Applying recent secure element relay attack scenarios to the real world: Google Wallet Relay Attack

This report explains recent developments in relay attacks on contactless smartcards and secure elements. It further reveals how these relay attacks can be applied to the Google Wallet. Finally, it gives an overview of the components and results of a successful attempt to relay an EMV Mag-Stripe transaction between a Google Wallet device and an external card emulator over a wireless network. Revision: 1.3 Date: March 25, 2013 Status: Final This work is part of the project “4EMOBILITY” within the EU programme “Regionale Wettbewerbsfähigkeit OÖ 2007–2013 (Regio 13)” funded by the European regional development fund (ERDF) and the Province of Upper Austria (Land Oberösterreich). Applying recent secure element relay attack scenarios to the real world: Google Wallet Relay Attack Michael Roland 1 ar X iv :1 20 9. 08 75 v2 [ cs .C R ] 2 5 M ar 2 01 3 Hagenberg Linz Steyr Wels A revised version of this report has been published as M. Roland, J. Langer, and J. Scharinger: Applying Relay Attacks to Google Wallet. In: Proceedings of the 5th International Workshop on Near Field Communication (NFC 2013), pp. 1–6, Zurich, Switzerland, Feb. 2013. DOI: 10.1109/NFC.2013.6482441, c © 2013 IEEE. The revised version gives a more detailed analysis of the Google Wallet oncard component, adds new ideas on how to improve the attack, details further information on our test setup, and adds an analysis of Google’s approach to fix the vulnerability. Applying recent secure element relay attack scenarios to the real world: Google Wallet Relay Attack Michael Roland 2 Hagenberg Linz Steyr Wels