Apparatuses integrating memory card readers such as electronic payment terminals (EPTs) and automatic teller machines (ATMs) are a key element in measures taken to ensure securing electronic payments by users.
Indeed, electronic payment terminals are used to set up a link between the payment card and its holder, between the supplier and the network. Furthermore, they record the transaction.
Automatic cash dispensers are used to withdraw bank notes after the holder has been identified. They are routinely connected to the data-processing centre of the card-issuing banks during each transaction. Credit institutions are responsible for their operation.
These payment terminals comprise many securing devices and implement many methods to ensure that the apparatuses are employed in compliance with the use for which they were designed and that they meet the security standards laid down by certification organizations.
For example, in the field of electronic payment terminals (EPTs), the manufacturers are required, since Jan. 1, 2008, to comply with the PCI PED 2.0 (Payment Card Industry Pin Entry Device) standard.
This security standard consists especially in securing the entry keypad of the terminals by protecting the entry of the confidential code, and blocking the terminal in the event of intrusion (whether fraudulent or accidental).
However experience shows that, apart from the securing of the keypad, there is a problem in that making payment terminals available at sales points gives malicious third parties relatively easy access to these payment terminals. One recently observed fraudulent practice is that of snooping on confidential data in the input/output communications link commonly known as the “MC_IO” (Memory Card Input/Output) link. The term “inputs/outputs” also designates information exchanges between the processor of the payment terminal and the peripherals associated with it. This input/output communications link is directly connected to the memory card connector of the payment terminal.
In January 2010, Professor Ross Anderson of Cambridge University, a specialist in IT security engineering, made the headlines in the matter of data securing. He had discovered a way to falsify the interaction between a card and a payment terminal so as to trick the latter into believing that the cardholder had keyed in his code.
Thus, a novel form of fraud is that of the insertion into the payment terminal of a decoy making the payment terminal believe that the bank card holder has well and truly keyed in his or her confidential code. Such a fraudulent practice corresponds concretely to the insertion of a micro-bug or a software anomaly into the slot used to insert the payment card connector.
A bug of this kind can take various forms. For example, the bug may be an electronic micro-assembly used to snoop on transactional data between the payment card and the payment terminal. The bug may also correspond to a simple link inserted into the memory card connector, linking the input/output communications link of the payment terminal to an external assembly designed to snoop or perform any other form of malicious action against a user's bank data.
In order to protect the input/output link and the memory card connector, protection solutions have been developed. These solutions are of the “electromechanical” type implementing for example a flexible wire mesh or again a lattice of links on which voltage tests are performed for example.
These costly solutions are aimed explicitly at preventing access by an malicious third party to the input/output links and to memory card connectors.
In general, several wire meshes or lattices of links are associated in parallel to protect the MC_IO input/output link. A lattice of links implanted in one of the internal layers of the PCB (printed circuit board) can be used to protect the bottom side of the “MC” connector, while wire mesh (a flexible wire mesh having adjacent tracks covering the surface area to be protected) will be placed on the top side of the connector. And a third device (an IO cache) can be deployed in a position just facing the connection pins linking the connector to the PCB. This latter device is a mini-printed-circuit in which the lattice of links is implanted, the entire unit being connected (soldered) to the main printed circuit board so as to obtain a “mini-wall” between the connection pins and the slot for inserting the connector.
These various devices are tested on voltage levels or signals.
The drawback of these solutions lies in the fact that the wire mesh, by its nature, has holes which enable possible intrusion into the memory card connector or again possible deterioration of the input/output link.
Thus, to date, the inventors have not identified any simple and low-cost solution enabling protection as well as efficient surveillance of the input/output link and of the memory card connector against any intrusion by malicious third parties.