Root shell on a credit card terminal
249 comments
·June 1, 2025Disposal8433
lelanthran
> There is no real protection on card readers (most use Linux with a small shitty password).
Sure there is: only signed binaries can run, executable filesystem is read-only, data filesystem has noexec bit set, root login is disabled, crippled busybox misses a lot of functionality, keys are loaded from a secure area on bootup, master key injection only available when loading at the factory, bootup itself is more or less secure, tamper detection blanks the chip, etc.
Sure, if you have a cheap non-EMV certified Android terminal imported from Asia it'll probably use a standard Linux, with a rw root filesystem, with root login enabled *and* sudo enabled for the username used to execute applications, tamper-detection is non-existent, screen-casting not locked down, ports are all openable and busybox is more or less complete.
Source: Me. I developed (and still sometimes do) EMV applications for card acquisition for a few years. Even in dev mode (which requires the vendor to provide IDs of the developers), these things are very much locked down solidly.
cluckindan
The OP device tried to mount a USB volume and would have started dropbear if it had been found (presumably in PATH). Maybe maybe maybe…
account42
> Even in dev mode (which requires the vendor to provide IDs of the developers), these things are very much locked down solidly.
Probably different vendors but this has not been my experience.
null
pabs3
Have you considered using dm-verity instead of signed binaries?
lelanthran
> Have you considered using dm-verity instead of signed binaries?
Why? I don't see any benefits.
In any case, the developers don't get a say in what is used to secure the terminal. The manufacturer decides that, then they get the hardware+firmware certified.
The terminals the developers get are already certified and locked down.
Y_Y
If I buy a device it sure as shit better give me root.
If a payment system is relying on my local privilige on some random-ass device to authenticate a payment it deserves every garbage request it gets.
account42
In many cases you are not buying these devices, you are only renting them.
lelanthran
> If a payment system is relying on my local privilige on some random-ass device to authenticate a payment
What makes you think it does?
fragmede
> If I buy a device it sure as shit better give me root
how's that been working out in practice? change the ring tone on your washing machine, dryer, and microwave already?
timewizard
> Sure there is: only signed binaries can run, executable filesystem is read-only, data filesystem has noexec bit set, root login is disabled, crippled busybox misses a lot of functionality, keys are loaded from a secure area on bootup, master key injection only available when loading at the factory, bootup itself is more or less secure, tamper detection blanks the chip, etc.
Sounds good. Has anyone been hired to attempt to attack the device and find vulnerabilities?
lelanthran
> Sounds good. Has anyone been hired to attempt to attack the device and find vulnerabilities?
In the company I work with, yup. I'm not sure about the rest of the industry, but the security in place ensures that even the developers of the EMV applications are treated as hostile actors.
The certification process itself does do a little bit of malicious attempts too (try to get the terminal to do something out of spec, like during pin-entry, etc).
miki123211
> The protection comes from the contracts and regulations between the shops and the banks.
While the comment is not quite true (see sibling replies), this part is spot on.
This is also why crackpot theories about people walking around with portable card readers and stealing money from contactless cards are false. Yes you can walk around and make those transactions, what comes after (and the setup you had to do before) is the problem. I'm not even sure whether you could get the money out before being caught and shut down. With how many people these days have push notifications for their transactions, I highly doubt that.
stephen_g
I did somehow have two different cards (an Amex and a Visa) compromised at the same time about two months ago, and I do wonder if it was some kind of skimmer setup - if it was just one of them then I'd assume it was just some online store I'd used it at that had been hacked, but I've not used both those cards on the same sites.
I got a notification asking me to confirm a transaction on the Visa and then looked in my app and found they'd actually got another transaction pending at a hotel. I called them up and the hotel said they would "kick out the guests" and refund me. Not sure why they didn't want to call the police on them, because when I called later they said I should report it to the police, but all of the transactions had been refunded so I literally had zero loss and there was nothing really to report... It was them who'd provided the services and suffered the loss, the hotel should have had the police remove them!
Anyway, on the same day the Visa had been used at the hotel, I also had some fraudulent transactions on the Amex, although most of them seemed to be automatically refunded by the vendor themselves (so maybe it was flagged by the vendor's anti-fraud mechanisms and refunded to avoid a chargeback from American Express) before I cancelled the card. They'd tried three times with a similar amount and they'd all refunded.
