This is an open access article published by the IET under the Creative Commons Attribution-NonCommercial-NoDerivs License (http://creativecommons.org/licenses/by-nc-nd/3.0/)
This paper presents an assessment of how successful an eavesdropping attack on a contactless payment transaction can be in terms of bit and frame error rates, using an easily concealable antenna and low-cost electronics. Potential success of an eavesdropping attack largely depends on the correct recovery of the data frames used in the ISO 14443 standard. A near-field communication inductive loop antenna was used to emulate an ISO 14443 transmission. For eavesdropping, an identical inductive loop antenna as well as a shopping trolley modified to act like an antenna were used. The authors present and analyse frame error rates obtained with the authors equipment over a range of distances, up to 100 cm, well above the official maximum operating distance depending on the magnetic field strength.
References
-
-
1)
-
15. Berger, D.: ‘Contactless smart card standards and new test methods’. IEEE Workshop on Smart Card Technologies and Applications, Berlin, 1998, pp. 50–54.
-
2)
-
3)
-
23. Brown, T.W.C., Diakos, T.P., Briffa, J.A.: ‘Evaluating the eavesdropping range of varying magnetic field strengths in NFC standards’. Proc. Seventh European Conf. Antennas and Propagation Antennas and Propagation (EuCAP), 2013.
-
4)
-
5)
-
6)
-
24. Brown, T.W.C., Diakos, T.: ‘On the design of NFC antennas for contactless payment applications’., Proc. Fifth European Conf. Antennas and Propagation Antennas and Propagation (EuCAP), 2011, pp. 44–47.
-
7)
-
19. Pfeiffer, F., Finkenzeller, K., Biebl, E.: ‘Theoretical limits of ISO/IEC 14443 type A RFID eavesdropping attacks’. Proc. 2012 European Conf. Smart Objects, Systems and Technologies (SmartSysTech), 2012, pp. 1–9.
-
8)
-
18. Hancke, G.P.: ‘Eavesdropping attacks on high-frequency RFID tokens’. Proc. RFIDsec 08. Budapest, Hungary, 2008.
-
9)
-
10)
-
11)
-
12)
-
20. Thevenon, P.-H., Savry, O., Tedjini, S., Malherbi-Martins, R.: ‘Attacks on the HF physical layer of contactless and RFID systems’. Current Trends and Challenges in RFID, 2011.
-
13)
-
26. Proakis, J.G.: Digital Communications (McGraw-Hill, 1995, 3rd edn.).
-
14)
-
14. Roland, M., Langer, J., Scharinger, J.: ‘Applying relay attacks to Google Wallet’. Proc. 2013 fifth Int. Workshop on Near Field Communication (NFC), 2013, pp. 1–6.
-
15)
-
16)
-
17)
-
18)
-
19)
-
20)
-
21)
-
17. Novotny, D.R., Guerrieri, J.R., Francis, M., Remley, K.: ‘HF RFID electromagnetic emissions and performance’. IEEE Int. Symp. Electromagnetic Compatibility, 2008 (EMC 2008), 2008, pp. 1–7.
-
22)
-
23)
-
24)
-
25)
-
25. Finkenzeller, K.: ‘RFID handbook: fundamentals and applications in contactless smart cards, radio frequency identification and near-field communication (Wiley, 2010, 3rd edn.).
-
26)
-
13. Hancke, G.P.: ‘A practical relay attack on ISO 14443 proximity cards’. , University of Cambridge Computer Laboratory, 2005.
-
27)
-
16. Hancke, G.P.: ‘Practical attacks on proximity identification systems’. Proc. IEEE Security and Privacy Symp., 2006. pp. 6–333..
-
28)
-
15. Berger, D.: ‘Contactless smart card standards and new test methods’. IEEE Workshop on Smart Card Technologies and Applications, Berlin, 1998, pp. 50–54.
http://iet.metastore.ingenta.com/content/journals/10.1049/joe.2013.0087
Related content
content/journals/10.1049/joe.2013.0087
pub_keyword,iet_inspecKeyword,pub_concept
6
6