An Off-the-shelf Relay Attack in a Contactless Payment Solution
نویسندگان
چکیده
The enhanced Radio-Frequency Identification (RFID) technology called Near Field Communication (NFC), is a standards-based wireless communication technology. Passive NFC devices, such as contactless smart cards use NFC to communicate with other devices without any physical connection, or an internal battery source, deriving power inductively via the radio field generated by the NFC reader device. Nowadays, many Point-of-Sale (POS) terminals, credit cards and also mobile devices are NFC-capable and facilitate contactless payments. Thus, many security sensitive applications already use the contactless technology. A very important attack in the NFC security domain, is the relay attack. This work illustrates a practical relay attack on public transport POS terminals, using off-the-shelf mobile devices and hardware, and summarizes possible countermeasures against relay attacks in
منابع مشابه
Relaying EMV Contactless Transactions using Off-The-Shelf Android Devices
Dutch banks introduced contactless payments in April 2014, and have been promoting the use of contactless cards since then. Contactless payments are based on the EMV specification, the worldwide standard for contact and contactless transactions. EMV Contact is a well-researched field and many vulnerabilities have been found. Although EMV Contactless is newer and less researched, a few vulnerabi...
متن کاملRelay Cost Bounding for Contactless EMV Payments
This paper looks at relay attacks against contactless payment cards, which could be used to wirelessly pickpocket money from victims. We discuss the two leading contactless EMV payment protocols (Visa’s payWave and MasterCard’s PayPass). Stopping a relay attack against cards using these protocols is hard: either the overhead of the communication is low compared to the (cryptographic) computatio...
متن کاملPractical Experiences on NFC Relay Attacks with Android: Virtual Pickpocketing Revisited
Near Field Communication (NFC) is a short-range contactless communication standard recently emerging as cashless payment technology. However, NFC has been proved vulnerable to several threats, such as eavesdropping, data modification, and relay attacks. A relay attack forwards the entire wireless communication, thus communicating over larger distances. In this paper, we review and discuss feasi...
متن کاملPractical Experiences on NFC Relay Attacks with Android - Virtual Pickpocketing Revisited
Near Field Communication (NFC) is a short-range contactless communication standard recently emerging as cashless payment technology. However, NFC has been proved vulnerable to several threats, such as eavesdropping, data modification, and relay attacks. A relay attack forwards the entire wireless communication, thus communicating over larger distances. In this paper, we review and discuss feasi...
متن کاملCloning Credit Cards: A Combined Pre-play and Downgrade Attack on EMV Contactless
Recent roll-outs of contactless payment infrastructures – particularly in Austria and Germany – have raised concerns about the security of contactless payment cards and Near Field Communication (NFC). There are well-known attack scenarios like relay attacks and skimming of credit card numbers. However, banks and credit card schemes often mitigate these attacks. They explain that attacks are imp...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2015