The other weird thing was that the hotel that the Visa was used at claimed that it had to be a card-present transaction or in a digital wallet, but I didn't get any notification about it being enrolled in a digital wallet and I always had the physical card with me. So not sure if that was mistaken or BS or if they managed to somehow fake the digital wallet.
But yeah it didn't work out for them because I caught the transaction the same day they'd checked in to a hotel with the card and then both were cancelled that day...
ummonk
Depending on how reputable the hotel was, it's possible they were in on it and the guests weren't real.
NoahZuniga
Maybe they wanted you to call the police, because the money was taken from your account fraudulently.
champtar
I remember when contactless was introduced in France, someone from the CB bank card group (https://en.m.wikipedia.org/wiki/CB_Bank_Card_Group) said that contactless was secure because you are insured. At that time France was already using chip+pin for a while.
At the end of the day the money only goes from one bank account to another, account can be frozen, charge reversed, ... So you just need to secure the POS enough that user feel safe to use it and there is a low number of people that can hack them and are willing to risk prison.
girvo
> Yes you can walk around and make those transactions, what comes after (and the setup you had to do before) is the problem
I mean with the amount of stolen card details routinely traded and used successfully (at least for a while) and with how little crime like that is investigated or punished in some jurisdictions, I dunno...
Still it's not quite as simple as "taking the money from your card" like said crackpots think.
MyPasswordSucks
> I mean with the amount of stolen card details routinely traded and used successfully (at least for a while) and with how little crime like that is investigated or punished in some jurisdictions, I dunno...
There's a huge difference between me using your credit card to buy stuff off Amazon (chance of success: somewhere between "doubtful" and "near-definite" depending mostly on geographical factors and your particular bank), and me walking around with a hacked card reader and stealing money out of your account by dialing in phony transactions directed to my account (chance of success: somewhere between "zero" and "also zero, but with a decimal point followed by more zeroes").
jojobas
Didn't people manage to present a remote card (i.e. in a mark's pocket) to a legitimate terminal through an NFC tunnel of sorts? Limited to no pin required amounts, but still.
mihaaly
Aren't the contracts and regulations holding back the honest people only? But not those who violate contracts and regulations, like the dishonest ones?
glitchc
> There is no real protection on card readers (most use Linux with a small shitty password). The protection comes from the contracts and regulations between the shops and the banks.
I'm afraid that's not true. Merchant terminals have secure hardware embedded inside to store the bank and interchange keys. If those keys leaked, someone could spoof legitimate transactions.
kuschku
> If those keys leaked, someone could spoof legitimate transactions.
You mean, whenever those keys leak. It's not that hard to do, see e.g. https://media.ccc.de/v/32c3-7368-shopshifting#t=2207
glitchc
Yeah it's definitely an arms race. Interestingly, technology in the States lags behind the rest of the world. Every other country has moved on to chip and PIN, 2FA, obe time tokens and asymmetric cryptography. Whereas in the US, one can still find 3DES signatures and unencrypted authorization codes usable for a time duration (read: multiple transactions).
It seems that the banks here are okay with a certain percentage of shrinkage as long as merchants don't have to upgrade and consumers are not inconvenienced. The banks prefer to eat the cost to maintain large fraud and dispute resolution departments. Whereas elsewhere in the world they're much smaller and mainly focused on correspondent banking. It's really interesting to see that the "customer is always right" policy has such a strong influence on the financial sector.
csinode
I'd be more worried about someone compromising a card reader in the field and reading cached/stored real CC details, or installing some kind of intercepting malware. (That does seem to be difficult/impossible in this specific case, but it means research in this area is relevant.)
rockbruno
Aren't credit cards nowadays basically physical private keys? IIRC transactions are one-time payloads signed specifically for that operations, so intercepting that won't help you if I'm not mistaken about how cards work nowadays.
literalAardvark
Kind of, but if you control the card reader you could charge more for the transaction without showing the amount, for instance. And maybe even send the money to a different account.
weaksauce
unless it's changed recently that only applies to tap and chip payments (which you should always prefer to avoid card skimmers) and not the old slide the ~~barcode~~ magnetic strip kinda payment.
nine_k
Someone with a root access to a card reader could just make it collect CC details with every transaction, no caches needed. It could also make certain transactions "temporarily fail", while siphoning a certain amount of funds to another, legit-looking, merchant under the hood.
jhugo
> could just make it collect CC details with every transaction
Only if the card is swiped (magnetic stripe) rather than tapped or inserted. EMV doesn't expose the full card details to the merchant; the card signs a payload with its internal private key and transmits it.
