Each day in the United States alone over 100 million transactions aggregating $5 Billion are authorized and initiated by cardholders at over 400,000 Automated Teller Machines (ATMs) and seven million Point-of-Sale (POS) terminals. Securing the massive daily financial flow against fraud and loss relies upon protecting and verifying cardholder Personal Identification Numbers (PINs) using methods, structures, and cryptographic algorithms originating over twenty-five years ago.
Data security systems, such as financial systems, use security techniques and systems originating in the early 1980s that were based on technologies created in the late 1970s. Computational power, cryptanalytic knowledge, breadth of targets, and creative ingenuity accessible to potential attackers have grown dramatically since origination of the systems, while defensive technologies have scarcely evolved.
The Personal Identification Number (PIN) is a basic construct for establishing identity and authorization or consumer financial transactions. However, the current structure of the PIN block used in transmitting PIN data with a transaction is inefficient in the sense that further data security may be available.
Current PIN verification techniques are cryptographically weak, resulting in a data security vulnerability that even exceeds weaknesses in underlying keys and algorithms. These weaknesses can be attacked by an adversary, potentially resulting in a loss of data security.
Management of institutions and financial networks has expressed a desire for an off-line PIN verification capability that may be enabled by widespread usage of smart cards. For example, EuroPay, MasterCard, VISA (EMV Card Personalization Specification) smart card specifications provide off-line PIN verification by storing the clear PIN in the smart card. Verification is accomplished by comparing the entered PIN with the stored PIN, a simple technique that violates the basic security premise that the PIN is something that is known only to the customer, not written down, and particularly is not carried within the token that the customer presents to initiate the transaction.
A cryptographic algorithm with a secret key is difficult to use in an off-line environment because the terminal and the smart card, and perhaps all smart cards, may share a common key, creating security difficulties when security of either the terminal or the cards is breached.