NFC (Near Field Communication) defines the set of RFID standards designed to communicate via wireless and interchange data point-to-point between devices in proximity, normally a few centimeters. Services that use NFC communications as contactless payments are exponentially growing: Public transport, parkings, fast supermarket cashers, vending machines and even NFC-capable credit/debit cards.
In this talk, we investigate relay attacks in NFC-capable credit/debit cards. This attack exploits the communication proximity principle in NFC, which is shown to be non secure. Although a lot of attack countermeasures exist, they do not face with this attack vector since up to date special hardware was required to perform it. However, the story is rewritten with the NFC-capable mobile devices available in the market.
This work shows how a relay attack in NFC-capable credit/debit cards is possible using an Android device with NFC capabilities without further modifications (i.e., no root required, custom firmware or custom OS). We have developed a PoC implementing the attack. Similarly, distributed relay attack scenarios that might become real in the near future will be shown.