Practical Experiences on NFC Relay Attacks with Android Virtual Pickpocketing Revisited
Near Field Communication (NFC) is a short-range contactless communication standard recently emerging as cashless payment technology. However, NFC has been proved vulnerable to several threats, such as eavesdropping, data modification, and relay attacks. A relay attack forwards the entire wireless co...
Saved in:
Published in | Radio Frequency Identification pp. 87 - 103 |
---|---|
Main Authors | , |
Format | Book Chapter |
Language | English |
Published |
Cham
Springer International Publishing
|
Series | Lecture Notes in Computer Science |
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | Near Field Communication (NFC) is a short-range contactless communication standard recently emerging as cashless payment technology. However, NFC has been proved vulnerable to several threats, such as eavesdropping, data modification, and relay attacks. A relay attack forwards the entire wireless communication, thus communicating over larger distances. In this paper, we review and discuss feasibility limitations when performing these attacks in Google’s Android OS. We also perform an in-depth review of the Android implementation of the NFC stack. We show an experiment proving its feasibility using off-the-shelf NFC-enabled Android devices (i.e., no custom firmware nor root required). Thus, Android NFC-capable malicious software might appear before long to virtually pickpocket contactless payment cards within its proximity. |
---|---|
Bibliography: | This work was partially supported by the University of León under contract X43. |
ISBN: | 9783319248363 3319248367 |
ISSN: | 0302-9743 1611-3349 |
DOI: | 10.1007/978-3-319-24837-0_6 |