of 15
8/2/2019 Potential Misuse of NFC Enabled Mobile Phones
1/15
Potential Misuse of NFC Enabled Mobile Phoneswith Embedded Security Elements as Contactless
Attack Platforms, RISC (ICITST) 2009.
Lishoy Francis, Gerhard Hancke, Keith Mayes and KonstantinosMarkantonakis
The Information Security Group Smart Card Centre,Information Security Group,
Royal Holloway University of London,Egham TW20 0EX, Surrey, United Kingdom.
10 November 2009 09:00
http://find/8/2/2019 Potential Misuse of NFC Enabled Mobile Phones
2/15
..
Part I: Overview of NFC Enabled Mobile Phones.
Part II: Proposed Security Attacks.
Part III: Proposed Security Countermeasures.
Part IV: Conclusions.
http://find/8/2/2019 Potential Misuse of NFC Enabled Mobile Phones
3/15
Part I
Part I
Overview of NFC Enabled Mobile Phones
http://find/http://goback/8/2/2019 Potential Misuse of NFC Enabled Mobile Phones
4/15
Part I
.
Overview of NFC Enabled Mobile Phones
Objective:To investigate the potential misuse of NFC (Near Field Communications)enabled mobile phones with embedded Security Element (SE).
NFC is a short range and standardised (ISO 18092) wirelesscommunications technology (adds contactless functionality to mobile
devices, e.g. mobile phones and PDAs). NFC enabled mobile phone can act both as a contactless card and
a contactless reader (supports ISO 14443, ISO 15693, FeliCa andMifare Standard).
NFC finds applications in ticketing, banking, access control, etc and
is tipped to be the next click. Three architectures currently exist, SE as embedded hardware
module; SE functionality integrated into the Subscriber IdentityApplication module such as (U)SIM; SE as removable memorycomponent (Secure MMC, Secure SD).
P I
http://find/8/2/2019 Potential Misuse of NFC Enabled Mobile Phones
5/15
Part I
.
A functional view of the NFC enabled Mobile Phoneshowing relevant APIs and operational modes
Part I
http://find/8/2/2019 Potential Misuse of NFC Enabled Mobile Phones
6/15
Part I
.
Security of NFC
Secure Element (SE): controls the NFC based transactions,
establishes the trust between serviceprovider and the mobile phone.
designed to provide a secure platform for
containing sensitive applications and keymaterial.
The SE supports Java Card 2.2.1 (JavaCard Open Platform), Global Platform2.1.1 & Mifare Standard emulation.
The mobile phone vendor allows SEunlocking, which sets theauthentication keyset to a known publicvalue.
Part I
http://find/8/2/2019 Potential Misuse of NFC Enabled Mobile Phones
7/15
Part I
.
Security of NFC
Related Contactless Security Attacks: Contactless token skimmers and emulators currently exist, but a
NFC phone platform offers distinct advantages in that it is a small,mobile device and more importantly that is has an acceptable formfactor, i.e. it does not physically look like a skimmer or an emulator.
Heydt-Benjamin et.al. 2007 (skimming, replay and relaying onpayment systems).
E-passport clones (Steve Boggan article in Times, August, 2008).
Designs for hardware emulators for ISO 14443 tokens (Carluccioet.al., R. Verdult, 2006); & hardware skimmers, available for
purchase (OpenPCD.org; HF RFID Demo Tag, IAIK, Graz).
We demonstrate how a NFC mobile phone can be configured as acontactless reader which may be used as a contactless skimmingtool, and how the attacker can use the gathered information tocreate a clone by emulating a token.
Part I
http://find/http://goback/8/2/2019 Potential Misuse of NFC Enabled Mobile Phones
8/15
Part I
.
NFC Enabled Mobile Phone as a Contactless Card & as aContactless Reader
NFC Enabled Mobile Phone as a Contactless Card:
The SE supports Java Card 2.2.1 (Java Card Open Platform),Global Platform 2.1.1 & Mifare Standard emulation.
The mobile phone vendor allows SE unlocking, which sets theauthentication keyset to a known public value.
SE communicates with the NFC controller, the external readerdevice and the applications installed on the mobile phone throughwell defined, and standardised, interfaces.
NFC Enabled Mobile Phone as a Contactless Reader:
Nokia 6131 supports S40 platform, providing J2ME layer for MIDP(Mobile Information Device Profile) 2.0 applications (MIDlets). Contactless reader mode uses JSR 257 API to communicate with
any external SE and if needed uses SATSA (JSR 177) API tocommunicate with the internal SE.
JSR 257 API Extensions allow NFC enabled mobile devices tocommunicate in P2P mode.
Part II
http://find/http://goback/8/2/2019 Potential Misuse of NFC Enabled Mobile Phones
9/15
Part II
Part II
Proposed Security Attacks
Part II
http://find/http://goback/8/2/2019 Potential Misuse of NFC Enabled Mobile Phones
10/15
Proposed Security Attacks
NFC Enabled Mobile Phone as an Attack Platform
Practical Proof of Concept for the Proposed Attacks:
Transaction Data Capture & Analysis.
Captured RF (Radio Frequency) communication between acontactless card and a legacy contactless reader in our test system.
The test system is based on a static authentication system.
Developing the Clone. By default, the SE on 6131 is locked with the Issuer keyset. Unlockable, the unlocking process sets the authentication keyset to a
known public values (keyset-42). Java Card Applets which emulated the test application were loaded
and installed on the unlocked SE. Developing the Mobile Pick Pocketing Tool.
A MIDP (Mobile Information Device Profile) 2.0 application(MIDlet) running on the mobile phone which reads (skims) thecontactless card.
No code signing was required to use the contactless APIs.
Part II
http://find/8/2/2019 Potential Misuse of NFC Enabled Mobile Phones
11/15
Proposed Security Attacks
NFC Enabled Mobile Phone as an Attack Platform
a) Custom-built Sniffer & CardEmulator.
b) Skimming & Cloning using NFCMobile Phone.
Part III
http://goforward/http://find/http://goback/8/2/2019 Potential Misuse of NFC Enabled Mobile Phones
12/15
Part III
Proposed Security Countermeasures
Part III
http://find/8/2/2019 Potential Misuse of NFC Enabled Mobile Phones
13/15
Proposed Security Countermeasures
Security Countermeasures
Timing, RF Shielding may not work.
Control measures on the NFC Secure Element (SE).
Making code signing mandatory for NFC communications API.
Securing the NFC Secure Element activity.
Cryptographically linking the application to Unique Identifiers.
Application Protocol with strong cryptography (for e.g. dynamic
authentication).
Part IV
http://goforward/http://find/8/2/2019 Potential Misuse of NFC Enabled Mobile Phones
14/15
Part IV
Conclusions
Part IV
http://find/8/2/2019 Potential Misuse of NFC Enabled Mobile Phones
15/15
Conclusions
Conclusions
NFC enabled Mobile Phones are found to be easily configured asCloning, Skimming Platforms.
Legitimate form-factor of mobile phone arouse less suspicion in thepublic.
Easily and freely available development tools.
More security controls needed on the Secure Element.
If not secured, the Secure Element (SE) embedded in certain NFCmobile phones could become a platform for malicious software.
In conclusion, our findings indicate that the embedded SE with theexisting security controls and the available contactless APIs could beexploited to configure the mobile phone as a contactless attackplatform.
http://find/
