Page 18 - Security testing for USSD and STK based Digital Financial Services applications Security, Infrastructure and Trust Working Group
P. 18
3.4.2 Exploiting the SIM vulnerabilities end-user receives a binary message from the opera-
This test demonstrates the risk associated with tor to download or activate new services on their SIM
devices with easy access to the hardware compo- without having to return to a retail outlet. DFS pro-
nents that hold the SIM card and the risks associated viders that offer DFS services with STK update the
with thin SIMs. STK application menu of the financial service listing
This attack can be performed using the Bladox using binary OTA messages. The execution is often
Turbo SIM , which is inserted between the SIM and undetectable and, in most cases, without any notifi-
7
the phone to perform a Man-in-the-Middle attack. cation to the user or action required.
Any packets traversing the SIM are relayed to the An attacker can make use of this feature to send a
attacker. binary SMS with commands targeting the user's dig-
ital financial services.
3�5 Attacks using binary OTA message 8 This test uses the SIMtester app to check if a is vul-
This test demonstrates the susceptibility of a SIM nerable and exploitable through the OTA SMS attacks
to attacks that can allow a malicious actor to send by checking if the provider has enabled security fea-
OTA binary messages with specific commands to a tures on the SIM card required to avert this attacker.
vulnerable SIM. This test fuzzes a SIM card through Each application has a minimum-security level
a PCSC-enabled smart card reader to find whether a (MSL), which specifies the minimum-security check
SIM is susceptible to the simjacker or WIB attacks . applied to secured packets sent to the application.
10
9
The Simjacker and WIB attacks allow an attack- The SIM checks the security level before processing
er to send OTA binary messags to SIM applicatiosns the binary command, and if the test fails, the SIM
that run on the SIMcard and interact with the mobile rejects the messages. If the SIM application is con-
device to perform the following actions: figured with MSL = 0 or does not check the KiC and
KiD, an attacker can send an OTA SMS command to
a. Start a call, send an SMS, and send SS requests. control the SIM application without knowing the OTA
b. Initiate USSD requests. key, KiC, KiD. The KiC is used to encrypt the secure
c. Launch an internet browser with a specific URL. command, and the KiD is used for generating the
d. Display text on the device. cryptographic checksum, which makes sure that
e. Engage in dialog with users command is from a valid identity.
The difference between the WIB attack and the 3.5.1 Test setup
simjacker attack is in the applications running on the To perform the tests, unzip the SIMtester application
SIM card that they target. The simjacker executes file and run the command below.
commands through the S@T Browser app. In $ unzip SIMTester_v1.9.zip
contrast, WIB attacks target the Wireless Internet $ java -jar SIMTester.jar
Browser (WIB) application. The application runs by sending messages to each
The ability to perform the above attacks remote- of the Toolkit Application references (TARs) to test
ly on a SIM can is a potential risk to users of digital for susceptibility to OTA SMS commands without a
financial services. key set.
Over-the-air (OTA) binary messages are used The output of the results will show whether the SIM
by providers to send updates and changes to the card is vulnerable or not.
SIM menus without having to reissue the SIM. The
16 Security testing for USSD and STK based Digital Financial Services applications
