Card computing devices may provide, authentication, data storage and application processing in a variety of systems from mobile phones to automated teller machines and drivers licenses. Card computing devices may incur a card tear event at any time, when they are removed from a reading terminal or are moved away from a contactless reader. To maintain consistency in the presence of card tear events, there may be a mechanism to support atomic transactions, where a group of operations is either executed completely or reverts to the state prior to beginning the group of operations.
A transaction management system typically uses a dedicated memory region to store information about the performed operations that may be used to revert changes when transactions are explicitly or implicitly aborted. When a transaction is aborted due to a card tear event, the card computing device may lose access to a power source. When power is reconnected, the card computing device may attempt to revert the operations performed during the incomplete transaction. However, it is necessary to ensure that the memory (e.g., an electrically erasable programmable read-only memory, or EEPROM) of the card computing device has not been tampered with in an attempt to modify the memory region containing transaction data. Such modifications could permit an attacker to cause the card computing device to perform some unintended operations, such as modifying or leaking sensitive data.
To address this security risk, card computing devices may use some kind of verification to protect the transaction data. One method is checksum verification, where transactional memory contents are tracked with a checksum. After a power reset, the card computing device may verify the checksum and revert the operations performed during the incomplete transaction.