TY - GEN
T1 - Evaluation of Apple iDevice Sensors as a Potential Relay Attack Countermeasure for Apple Pay
AU - Haken, Gareth
AU - Markantonakis, Konstantinos
AU - Gurulian, Iakovos
AU - Shepherd, Carlton
AU - Akram, Raja
PY - 2017/4/2
Y1 - 2017/4/2
N2 - Traditional countermeasures to relay attacks are difficult to implement on mobile devices due to hardware limitations. Establishing proximity of a payment device and terminal is the central notion of most relay attack countermeasures, and mobile devices offer new and exciting possibilities in this area of research. One such possibility is the use of on-board sensors to measure ambient data at both the payment device and terminal, with a comparison made to ascertain whether the device and terminal are in close proximity. This project focuses on the iPhone, specifically the iPhone 6S, and the potential use of its sensors to both establish proximity to a payment terminal and protect Apple Pay against relay attacks. The iPhone contains 12 sensors in total, but constraints introduced by payment schemes mean only 5 were deemed suitable to be used for this study. A series of mock transactions and relay attack attempts are enacted using an iOS application written specifically for this study. Sensor data is recorded, and then analysed to ascertain its accuracy and suitability for both proximity detection and relay attack countermeasures.
AB - Traditional countermeasures to relay attacks are difficult to implement on mobile devices due to hardware limitations. Establishing proximity of a payment device and terminal is the central notion of most relay attack countermeasures, and mobile devices offer new and exciting possibilities in this area of research. One such possibility is the use of on-board sensors to measure ambient data at both the payment device and terminal, with a comparison made to ascertain whether the device and terminal are in close proximity. This project focuses on the iPhone, specifically the iPhone 6S, and the potential use of its sensors to both establish proximity to a payment terminal and protect Apple Pay against relay attacks. The iPhone contains 12 sensors in total, but constraints introduced by payment schemes mean only 5 were deemed suitable to be used for this study. A series of mock transactions and relay attack attempts are enacted using an iOS application written specifically for this study. Sensor data is recorded, and then analysed to ascertain its accuracy and suitability for both proximity detection and relay attack countermeasures.
KW - Relay Attacks
KW - Apple Pay
KW - Ambient Sensors
U2 - 10.1145/3055186.3055201
DO - 10.1145/3055186.3055201
M3 - Conference contribution
SP - 21
EP - 32
BT - Proceedings of the 3rd ACM International Workshop on Cyber-Physical System Security
PB - ACM
CY - New York
T2 - 3rd ACM Cyber-Physical System Security Workshop (CPSS 2017)
Y2 - 2 April 2017 through 2 April 2017
ER -