Advertisement

Card Emulation

  • Michael RolandEmail author
Chapter
Part of the T-Labs Series in Telecommunication Services book series (TLABS)

Abstract

While tagging is the most widely supported application scenario of Near Field Communication (NFC), card emulation is the mode that is expected to have the highest commercial impact. The reason is that, in card emulation mode, an NFC device can interact with existing contactless smartcard readers as if it were a contactless smartcard. Contactless smartcards and their corresponding reader infrastructures are already in use with several applications. For instance, more and more credit cards and credit card terminals are equipped with NFC-compatible contactless interfaces. Also, many contactless micro-payment systems and access control systems are compatible to NFC. Thus, an NFC device can operate as a payment card, as a loyalty/coupon card or as a key card for access control in these existing systems. Especially payment use-cases (e.g. credit cards) are believed to have a potential for generating high revenues. This chapter analyzes the current security mechanisms of card emulation and introduces new attack scenarios that have not been considered in the design of current card emulation infrastructures.

Keywords

Mobile Phone Access Control Near Field Communication Relay Channel Secure Element 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Android Open Source Project: Android developers—host-based card emulation. https://developer.android.com/guide/topics/connectivity/nfc/hce.html (2014). Accessed Dec 2014
  2. 2.
    EMVCo: EMV Contactless Specifications for Payment Systems—Book A: Architecture and General Requirements. Version 2.1 (2011)Google Scholar
  3. 3.
    Forristal, J.: Android fake ID vulnerability. Talk at BlackHat US. Las Vegas, NV, USA. https://www.blackhat.com/docs/us-14/materials/us-14-Forristal-Android-FakeID-Vulnerability-Walkthrough.pdf (2014)
  4. 4.
    Forum Nokia: Nokia 6131 NFC SDK: user’s guide. Version 1.1 (2007)Google Scholar
  5. 5.
    Francis, L., Hancke, G.P., Mayes, K.E., Markantonakis, K.: Practical NFC peer-to-peer relay attack using mobile phones. In: Radio Frequency Identification: Security and Privacy Issues, LNCS, vol. 6370/2010, pp. 35–49. Springer, Berlin (2010). doi: 10.1007/978-3-642-16822-2_4
  6. 6.
    Francis, L., Hancke, G.P., Mayes, K.E., Markantonakis, K.: Practical relay attack on contactless transactions by using NFC mobile phones. Cryptology ePrint Archive, Report 2011/618. http://eprint.iacr.org/2011/618 (2011)
  7. 7.
    Giesecke & Devrient: seek-for-android—Secure Element Evaluation Kit for the Android Platform—the ‘SmartCard API’. https://code.google.com/p/seek-for-android/ (2012). Accessed Sept 2012
  8. 8.
    GlobalPlatform: Card Specification. Version 2.2.1 (2011)Google Scholar
  9. 9.
    GlobalPlatform: Secure Element Access Control. Version 1.0 (2012)Google Scholar
  10. 10.
    GoToTags: GoToTags—the nfc superstore. https://www.buynfctags.com/ (2012). Accessed Sept 2012
  11. 11.
    Hancke, G.P.: A practical relay attack on ISO 14443 proximity cards. http://www.rfidblog.org.uk/hancke-rfidrelay.pdf (2005). Accessed Sept 2011
  12. 12.
    Hancke, G.P., Mayes, K.E., Markantonakis, K.: Confidence in smart token proximity: relay attacks revisited. Comput. Secur. 28(7), 615–627 (2009). doi: 10.1016/j.cose.2009.06.001 CrossRefGoogle Scholar
  13. 13.
    International Organization for Standardization: ISO/IEC 14443–4: Identification cards—Contactless integrated circuit cards—Proximity cards—Part 4: Transmission protocol (2008)Google Scholar
  14. 14.
    International Organization for Standardization: ISO/IEC 14443–2: Identification cards—Contactless integrated circuit cards—Proximity cards—Part 2: Radio frequency power and signal interface (2010)Google Scholar
  15. 15.
    International Organization for Standardization: ISO/IEC 14443–3: Identification cards—Contactless integrated circuit cards—Proximity cards—Part 3: Initialization and anticollision (2011)Google Scholar
  16. 16.
    Issovits, W., Hutter, M.: Weaknesses of the ISO/IEC 14443 protocol regarding relay attacks. In: Proceedings of the IEEE International Conference on RFID-Technologies and Applications (RFID-TA), pp. 335–342. IEEE, Sitges, Spain (2011). doi: 10.1109/RFID-TA.2011.6068658
  17. 17.
    Java Community Process: JSR 177: Security and Trust Services API (SATSA). Version 1.0.1 (2007)Google Scholar
  18. 18.
    Java Community Process: JSR 257: Contactless Communication API. Version 1.1 (2009)Google Scholar
  19. 19.