And the OP's root access wouldn't give card details in any case, because they didn't get root on the part of the reader that processes the transactions.
christina97
There are much easier ways to skim cards than hacking the terminal.
account42
Not without leaving physical evidence.
reaperducer
I'd be more worried about someone compromising a card reader in the field and reading cached/stored real CC details, or installing some kind of intercepting malware.
That's happened at least several times already.
I believe breached PoS terminals were what happened in the big Target hack.
lelanthran
> I believe breached PoS terminals were what happened in the big Target hack.
The problem is that PoS terminals are not EMV terminals. EMV terminals have been through a certification process, and the hardware part of that certification ensures that the vendor only runs signed-binaries.
Honestly, even if you could write and sideload (or even replace) the applications on the EMV terminal, I do not see a way to get them to a) run, and then b) send money elsewhere.
adolph
This story about a physical card reader checker to detect skimmer devices was interesting and posted here a couple years back.
stef25
> You can make fake debit/credit card transactions on a $2 USB card reader
Not asking "teach me how to do this" but could you explain in a little more detail ?
quesera
I believe GP is confused.
You can read a card (stripe) with one of those cheap readers. The magnetic stripe is not encrypted and you can extract the card number (PAN), expiration date, and cardholder name. Some other less important bits too. You cannot extract the CVV this way, but that is not required for transactions.
Most cards are EMV now. That data is encrypted and it's read/write. These keys can leak, putting you back into a similar state as if you'd read the card via magnetic stripe.
But no amount of card reading gives you the ability to submit transactions to the network. For that, you'd need merchant credentials for their gateway or processor, and you'd usually need to have a presence on the merchant's network (to get through the upstream firewall).
These are all achievable things. Doing so gets you the ability to create transactions against the card. These transactions will be submitted to the network and approved or declined. If approved, funds will settle from the issuing bank to the merchant bank, possibly in multiple steps.
I'm oversimplifying a bit, but the essential point is that funds will settle to the merchant's bank account, not yours. You can cause some headaches, but you cannot steal money.
The compromise of a credit card terminal is only interesting because it gives an attacker the ability to steal the card details for all cards that are subsequently used at the compromised terminal. They can be saved and retrieved later, or sent out to a C&C server, etc. Then these card details can be used for all the usual types of credit card fraud.
account42
Wouldn't the concern being redirecting the money to a different merchant account? Of course that would mean you are easily tracked down when found out but I'm sure you can find a way that some schmuck who doesn't actually know anything about you ends up with that role.
Then again, changing the merchant account is usually only protected by a numerical PIN so you wouldn't need root access. Maybe it would be to send the original requested amount to the expected merchant account but also do a separate smaller transaction to your own account?
fragmede
this is all true, but if you've compromised a merchant deeply, it doesn't seems impossible to run a $1 charge as a (bad) customer and then give that customer (you) a, say, $1,000 refund.
bogantech
> But to validate those transactions, you must send them to the bank over the internet
Not how it works at all, banks don't have some open API on the internet for processing card transactions
tialaramex
I agree that this isn't how it works.
The first thing to understand at an even higher level about payment cards is that they have always had two separate and barely related components, Authorisation and Settlement.
Authorisation is concerned with whether this specific transaction has been approved in some sense by a card issuer. Authorization today is relatively high tech, there's somewhat decent cryptography, tamper resistance, uniqueness = they really care - and that's because when Authorization problems occur the banks might lose money, which they hate.
Settlement is "just" moving the money from one customer to another. $123.45 from Jim Smith to Terrible Goose Inc, done. This is very mid-late-20th century technology, we're not talking pieces of paper and scribbly hand writing, but fixed width ASCII fields on magnetic tape is fine - it's the customer's money so the banks don't care more than legally required.
