concerns. I contacted Roskilde Festival asking what, if any, security steps such as entering a PIN or two factor authenticating with the RF Wallet mobile application was needed when paying with the wristband chip.

Not until a month and two e-mails later, when the security concerns were addressed publicly, Roskilde Festival came back to me.

Roskilde Festival informed when paying with the wristband chip, the chip does not use any of the reprogammable data stored on it. Merely the 7 byte UID is used to authenticate with the payment terminals. This in itself isn't worrying since the data stored isn't encrypted in the first place. Using the stored data wouldn't enhance security, but might leave the system even more fragile. Since data stored in the page 4 through 15 is writable, participants experimenting with NFC in their smartphones might accidently overwrite data; deeming their chip unusable.

Surprisingly, Roskilde Festival also confirmed that a PIN code wasn't needed when paying with the chip either, leaving the chip payment method horribly exposed to exploitation.

Comparing this solution to a normal credit card purchase almost all security measures are stripped: Only the UID is used for authentication, none of the stored data is encrypted and no PIN is needed when paying. The EV1 version of the Ultralight chip allows a 32 bit password to be set to prevent unintended memory operations. This wasn't set either.

The RF Wallet app allows a user to automatically refill their balance, essentially making the wristband chip a completely insucure and open extension of their credit card. Once in possession of a UID changeable magic card or a device with capablities to emulate NFC chips, everyone with a NFC compatible smartphone or common research abilities could clone a strangers wristband chip.

Taking into account that people often are intoxicated and standing close to each other at concerts, just renders the chip-stealing process even more possible. And it's not of great difficulty to identify people who are paying with their wristband chip at stands or bars. There might even be several clones of your chip being used at the same time thoughout the festival. And you have no clue about it because you're intoxicated half the time, activated the automatic refill and do not compare the past spendings to the amount transferred to the RF Wallet according to your statement of account.

Ultralight chips are great for disposable ticketing systems or public transport as they deliver high functionality at a low cost. But when choosing to implement them with an option that indirectly links users credit cards to an unencrypted plastic chip on their wrists, security is critical. Luckily , as far as we know, no incidents of chip fraud happened during Roskilde Festival 2019. Roskilde Festival has also ensured me that they were aware of the security vulnerabilities present in their wristband chips, and if they chose to implement them again next year, the security will be carefully considered.