    Kfir, Z., Wool, A.: Picking virtual pockets using relay attacks on contactless smartcard. In: Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SecureComm 2005), pp. 47–58. IEEE, Athens, Greece (2005). doi: 10.1109/SECURECOMM.2005.32
  20. 20.
    MasterCard Worldwide: Transaction optimization for PayPass—M/Chip terminals. Number 002582, version 2–0 (2008)Google Scholar
  21. 21.
    proxmark.org: Proxmark—a radio frequency identification tool. http://www.proxmark.org/ (2012). Accessed Sept 2012
  22. 22.
    Research In Motion: BlackBerry code signing keys—BlackBerry keys order form. https://www.blackberry.com/SignedKeys/ (2012). Accessed Sept 2012
  23. 23.
    Research In Motion: Blackberry API 7.0.0: package net.rim.device.api.io.nfc.emulation. http://www.blackberry.com/developers/docs/7.0.0api/net/rim/device/api/io/nfc/emulation/package-summary.html (2011). Accessed Sept 2012
  24. 24.
    Research In Motion: Blackberry API 7.0.0: package net.rim.device.api.io.nfc.se. http://www.blackberry.com/developers/docs/7.0.0api/net/rim/device/api/io/nfc/se/package-summary.html (2011). Accessed Sept 2012
  25. 25.
    Roland, M.: Applying recent secure element relay attack scenarios to the real world: Google Wallet relay attack. Computing Research Repository (CoRR), arXiv:1209.0875 [cs.CR]. http://arxiv.org/abs/1209.0875 (2012)
  26. 26.
    Roland, M.: Software card emulation in NFC-enabled mobile phones: great advantage or security nightmare? In: 4th International Workshop on Security and Privacy in Spontaneous Interaction and Mobile Phone Use. Newcastle, UK. http://www.medien.ifi.lmu.de/iwssi2012/papers/iwssi-spmu2012-roland.pdf (2012)
  27. 27.
    Roland, M., Langer, J., Scharinger, J.: Practical attack scenarios on secure element-enabled mobile devices. In: Proceedings of the Fourth International Workshop on Near Field Communication (NFC 2012), pp. 19–24. IEEE, Helsinki, Finland (2012). doi: 10.1109/NFC.2012.10
  28. 28.
    Roland, M., Langer, J., Scharinger, J.: Relay attacks on secure element-enabled mobile devices: virtual pickpocketing revisited. In: Information Security and Privacy Research, IFIP AICT, vol. 376/2012, pp. 1–12. Springer, Heraklion, Creete, Greece (2012). doi: 10.1007/978-3-642-30436-1_1
  29. 29.
    Roland, M., Langer, J., Scharinger, J.: Applying relay attacks to Google Wallet. In: Proceedings of the Fifth International Workshop on Near Field Communication (NFC 2013). IEEE, Zurich, Switzerland (2013). doi: 10.1109/NFC.2013.6482441
  30. 30.
    SIMalliance: Open Mobile API specification. Version 2.03 (2012)Google Scholar
  31. 31.
    Smart Card Alliance Transportation Council: Transit and contactless open payments: an emerging approach for fare collection. White paper. http://www.smartcardalliance.org/resources/pdf/Open_Payments_WP_110811.pdf (2011)
  32. 32.
    Stiftung Secure Information and Communication Technologies: HF RFID Demo Tag. http://jce.iaik.tugraz.at/Products/RFID-Components/HF-RFID-Demo-Tag (2012). Accessed Sept 2012
  33. 33.
    Tiedemann, S.: nfcpy—Python module for near field communication. https://launchpad.net/nfcpy (2012). Accessed Sept 2012
  34. 34.
    Urien, P., Piramuthu, S.: Securing NFC mobile services with cloud of secure elements (CoSE). In: Mobile Computing, Applications, and Services, LNICST, vol. 130/2014, pp. 322–331. Springer, Paris, France (2013). doi: 10.1007/978-3-319-05452-0_30
  35. 35.
    Urien, P., Piramuthu, S.: Towards a secure cloud of secure elements concepts and experiments with NFC mobiles. In: Proceedings of the 2013 International Conference on Collaboration Technologies and Systems (CTS), pp. 166–173. IEEE, San Diego, CA, USA (2013). doi: 10.1109/CTS.2013.6567224
  36. 36.
    Woolley, M.: Response to thread “UID for NFC Mifare Tag emulation” on BlackBerry support community forums. http://supportforums.blackberry.com/t5/Java-Development/UID-for-NFC-Mifare-Tag-emulation/m-p/1575809 (2012)
  37. 37.
    Yeager, D.: Added NFC Reader support for two new tag types: ISO PCD type A and ISO PCD type B. https://github.com/CyanogenMod/android_packages_apps_Nfc/commit/d41edfd794d4d0fedd91d561114308f0d5f83878 (2012)
  38. 38.
    Yeager, D.: Added NFC Reader support for two new tag types: ISO PCD type A and ISO PCD type B. https://github.com/CyanogenMod/android_external_libnfc-nxp/commit/34f13082c2e78d1770e98b4ed61f446beeb03d88 (2012)
  39. 39.
    YES-wallet: YES-wallet—cloud-based NFC contactless mobile wallet.http://www.yes-wallet.com/ (2012). Accessed Sept 2012

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.School of Informatics/Communications/MediaUniversity of Applied Sciences Upper AustriaHagenbergAustria

Personalised recommendations