Settlement replays are how you get "accidents" where a big store's customers all get charged twice for a whole day - the associated Authorizations can't be replayed, that's the banks money at risk - but the settlements aren't protected.
Merchants can, and some do, choose not to care about Authorization. In a huge business it could make sense to eat say 2% of sales as undetected fraud (ie you never receive payment) rather than have any transactions fail. If you operate a food truck using a terminal to take $1000 per day on your iPhone the people who supply your terminal may not let you opt out because that's risk they don't want. But if Jeff Bezos or Doug McMillon makes more without Auth he's turning it off.
quesera
This terminology is not quite right for the US. I'm assuming you're from elsewhere due to the "s" in authorization. :)
In the US, the two steps for the merchant are Authorize (optional) and Capture. If both steps are performed, it's a dual-message transaction. If you skip Auth, it's a single-message transaction.
Settlement of funds is a multiparty bank-bank-bank operation, in which merchants are not directly involved.
nine_k
It's over the Internet, because you're not going to run a dedicated fiber to every card reader. But it's not over the unprotected internet; your card reader will establish a VPN connection of sorts, or at least talk via an encrypted channel (think TLS) is you use e.g. a Square terminal.
Not that a random person can hit these endpoints, unauthenticated, and try to run a transaction.
salawat
Correct. In point of fact, payment cards/merchant networks are quite literally just that. You get a credential, and that credential can be revoked if you get up to something sufficiently heinous to warrant the ostracizing.
People would be surprised if they really took the time to learn how much of life is just operating on good graces.
NoahZuniga
I mean, maybe they don't have an open API, but they sure do have an API on the internet. Surely the payment terminals are communicating with the issuing bank in someway, perhaps over an interface of some kind.
I believe what this comment is getting at is that making fake transactions is useless without a connection to a bank that will execute them.
myflash13
What if you live in a country where Visa/Mastercard works but is way out of the jurisdiction of the feds?
Toritori12
I thought most POS devices stop accepting "offline" payments.
sgjohnson
Maybe today, when the line between a Credit and a Debit card has gotten significantly blurrier (except in the US).
I definitely remember making an _offline_ payment with an AMEX card at a restaurant in the UK some 10 years ago.
Also, most airlines that take payments on board also run the terminals in offline mode.
There must be some mapping of BIN codes and whether to allow an offline transaction.
glitchc
It's up to the merchant to decide if they want to support offline payments and to what limit. The terminals certainly allow it. Your transaction will be stored in a secure way (either encrypted or in a secure element) until the terminal reconnects.
The way the rules are set up though, the risk of a failed offline transaction is almost entirely borne by the merchant. In most cases the merchant is unwilling to accept this risk and disables the feature.
LeonM
> Also, most airlines that take payments on board also run the terminals in offline mode.
Anecdotal, but most airliners I have recently flown with seem to have switched to online POS terminals, though they do still seem retain offline payment functionality as a fallback. I've seen payments being made, only for the flight attendant to return back to the passenger a few minutes later to inform that the payment was declined. This was over the ocean, so definitely no ground communication.
Airplanes for commercial flight all have VHF/HF or satellite connectivity, the've had that for a long time already. It's used for functionality like ACARS, voice connectivity, remote monitoring / diagnosis, etc. I can imagine this can also be used for payments and other low-bandwidth functionality.
Most airplanes also have WiFi access points on board, even when not offered to passengers. Typically these use hidden SSIDs. Speaking to an airplane tech once I know these are used for flight-crew handheld devices such as the POS terminals and iPads.
I happen to have a few friends that are pilots (all working for the same company) and they told me that their entire fleet already has Starlink terminals retrofitted, though they aren't offering that to passengers yet.
I guess what I'm trying to convey here is: the era of airplanes being 'offline' is already behind us.
null
joshstrange
Aside from the fact that I wouldn't know what I was looking at, I've been tempted to crack open one of the Stripe M2 readers I have and look inside.
Unfortunately, out of 36 readers that I bought, 7 have "died" (2 won't hold a charge, 1 won't scan NFC, and 4 report "tampered"). That attrition rate is pretty bad on the surface but it doesn't tell the whole story of course, how often were they used? How old are they?
