Downloaded 112 times
Uploaded byPeter Swedin
NFC attacks
NFC attacks can be used to compromise devices and steal sensitive data. NFC allows passive communication up to 4cm and can be used to pair Bluetooth devices without user interaction, enabling theft of credit card data. Researchers have created tools like an NFC proxy Android app that can skim RFID credit cards by replaying the stolen card data to a payment terminal. Proper security measures are needed to protect against these NFC hacking techniques.
More Related Content
![Where to Buy LinkedIn Accounts_ [12 Best Sites] (2).pdf](https://cdn.slidesharecdn.com/ss_thumbnails/wheretobuylinkedinaccounts12bestsites2-251124191348-c246988b-thumbnail.jpg?width=640&height=640&fit=bounds)
NFC attacks
- 1. NFC attacks ByPeter Swedin www.omegapoint.us
- 2. This presentation wasmade possible by the awesome research of • Charlie Miller (Twitter sec team, Accuvant) • Verdult & Kooman (Radboud University, SURFnet) • Eddie Lee (Blackwing Intelligence)
- 3. What is NFC? •Set of communication protocols based on RFID (Basically all of the RFID standards plus P2P instructions) • Runs in the frequency of 13.56Mhz • Range is usually less than 4cm • Narrow bandwidth (106, 212, 424 Kbits/s)
- 4. Active Vs. Passive •Active, P2P – Both devices generates their own fields • Passive (backwards compatible mode) – Initiating device generates carrier fields – Target device modulates existing field
- 5.
- 7.
- 8.
- 9. Android Beam marketingbuzz • This is one of the most admired features of the android 4.0 ice cream sandwich update! • The users can now share music, docs, videos, and photos just in a single tap! • No need to pair the devices before exchanging the data, the new ICS had made it absolutely trouble-free!
- 11.
- 12.
- 13.
- 14.
- 15. Use NFC topair with a Bluetooth speaker
- 16. Nokia N9 Bluetoothpairing • Absolutely trouble free • Pair devices without user interaction • No need for PIN/Pwd • Does not have “Confirm sharing and connecting” enabled • Bluetooth doesn´t even have to be turned on. It will be switched on for you
- 17. Eddie Lee’s NFCproxy • Android app to skim RFID credit cards • Using the app an attacker can steal CC number, expiration date and CVV code • Replay this info to a RFID enabled POS device
- 18.
- 19. Links • NFC Proxy(Tool and Source) http://sourceforge.net/p/nfcproxy/ • Charlie Miller - NFC Attack Surface http://ia600505.us.archive.org/30/items/Defcon20Slides/D EFCON-20-Miller-NFC-Attack-Surface.pdf • Verdult & Kooman – Practical attacks http://www.cs.ru.nl/~rverdult/Practical_attacks_on_NFC_e nabled_cell_phones-NFC_2011.pdf • Eddie Lee – NFC Hacking The Easy Way http://www.blackwinghq.com/assets/labs/presentations/E ddieLeeDefcon20.pdf
- 20. The End Peter atomegapoint dot us
Editor's Notes
- #3 http://ia600505.us.archive.org/30/items/Defcon20Slides/DEFCON-20-Miller-NFC-Attack-Surface.pdfhttp://www.cs.ru.nl/~rverdult/Practical_attacks_on_NFC_enabled_cell_phones-NFC_2011.pdfhttp://www.blackwinghq.com/assets/labs/presentations/EddieLeeDefcon20.pdf