Preventing relay attacks in mobile transactions using infrared light. / Gurulian, Iakovos; Akram, Raja; Markantonakis, Konstantinos; Mayes, Keith.

SAC '17 Proceedings of the 32nd Annual ACM Symposium on Applied Computing. ACM, 2017. p. 1724-1731.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Published

Standard

Preventing relay attacks in mobile transactions using infrared light. / Gurulian, Iakovos; Akram, Raja; Markantonakis, Konstantinos; Mayes, Keith.

SAC '17 Proceedings of the 32nd Annual ACM Symposium on Applied Computing. ACM, 2017. p. 1724-1731.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Harvard

Gurulian, I, Akram, R, Markantonakis, K & Mayes, K 2017, Preventing relay attacks in mobile transactions using infrared light. in SAC '17 Proceedings of the 32nd Annual ACM Symposium on Applied Computing. ACM, pp. 1724-1731, The 32nd ACM Symposium on Applied Computing, Marrakesh, Morocco, 3/04/17. https://doi.org/10.1145/3019612.3019794

APA

Gurulian, I., Akram, R., Markantonakis, K., & Mayes, K. (2017). Preventing relay attacks in mobile transactions using infrared light. In SAC '17 Proceedings of the 32nd Annual ACM Symposium on Applied Computing (pp. 1724-1731). ACM. https://doi.org/10.1145/3019612.3019794

Vancouver

Gurulian I, Akram R, Markantonakis K, Mayes K. Preventing relay attacks in mobile transactions using infrared light. In SAC '17 Proceedings of the 32nd Annual ACM Symposium on Applied Computing. ACM. 2017. p. 1724-1731 https://doi.org/10.1145/3019612.3019794

Author

Gurulian, Iakovos ; Akram, Raja ; Markantonakis, Konstantinos ; Mayes, Keith. / Preventing relay attacks in mobile transactions using infrared light. SAC '17 Proceedings of the 32nd Annual ACM Symposium on Applied Computing. ACM, 2017. pp. 1724-1731

BibTeX

@inproceedings{773ed178451040929e087362e6a18c1f,
title = "Preventing relay attacks in mobile transactions using infrared light",
abstract = "Near Field Technology (NFC) enables a smartphone to emulate a smart card, enabling it to provide services, like banking and transport ticketing. Similar to smart cards, NFC-based transactions are susceptible to relay attacks. Distance bounding protocols have been proposed for smart cards to counter relay attacks. However, this may not be effective in the field of mobile transactions, due to their requirement of high time-delay sensitivity and specialised hardware. A number of proposals are being put forward that show that sensing the natural ambient environment is an effective anti-relay mechanism. Existing literature neither involves a threat actor in their analysis nor they are in compliance with EMV's transaction requirement of 500ms. In this paper, we look at the anti-relay mechanism from a different point of view. Instead of measuring the natural ambience, we generate and measure a unique artificial ambient environment (AAE) using peripherals of the devices involved in a transaction. To evaluate our proposal and its effectiveness, we selected infrared from the proposed set of off-the-shelf actuator/sensor pairs available on modern smartphones. We designed and deployed six distinct test-beds, each based on a unique method of relay attack, in order to evaluate the effectiveness of our proposal in the context of infrared. From our experimentations, we can empirically state that infrared showed high success rate in relay attack detection - higher than any existing work in academic literature.",
keywords = "Mobile Payments, Relay Attacks, Artificial Ambient Environment, Contactless, Infrared, Experimental Analysis",
author = "Iakovos Gurulian and Raja Akram and Konstantinos Markantonakis and Keith Mayes",
year = "2017",
month = "4",
day = "3",
doi = "10.1145/3019612.3019794",
language = "English",
pages = "1724--1731",
booktitle = "SAC '17 Proceedings of the 32nd Annual ACM Symposium on Applied Computing",
publisher = "ACM",

}

RIS

TY - GEN

T1 - Preventing relay attacks in mobile transactions using infrared light

AU - Gurulian, Iakovos

AU - Akram, Raja

AU - Markantonakis, Konstantinos

AU - Mayes, Keith

PY - 2017/4/3

Y1 - 2017/4/3

N2 - Near Field Technology (NFC) enables a smartphone to emulate a smart card, enabling it to provide services, like banking and transport ticketing. Similar to smart cards, NFC-based transactions are susceptible to relay attacks. Distance bounding protocols have been proposed for smart cards to counter relay attacks. However, this may not be effective in the field of mobile transactions, due to their requirement of high time-delay sensitivity and specialised hardware. A number of proposals are being put forward that show that sensing the natural ambient environment is an effective anti-relay mechanism. Existing literature neither involves a threat actor in their analysis nor they are in compliance with EMV's transaction requirement of 500ms. In this paper, we look at the anti-relay mechanism from a different point of view. Instead of measuring the natural ambience, we generate and measure a unique artificial ambient environment (AAE) using peripherals of the devices involved in a transaction. To evaluate our proposal and its effectiveness, we selected infrared from the proposed set of off-the-shelf actuator/sensor pairs available on modern smartphones. We designed and deployed six distinct test-beds, each based on a unique method of relay attack, in order to evaluate the effectiveness of our proposal in the context of infrared. From our experimentations, we can empirically state that infrared showed high success rate in relay attack detection - higher than any existing work in academic literature.

AB - Near Field Technology (NFC) enables a smartphone to emulate a smart card, enabling it to provide services, like banking and transport ticketing. Similar to smart cards, NFC-based transactions are susceptible to relay attacks. Distance bounding protocols have been proposed for smart cards to counter relay attacks. However, this may not be effective in the field of mobile transactions, due to their requirement of high time-delay sensitivity and specialised hardware. A number of proposals are being put forward that show that sensing the natural ambient environment is an effective anti-relay mechanism. Existing literature neither involves a threat actor in their analysis nor they are in compliance with EMV's transaction requirement of 500ms. In this paper, we look at the anti-relay mechanism from a different point of view. Instead of measuring the natural ambience, we generate and measure a unique artificial ambient environment (AAE) using peripherals of the devices involved in a transaction. To evaluate our proposal and its effectiveness, we selected infrared from the proposed set of off-the-shelf actuator/sensor pairs available on modern smartphones. We designed and deployed six distinct test-beds, each based on a unique method of relay attack, in order to evaluate the effectiveness of our proposal in the context of infrared. From our experimentations, we can empirically state that infrared showed high success rate in relay attack detection - higher than any existing work in academic literature.

KW - Mobile Payments

KW - Relay Attacks

KW - Artificial Ambient Environment

KW - Contactless

KW - Infrared

KW - Experimental Analysis

U2 - 10.1145/3019612.3019794

DO - 10.1145/3019612.3019794

M3 - Conference contribution

SP - 1724

EP - 1731

BT - SAC '17 Proceedings of the 32nd Annual ACM Symposium on Applied Computing

PB - ACM

ER -