The answer to those questions is much more damning. The devices are 1-3 years old (I bought them over time) and have been used a max of 9 days total [0]. Yes, 9 days _total_ of use and 7 of 36 readers failed in some fashion. Oh, and the readers are all kept in hardshell cases with foam inserts (1 slot per reader) whenever they are moved.
Needless to say, I'm not a huge fan of the M2 readers but they are still the best option for me :/
[0] Some background, my company handles festival payments. We travel to events and handle the in-person payments (most happens on web/app) with iPads+M2 Readers. That's why there are so few "days of use" over 3 years.
mrbuttons454
I'd be sure to charge them before storing them for the next show. Most batteries don't like being stored for long periods in a low SoC state. And I'm sure the tamper requires a functional battery.
joshstrange
All readers are charged for a day minimum after a festival before I pull the power. I then normally power them up at least a week before the next event so I can update them all and check that no more have randomly died on me. I keep a healthy buffer of devices so that I can replace them without paying for express shipping from Stripe which saved me for the last event I did where I had 6 of them die (before that pre-event check I only had the 1 bad NFC reader from the previous year).
I have to assume that one of the hard-shell cases got thrown around a little too much which caused 4 readers to go into tamper mode. 3 of the tamper mode readers were in the same case but the other was in my nicest case and still had the issue ("nicest" = custom made case vs pick-and-pluck-style).
The tampers I can somewhat understand (still just so odd to have 4 die "at once"), maybe they did get banged up, but the failed NFC and not holding a charge issues are less acceptable to me given the time/use.
VladVladikoff
Just curious if you have experienced equipment issues with stripe equipment that is not battery powered. I am about to pull the trigger on a POS decision and strip is a contender in my choices, but this is for wired devices not wireless.
londons_explore
It's also possible that the root shell is opened up when the tamper seal is triggered.
Ie. The system is either in secure mode (with all necessary crypto keys for operation), or it is in insecure mode with a root shell open for debugging and failure analysis, but that transition also deleted the critical private keys.
fp64
Was my guess as well, maybe it's even possible to use it to flash new keys so the device can be used again?
Now I am curious if I can find a terminal myself, if they are actually getting phased out it might not be too difficult to find a used one...
stgl
I had the same idea, but no, I tried with a second, untampered one and I also got a working shell. So it does not seem to be dependent on the tamper state.
numpad0
wtf? are you saying the shell can be hypothetically drilled for root access without triggering the tamper detection? that'll be ACTUALLY bad...
lelanthran
> Was my guess as well, maybe it's even possible to use it to flash new keys so the device can be used again?
What keys would you flash them with? Anything encrypted with your "new" keys can't be decrypted on the other end of the transaction anyway, so what would be the point?
fp64
Pretend that I have to pay to watch TV at home? I don't know, sounded fun to me in my head
Plus I meant for the manufacturer to "repair" it. Maybe tamperproof gets triggered if you accidentally drop the device in an unfortunate way
mrbluecoat
For those easily excited:
> the exposed root shell does not seem to be as big of a risk as initially feared. ... I could not find any evidence that sensitive data, such as card details, could become compromised this way
A good read for security designers, though.
LunaSea
I highly doubt that having root a physical access to a terminal doesn't let you read credit card numbers.
In security, physical access and to a lesser extent root access are equivalent to a guaranteed hack.
kbolino
Which is why modern card technologies like chip cards and tap-to-pay don't expose the sensitive numbers at all. The card reader can't steal a number that doesn't exist. Only magnetic stripe cards are so insecure, but the card reader exploited here doesn't even have a magnetic stripe reader.
That having been said, this isn't perfect security. While a chip/tap card is in contact with the reader, it can still be used for fraudulent purposes. And physical access can open the door to other exploits, like trying to break the card's own security or installing a camera to capture images of the card.
Tijdreiziger
> […] the card reader exploited here doesn't even have a magnetic stripe reader.
It does, it’s on the right side of the terminal.
https://worldline.com/content/dam/worldline/local/sl-si/docu...
zahlman
> Which is why modern card technologies like chip cards and tap-to-pay don't expose the sensitive numbers at all.
