On the Effectiveness of Ambient Sensing for Detecting NFC Relay Attacks

Iakovos Gurulian, Carlton Shepherd, Eibe Frank, Konstantinos Markantonakis, Raja Akram, Keith Mayes

Research output: Chapter in Book/Report/Conference proceedingPublished conference contribution

5 Citations (Scopus)

Abstract

Smartphones with Near-Field Communication (NFC) may emulate contactless smart cards, which has resulted in the deployment of various access control, transportation and payment services, such as Google Pay and Apple Pay. Like contactless cards, however, NFC-based smartphone transactions are susceptible to relay attacks, and ambient sensing has been suggested as a potential countermeasure. In this study, we empirically evaluate the suitability of ambient sensors as a proximity detection mechanism for smartphone-based transactions under EMV constraints. We underpin our study using sensing data collected from 17 sensors from an emulated relay attack test-bed to assess whether they can thwart such attacks effectively. Each sensor, where feasible, was used to record 350-400 legitimate and relay (illegitimate) contactless transactions at two different physical locations. Our analysis provides an empirical foundation upon which to determine the efficacy of ambient sensing for providing a strong anti-relay mechanism in security-sensitive applications. We demonstrate that no single, evaluated mobile ambient sensor is suitable for such critical applications under realistic deployment constraints.
Original languageEnglish
Title of host publication16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Pages41-49
Number of pages9
ISBN (Electronic)978-1-5090-4906-6
ISBN (Print)978-1-5090-4907-3
DOIs
Publication statusPublished - 2017
Event16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications - Sydney, Australia
Duration: 1 Aug 2017 → …
Conference number: 16

Conference

Conference16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications
Abbreviated titleTrustCom 2017
Country/TerritoryAustralia
CitySydney
Period1/08/17 → …

Keywords

  • Relay Attacks
  • ambient sensing
  • Mobile Security
  • contactless transactions
  • near-field communication

Fingerprint

Dive into the research topics of 'On the Effectiveness of Ambient Sensing for Detecting NFC Relay Attacks'. Together they form a unique fingerprint.

Cite this