Abstract
The recent emergence of Near Field Communication (NFC) enabled smart phones resulted in an increasing interest in NFC security. Several new attack scenarios, using NFC devices either as attack platform or as device under attack, have been discovered. One of them is the software-based relay attack. In this paper we evaluate the feasibility of the software-based relay attack in an existing mobile contactless payment system. We give an in-depth analysis of Google Wallet's credit card payment functionality. We describe our prototypical relay system that we used to successfully mount the software-based relay attack on Google Wallet. We discuss the practicability and threat potential of the attack and provide several possible workarounds. Finally, we analyze Google's approach to solving the issue of software-based relay attacks in their recent releases of Google Wallet.
Original language | English |
---|---|
Title of host publication | 2013 5th International Workshop on Near Field Communication, NFC 2013 |
Publisher | IEEE Computer Society’s Conference Publishing Services |
Pages | 1-6 |
ISBN (Print) | 9781467348379 |
DOIs | |
Publication status | Published - 2013 |
Event | 5th International Workshop on Near Field Communication (NFC 2013) - Zurich, Switzerland Duration: 5 Feb 2013 → 5 Feb 2013 http://nfc-workshop.org/2013/ |
Publication series
Name | 2013 5th International Workshop on Near Field Communication, NFC 2013 |
---|
Workshop
Workshop | 5th International Workshop on Near Field Communication (NFC 2013) |
---|---|
Country/Territory | Switzerland |
City | Zurich |
Period | 05.02.2013 → 05.02.2013 |
Internet address |