How can they verify the transaction details without those numbers?
__MatrixMan__
If this terminal is anything like the ones I've worked with, the device he had a root shell on was only the "same device" as whatever handles the card details in the sense that it lives in the same housing and on the same PCB. They are otherwise two separate computers.
In my case, the "outer" system was Android, so we could use ADB to control it however we liked--with relatively lax security. The "secure board" only took over for the part where it had to handle payment details. In order to test the payment flows we ended up revamping a bunch of 3D printers to hold a stylus instead because the inbuilt android tools couldn't see or touch anything that secure board was doing except for a relatively narrow set of actions like "start payment flow for $X" and "user canceled" and "payment for $X complete".
emidln
If you take a look at the binary that decides whether to boot the secure firmware or the tamper screen, it's probably trivial to patch to get the secure firmware running for more inspection. If the point of the linux system is networking and updates, that implies a method for updating the firmware of the secure portion which isn't ideal. If their check for whether it's tampered or not is in the linux userland, I'd be awfully suspect of their firmware update.
stgl
The binary that decides whether to boot or go into tamper mode is the "loadercode", which is integrity-protected (I think by a Boot ROM or similar).
The secure firmware can be updated, but it is signed as well.
pelorat
These are all over the Netherlands, this particular model. They don't accept any credit cards, only debit.
Ambroos
That depends on how they're set up. There is no real protocol difference between MasterCard and Visa debit vs credit. Delhaize in Belgium also uses them and you can definitely use all types of credit cards with them (at least Visa/MC and even AmEx).
zoobab
And Belgium. I paid this afternoon in a supermarket with this model.
IshKebab
Read the article. The actual work is done by another processor that only runs signed images.
null
ttkari
Reading about all the tamper detection on the device makes me wonder what would be the easiest way to trigger the tamper mode. After all, being able to do that on just a handful of devices would be an efficient denial of service attack on a retail location when the majority - and sometimes all - of payments go through these things.
neop1x
Dropping it on the floor or pouring water on it.
ComputerGuru
The (compromised) Linux decides whether to load the “compromised mode” code or the mp1 secure system? Sounds like an avenue to explore. It says the bootloader itself is secure, but that doesn’t mean much if it’s being loaded into a compromised environment, depending on where it is actually being executed. I guess the coprocessor could be considered a Secure Enclave of Sorts, but the fact that Linux could load a separate bootloader and run that (somehow) is of concern.
stgl
No, it cannot load a separate bootloader. I tried to tamper with the loadercode (the "secure" bootloader), but it wouldn't boot. So I am guessing there is some third party (boot ROM) that verifies it.
Also, I think Linux always loads loadercode + mp1.img, regardless of the tamper state. The different code paths depending on tamper state are taken within the (integrity protected) loadercode.
ComputerGuru
Keep in mind that no tamper mode will be set if you use the external debug interface. If Linux is used for networking then maybe you could MITM payments.
_djo_
The card details and payment are encrypted and then signed by the firmware running in the secure/trusted zone, using public keys provided by the acquirer.
halpow
If you want to try easy mode, check out those newfangled android-based credit card terminal. I bet they're much more rewarding, especially since you tap your pin on the screen. Juicy.
bmurray7jhu
The touch controller is generally connected to a MUX controlled by the security processor. When entering sensitive data (PIN/PANs), the touch controller output is routed directly to the security processor, bypassing any Android-derived OS responsible for the GUI.
tgsovlerkhgsel
And as a user, I have absolutely no way of distinguishing this from a device that had all secure features removed, and is running a random Android that proxies the NFC or chip data to a real reader, siphoning off what they can, while my PIN gets proxied by a human typing it into the real reader in real time. All I'd notice is a second or so of latency.
grishka
Do you have a way do make sure that a terminal with physical buttons is secure? To me, the touchscreen doesn't make the whole device inherently less secure.
As far as I understand, the whole system is designed to make replay attacks useless. PIN on its own doesn't allow you to make a transaction, neither does it in combination with a recorded conversation between the reader and the card during a successful transaction. There's some asymmetric cryptography involved with the private key stored in the chip on your card and every signed payload containing a random nonce.
_djo_
The PIN data is still encrypted even when displayed on a touch pad, using user interfaces controlled by firmware running in the trusted zone.
