NFC (Near Field Communication) defines the set of RFID standards designed to bidirectionally communicate via wireless and interchange data point-to-point between devices in proximity, normally a few centimeters (up to 10cm). Services that use NFC communications as contactless payments are exponentially growing: Public transport, parkings, fast supermarket cashers, vending machines and even NFC-capable credit/debit cards.In this talk, we investigate relay attacks in NFC-capable credit/debit cards. This attack exploits the communication proximity principle in NFC, which is shown to be non secure. Although a lot of attack countermeasures exist, they do not face with this attack vector since up to date special hardware was required to perform it. However, the story is rewritten with the NFC-capable mobile devices available in the market.
This work shows how nowadays a relay attack in NFC-capable credit/debit cards is possible using an NFC-capable Android device without further modifications (i.e., no root permissions, custom firmware, or custom OS are required). A PoC app implementing the attack is shown in the talk, as well as distributed relay attack scenarios that might become real before long.