Practical Experiences on NFC Relay Attacks with Android Virtual Pickpocketing Revisited

• Published in: Radio Frequency Identification pp. 87 - 103
• Main Authors: Vila, José, Rodríguez, Ricardo J.
• Format: Book Chapter
• Language: English
• Published: Cham Springer International Publishing
• Series: Lecture Notes in Computer Science
• Subjects: Android; contactless payment; NFC; relay attacks; security
• ISBN: 9783319248363; 3319248367
• ISSN: 0302-9743; 1611-3349
• DOI: 10.1007/978-3-319-24837-0_6

Near Field Communication (NFC) is a short-range contactless communication standard recently emerging as cashless payment technology. However, NFC has been proved vulnerable to several threats, such as eavesdropping, data modification, and relay attacks. A relay attack forwards the entire wireless communication, thus communicating over larger distances. In this paper, we review and discuss feasibility limitations when performing these attacks in Google’s Android OS. We also perform an in-depth review of the Android implementation of the NFC stack. We show an experiment proving its feasibility using off-the-shelf NFC-enabled Android devices (i.e., no custom firmware nor root required). Thus, Android NFC-capable malicious software might appear before long to virtually pickpocket contactless payment cards within its proximity.