Artificial Ambient Environments for Proximity Critical Applications

Iakovos Gurulian, Konstantinos Markantonakis, Raja Akram, Keith Mayes

Research output: Chapter in Book/Report/Conference proceedingConference contribution

182 Downloads (Pure)


In the field of smartphones a number of proposals suggest that sensing the ambient environment can act as an effective anti-relay mechanism. However, existing literature is not compliant with industry standards (e.g. EMV and ITSO) that require transactions to complete within a certain time-frame (e.g. 500ms in the case of EMV contactless payments). In previous work the generation of an artificial ambient environment (AAE), and especially the use of infrared light as an AAE actuator was shown to have high success rate in relay attacks detection. In this paper we investigate the application of infrared as a relay attack detection technique in various scenarios, namely, contactless transactions (mobile payments, transportation ticketing, and physical access control), and continuous Two-Factor Authentication. Operating requirements and architectures are proposed for each scenario, while taking into account industry imposed performance requirements, where applicable. Protocols for integrating the solution into the aforementioned scenarios are being proposed, and formally verified. The impact on the performance is assessed through practical implementation. Proposed protocols are verified using Scyther, a formal mechanical verification tool. Finally, additional scenarios, in which this technique can be applied to prevent relay or other types of attacks, are discussed.
Original languageEnglish
Title of host publicationARES '17
Subtitle of host publicationProceedings of the 12th International Conference on Availability, Reliability and Security
Number of pages10
ISBN (Electronic)978-1-4503-5257-4
Publication statusPublished - 29 Aug 2017


  • Mobile Payments
  • Relay Attacks
  • Artificial Ambient Environment
  • Contactless
  • Infrared
  • Experimental Analysis

Cite this