“Payment with mobile NFC phones” How to analyze the security problems
نویسندگان
چکیده
We present in this paper a method to analyze the security problems which can occur in a NFC mobile phone payment. In the first section, we give a simplified description of the technical realization for this pilot limited to a part of the system. In the second section, we present the security concepts as a major issue in this scenario. Roughly main requirement is to have same level of security as standard payment EMV transaction. The methodology described in the third section concerns the application payment and its communication with the payment terminal through a NFC link. This study, realized for the ITEA SmartTouch project, starts from a pilot experience that is carried out at Strasbourg in France, in 2007. This trial is the first experiment of a NFC-based payment application that fully supports the international EMV standard and the PayPass program. The end of this article presents different research perspectives to overstepping the encountered problems.
منابع مشابه
Proposing a Model for Patient Admission and NFC Mobile Payment by Biometric Identification and Smart Health Card
Abstract Following the advances in mobile communication and information technology, smart phones have been used in a wide variety of commercial, social, entertainment, file sharing and health transactions and applications. The current procedures in healthcare environment for patient registration, appointment scheduling and payment are time consuming and somehow tiresome. Traditionally, patie...
متن کاملOn the security issues of NFC enabled mobile phones
In this paper, we investigate the possibility that a Near Field Communication (NFC) enabled mobile phone, with an embedded secure element (SE), could be used as a mobile token cloning and skimming platform. We show how an attacker could use an NFC mobile phone as such an attack platform by exploiting the existing security controls of the embedded SE and the available contactless APIs. To illust...
متن کاملNeue Herausforderungen in der Netzsicherheit
Near Field Communication (NFC) based applications seem to be appealing in a world where everything moves away from plastic and contact based services. This project gives an overview on NFC and its implementation in mobile phones together with SIM based security features. Furthermore it presents mobile payment as one example of a SIM secured NFC based application on mobile phones, presents its a...
متن کاملPractical Experiences with NFC Security on mobile Phones
In this paper we present our practical experiences in implementing a secure NFC application on mobile phones. First, we present the characteristics of the NFC technology and its security features. Based on our practical, real-world offline NFC voucher payment application, using the Nokia 6313 and 6212 NFC enabled devices, we illustrate the possibilities of NFC applications on today’s technology...
متن کاملPractical Relay Attack on Contactless Transactions by Using NFC Mobile Phones
Contactless technology is widely used in security sensitive applications, including identification, payment and access-control systems. Near Field Communication (NFC) is a short-range contactless technology allowing mobile devices to act primarily as either a reader or a token. Relay attacks exploit the assumption that a contactless token within communication range is in close proximity, by pla...
متن کامل