Presentation is loading. Please wait.

Presentation is loading. Please wait.

NFC Security What is NFC? NFC Possible Security Attacks. NFC Security Attacks Countermeasures. Conclusion. References.

Published byAddison Vassey Modified over 10 years ago

Similar presentations

Presentation on theme: "NFC Security What is NFC? NFC Possible Security Attacks. NFC Security Attacks Countermeasures. Conclusion. References."— Presentation transcript:

1 NFC Security What is NFC? NFC Possible Security Attacks. NFC Security Attacks Countermeasures. Conclusion. References.

2 What is NFC NFC (Near Field Communication). Short range contactless communication between devices (at least one transmission device, e.g. public transport card readers). NFC communication configuration  Active - Active: RF field are alternatively generated.  Active-Passive: RF field generated by first device.  Passive-Active: RF field generated by second device

3 What is NFC NFC operational mode :  Read/write mode: active device links up with another device to read information (smart mobile - NFC tag)  Peer-to-peer mode: both devices switch between active (sending data), and passive (receiving data).  Card emulation: using NFC device as credit card.

4 NFC Possible Security Attacks Smart Poster URL Spoofing. RF signal eavesdropping attack. Data Corruption and data insertion. Data stealing.

5 Smart poster URL spoofing Possible countermeasure: mark the URL in special way

6 Smart poster URL spoofing Consequences Run man in the middle attack by loading a malicious website => and steal credential or inject malicious contents. Attacking The Mobile Telephony Service.

7 Smart poster URL spoofing Consequences NFC Worm injection Denial-of-Service Attacks: touch NFC-Tag => mobile crash

8 RF signal eavesdropping RF Signal eavesdropping: How close an attacker need to be, based on many things: RF characteristics of sender device, attacker antenna, attack receiver, attacker signal RF decoder, power send by NFC device, attacker location.  In general, sending device in active mode => 10m, when it in passive mode => 1 m.  Possible countermeasure: establish a secure channel.

9 Data corruption and insertion In data corruption transmit valid frequency of data spectrum at correct time. corruption power is bigger than sender power => detectable. In data insertion: only, inserted data transmitted before the original device starts with the answer data streams overlap => data corruption

10 Data insertion possible countermeasures Answering device answers with no delay. Answering device listen (monitor) channel during communication time. Secure channel between devices (Diffie-Hellmann).

11 Data Stealing Data of card integrated with passive NFC chip could be stolen using related application. E.g. credit card data. Attack need to be within card communication range. Countermeasures: using of special card case, cover it with aluminum and installation Antivirus on the mobile phone.

12 Conclusions NFC is not full secure. Recommendation: smart credit card should be replaced with old fashion one. Antivirus should be installed on NFC enabled devices. Smart poster distribution should be controlled. NFC security countermeasures have to be considered parallel to enabling NFC.

13 References E. Haselsteiner and K. Breitfuß. Security in near field communication. Workshop on RFID Security, 2006. http://www.androidauthority.com/what-is-nfc-270730/, 10-09-2014 http://www.androidauthority.com/what-is-nfc-270730/ C. Mulliner, "Vulnerability Analysis and Attacks on NFC- enabled Mobile Phones," in Proceedings of the International Conference on Availability, Reliability and Security (ARES '09), pp. 695-700, 2009

14 Thank you for your attention

Download ppt "NFC Security What is NFC? NFC Possible Security Attacks. NFC Security Attacks Countermeasures. Conclusion. References."

Similar presentations

Wi-Fi Technology.

Wi-Fi Technology.
Michal Bodlák. Referred to as mobile money, mobile money transfer, and mobile wallet generally refer to payment services operated under financial regulation.

Michal Bodlák. Referred to as mobile money, mobile money transfer, and mobile wallet generally refer to payment services operated under financial regulation.
Technical Issues Regarding Near Field Communication Group 16 Tyler Swofford Matthew Kotan.

Technical Issues Regarding Near Field Communication Group 16 Tyler Swofford Matthew Kotan.
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
NFC Devices: Security and Privacy

NFC Devices: Security and Privacy
NEAR-FIELD COMMUNICATION MAKING LIFE EASY Presenter: Grace Chen NFC Technology.

NEAR-FIELD COMMUNICATION MAKING LIFE EASY Presenter: Grace Chen NFC Technology.
5Ws on NFC Andrea Vitaletti. Overview What Where Why When Who 5Ws.

5Ws on NFC Andrea Vitaletti. Overview What Where Why When Who 5Ws.
Timo Kasper Crete, Greece May 10, 2007 An Embedded System for Practical Security Analysis of Contactless Smartcards Timo Kasper, Dario Carluccio and Christof.

Timo Kasper Crete, Greece May 10, 2007 An Embedded System for Practical Security Analysis of Contactless Smartcards Timo Kasper, Dario Carluccio and Christof.
Yossef Oren, Dvir Schirman, and Avishai Wool: Tel Aviv University ESORICS 2013.

Yossef Oren, Dvir Schirman, and Avishai Wool: Tel Aviv University ESORICS 2013.
Security for RFID Department of Information Management, ChaoYang University of Technology. Speaker : Che-Hao Chen ( 陳哲豪 ) Date:2006/01/18.

Security for RFID Department of Information Management, ChaoYang University of Technology. Speaker : Che-Hao Chen ( 陳哲豪 ) Date:2006/01/18.
NFC Test in Manufacturing Pi Huang

NFC Test in Manufacturing Pi Huang
Near Field Communication By Van Logan HTM 304. What is Near Field Communication Short range wireless communication technology between electronic devices.

Near Field Communication By Van Logan HTM 304. What is Near Field Communication Short range wireless communication technology between electronic devices.
Networks Evolving? Justin Champion C208 Ext:3723 www.staffs.ac.uk/personal/engineering_and_technology/jjc1.

Networks Evolving? Justin Champion C208 Ext:3723
One Phone to Rule Them All A Case Study Sarah-Jane Saravani Learning Hub Manager Waikato Institute of Technology, New Zealand

One Phone to Rule Them All A Case Study Sarah-Jane Saravani Learning Hub Manager Waikato Institute of Technology, New Zealand
IWD2243 Wireless & Mobile Security

IWD2243 Wireless & Mobile Security
Presented by: Arpit Jain 113050028 Guided by: Prof. D.B. Phatak.

Presented by: Arpit Jain Guided by: Prof. D.B. Phatak.
LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.

LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.
Radio Frequency Identification By Bhagyesh Lodha Vinit Mahedia Vishnu Saran Mitesh Bhawsar.

Radio Frequency Identification By Bhagyesh Lodha Vinit Mahedia Vishnu Saran Mitesh Bhawsar.
Cosc 4/5730 Android and Blackberry Near Field Communications (NFC)

Cosc 4/5730 Android and Blackberry Near Field Communications (NFC)
“Security Weakness in Bluetooth” M.Jakobsson, S.Wetzel LNCS 2020, 2001 The introduction of new technology and functionality can provides its users with.

“Security Weakness in Bluetooth” M.Jakobsson, S.Wetzel LNCS 2020, 2001 The introduction of new technology and functionality can provides its users with.

Similar presentations

Ads by Google