Practical Experiences with NFC Security on mobile Phones
نویسندگان
چکیده
In this paper we present our practical experiences in implementing a secure NFC application on mobile phones. First, we present the characteristics of the NFC technology and its security features. Based on our practical, real-world offline NFC voucher payment application, using the Nokia 6313 and 6212 NFC enabled devices, we illustrate the possibilities of NFC applications on today’s technology with an emphasis on the security aspects. In our experience, the current technology is not sufficient to provide for a completely secured system, which resulted in sub-optimal speed of our implementation. As the security protocols in our solution are PKI-based, we include some timings of the underlying cryptographic routines, to show that the actual slowdowns are not only caused by the heavy use of cryptography, but also by design decisions of the mobile phone manufacturer.
منابع مشابه
Practical Relay Attack on Contactless Transactions by Using NFC Mobile Phones
Contactless technology is widely used in security sensitive applications, including identification, payment and access-control systems. Near Field Communication (NFC) is a short-range contactless technology allowing mobile devices to act primarily as either a reader or a token. Relay attacks exploit the assumption that a contactless token within communication range is in close proximity, by pla...
متن کاملA Practical Generic Relay Attack on Contactless Transactions by Using NFC Mobile Phones
Contactless technology is widely used in security sensitive applications, including identification, payment and access-control systems. Near Field Communication (NFC) is a short-range contactless technology allowing mobile devices to act primarily as either a reader or a token. Relay attacks exploit the assumption that a contactless token within communication range is in close proximity, by pla...
متن کاملOn the security issues of NFC enabled mobile phones
In this paper, we investigate the possibility that a Near Field Communication (NFC) enabled mobile phone, with an embedded secure element (SE), could be used as a mobile token cloning and skimming platform. We show how an attacker could use an NFC mobile phone as such an attack platform by exploiting the existing security controls of the embedded SE and the available contactless APIs. To illust...
متن کاملNFC-based mobile middleware for intuitive user interaction with security in smart homes
Home networks and networked consumer electronic devices are increasingly becoming a part of our everyday lives. One of the challenges in designing smart home technology is making these systems secure and, at the same time, easy-to-use for non-expert consumers. We believe that mobile devices equipped with a “touch” network interface and corresponding middleware are ideal for enabling users to in...
متن کاملSoftware Card Emulation in NFC-enabled Mobile Phones: Great Advantage or Security Nightmare?
Software card emulation is a new approch to advance the interoperability of NFC with legacy contactless smartcard systems. It has been first introduced to NFC-enabled mobile phones by Research In Motion (RIM) on their BlackBerry platform. Software card emulation aims at opening and simplifying the complex and tightly controlled card emulation functionality. While this form of card emulation, th...
متن کامل