Practical Experiences on NFC Relay Attacks with Android - Virtual Pickpocketing Revisited

نویسندگان

  • José Vila
  • Ricardo J. Rodríguez
چکیده

Near Field Communication (NFC) is a short-range contactless communication standard recently emerging as cashless payment technology. However, NFC has been proved vulnerable to several threats, such as eavesdropping, data modification, and relay attacks. A relay attack forwards the entire wireless communication, thus communicating over larger distances. In this paper, we review and discuss feasibility limitations when performing these attacks in Google’s Android OS. We show an experiment proving its feasibility using off-the-shelf NFC-enabled Android devices (i.e., no custom firmware nor root required). Thus, Android NFC-capable malicious software might appear before long to virtually pickpocket contactless payment cards within its proximity.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Practical Experiences on NFC Relay Attacks with Android: Virtual Pickpocketing Revisited

Near Field Communication (NFC) is a short-range contactless communication standard recently emerging as cashless payment technology. However, NFC has been proved vulnerable to several threats, such as eavesdropping, data modification, and relay attacks. A relay attack forwards the entire wireless communication, thus communicating over larger distances. In this paper, we review and discuss feasi...

متن کامل

Relay Attacks on Secure Element-Enabled Mobile Devices - Virtual Pickpocketing Revisited

Near Field Communication’s card emulation mode is a way to combine smartcards with a mobile phone. Relay attack scenarios are well-known for contactless smartcards. In the past, relay attacks have only been considered for the case, where an attacker has physical proximity to an NFC-enabled mobile phone. However, a mobile phone introduces a significantly di↵erent threat vector. A mobile phone’s ...

متن کامل

DEMO: NFCGate - An NFC Relay Application for Android

Near Field Communication (NFC) is a technology widely used for security-critical applications like access control or payment systems. Many of these systems rely on the security assumption that the card has to be in close proximity to communicate with the reader. We developed NFCGate, an Android application capable of relaying NFC communication between card and reader using two rooted but otherw...

متن کامل

Mobile Pickpocketing: Exfiltration of Sensitive Data through NFC-enabled Mobile Devices (CMU-CyLab-13-015)

With the increasing popularity of Near field communication (NFC) in consumer-off-the-shelf devices, more and more applications are taking advantage of the technology in innovative ways. Unfortunately, with the rise of NFC applications, there emerges a variety of vulnerabilities that could leave an unwitting user vulnerable to a data breach. One such potentially devastating attack is mobile pick...

متن کامل

Mobile Pickpocketing: Exfiltration of Sensitive Data through NFC-enabled Mobile Devices

With the increasing popularity of Near field communication (NFC) in consumer-off-the-shelf devices, more and more applications are taking advantage of the technology in innovative ways. Unfortunately, with the rise of NFC applications, there emerges a variety of vulnerabilities that could leave an unwitting user vulnerable to a data breach. One such potentially devastating attack is mobile pick...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2015