Page 30 - ITU-T Focus Group Digital Financial Services – Technology, innovation and competition
P. 30

ITU-T Focus Group Digital Financial Services
                                              Technology, Innovation and Competition



               and alter call routing – coupled with intercepting a customer’s SMSs – means that the OTP may never reach
               the target customer,  or may be intercepted en route.
                                3
                                                            4
               Availability
               An adversary capable of mounting a rogue base station attack can choose not to relay information to the
               financial provider, thus denying the ability of a transaction to go through. This threat exists to both SMS-based
               mobile money systems and newer smartphone-based systems where SSL over IP is used. While in this latter
               case the fidelity of the data is not at risk, the availability of the back-end service can be in question.


               Privacy

               An adversary who has compromised communication at the base station has significant capabilities to breach
               the privacy of the client, by gaining access to sensitive financial and potentially personal information, and with
               the ability to profile all network activity performed by the client.


               Recommendations for mitigation
               R10 – Discontinue the use of A5/0, A5/1, and A5/2 GSM encryption ciphers. Closely monitor results from
               the security and cryptographic community regarding the feasibility and ease of compromising A5/3 and A5/4
               and begin considering stronger ciphers. Have a deployment strategy ready for these newer ciphers.

               R11 – Consider transitioning away from mobile applications that leverage SMS and USSD in favour of
               solutions that use strong public key cryptography and end-to-end security. Such solutions could include the
               use of specifically smartphone-based solutions that use OpenSSL and up-to-date versions of TLS. The use of
               SIM App Toolkit can also provide the means for supporting cryptography. While existing architectures may be
               in place for the near-term future and it will likely take years for smartphones to become widespread enough
               to supplant feature phones, hence decommissioning SMS and USSD-based DFS services and transitioning
               high-value and high-volume accounts (e.g., business and merchants) to smartphones that support end-to-
               end security can protect those accounts while ensuring that risk mitigation strategies are in place for feature
               phones.
               Because of the SS7 vulnerabilities described above, the US standards body, National Institutes of Standards
               & Technology (NIST), has recommended that SMS no longer be used for any authentication purposes for
               financial transactions. 5









               3   Using the ‘processUnstructuredSS’ SS7 message, the attacker is able to send USSD codes on behalf of the customer, possibly
                  authorizing a credit or money transfer transaction from the target. Engel, T. (2014) CAMEL. In “SS7: Locate, Track & Manipulate”,

                                                                       .
                  available athttp:// berlin. ccc. de/ ~tobias/ 31c3- ss7- locate- track- manipulate. pdf  While this interception is technically possible and
                  has been described, it should be noted that interception of the SUTLP may be difficult to achieve, since the USSD session that
                  elicits that response is from a live and active handset, and secured by the MNO's PIN. To re-route the SMS destination from the
                  known location of the handset to the hacker would have to take place almost instantaneously, and is likely to throw exception
                  warnings at the MNO.
               4   See, for example, the massive breach of the supposedly secure instant messaging application, Telegram, by hackers. Vulnerability
                  in Telegram and other apps using OTP via SMS lies in their use of OTPs via cleartext SMS text messages to activate new devices.
                  When users want to log on to Telegram from a new phone, the company sends them authorization codes via SMS, which can be
                  intercepted. With these codes, hackers can add new devices to a person's account, enabling them to read chat histories as well

                  as new messages. See Reuters (2016) Exclusive: Hackers accessed Telegram messaging accounts in Iran, available athttp:// www.
                  reuters. com/ article/ us- iran- cyber- telegram- exclusive- idUSKCN10D1AM
               5   SMS as an authentication mechanism has been deemed ‘usable, but regarded as obsolete and best avoided’ by the US National
                  Institutes of Standards & Technology in its recent Digital Authentication Guideline on SMS verification mechanisms. See NIST
                  (2016) DRAFT NIST Special Publication 800-63B Digital Authentication Guideline, available at https:// pages. nist. gov/ 800- 63- 3/
                  sp800- 63b. html.



                16
   25   26   27   28   29   30   31   32   33   34   35