So the applications in between, that would be accessible in an attack like this, can't view the PIN.
jeroenhd
That'd get you the PIN quite easily, but if they're designed the same way (with all the important bits being handed off to a secure secondary processor) you still wouldn't be able to do much with the card as modern cards do a whole load of cryptography on-card to prevent stuff like this.
The attack would only work on terminals where every payment option but the magnetic card reader is broken, but those should give off skimmer alert alarm bells before you ever see a PIN prompt.
Liftyee
Bravo!
I love thinking of ways to exploit and circumvent hardware restrictions like the extensive tamper protection here, but it seems I'd assumed that once they were triggered it was game over. Apparently not so - still plenty of interesting bits left over to poke around with. Makes sense that the secure part gets properly disabled though, otherwise I'd lose all confidence in their designers.
lxgr
That's possibly still true for the hardened processor: As TFA notes, that's not what was compromised here.
> [...] only text strings seem to be passed to a binary (display_tool), that issues some inter-processor messages. The same goes for the key pad or the card reader itself. I could not find any evidence that these peripherals could be accessed directly from Linux.
> Instead, there is an entirely separate processor, refered to as mp1, that seems to handle all the “secure” stuff, like handling the card, getting the pin and showing information on the screen. The “insecure” Linux, running on the second processor, mp2, only handles the networking, the updating, and the business logic.
fredthestair
From the description it sounded like the linux side may play some role in tamper event handling, but hopefully it can just also see it has occurred, otherwise getting a root shell first may lead to an opportunity to prevent the tamper event from clearing security keys.
ofjcihen
The look into these is neat but…why immediately open it up and trigger the tamper state? Did they not know most readers would have one?
Any real testing happening in the tamper state might be meaningless. Perhaps the shell is available after the tamper state triggers for resetting purposes.
It just seems like opening it would be the last thing you would try.
stgl
Well, I felt like I first had to get a feeling for what I am working with. Hardware, what SoC, interfaces, flash etc... Otherwise I am too much in the dark. But sure, in hindsight I could've just tapped the debug connector and could have been done with it.
No, I got a shell on second, untampered one, as well.
allenrb
Specifics of this hack aside, I wish I could solder like that!
grishka
These are (were?) popular in Finland and confused me a lot every time I visited. The NFC reader in them is on the side, which is very unusual compared to the kinds of terminals I'm used to, which have it in the screen so you just tap your card/phone on the screen.
thenthenthen
These are everywhere in Europe. Not sure about Switzerland, but credit cards are not really owned or used in much of the Europe I know. I would call it a POS, point of sale (system), these things can read all kinda of cards. Nevertheless, nice write up!
jajko
Oh yes they are. I detest having to juggle all those cards in my wallet, already have tons for various reasons (not just payment stuff), so no room for ie debit ones.
Dont see the appeal of putting even more stuff into phone or ewatches (prefer good mechanical ones), losing it would be catastrophe enough as it is for privacy. But thats me.
pjerem
Actually, putting your card on your phone is a better protection against theft : they cannot be used without biometric identification, can be remotely revoked and you can still keep your plastic cards as backup.
I could easily live without it and I wouldn’t even consider it to be an important gesture for my next phone but it’s pretty useful when you have it.
Also, idk for Android but on iPhone it’s faster than plastic cards and more secure.
But I hope plastic cards are there to stay because that’s yet another thing locking us into the iOS/Android duopoly.
davedx
I used to work with set-top-boxes for a big media corporation, those also had the debug serial port. I remember it being fiddly but also absolutely vital to be able to do any useful work with the STB's. It's quite eye opening now reading this to see that they're also a huge potential security hole (in the right hands), unless everything is locked down with the second secure processor like in this setup.
You can make fake debit/credit card transactions on a $2 USB card reader. All the specs are here and the protocol is public and documented (IIRC 5000 pages in a lot of PDF, it's a pain in the ass to read).
But to validate those transactions, you must send them to the bank over the internet, and you'll get a visit from the feds/FBI/whatever if you do it.
There is no real protection on card readers (most use Linux with a small shitty password). The protection comes from the contracts and regulations between the shops and the banks.