Using Ambient Sensors for Proximity and Relay Attack Detection in NFC Transactions: A Reproducibility Study

Konstantinos Markantonakis, Julia A. Meister, Iakovos Gurulian, Carlton Shepherd, Raja Naeem Akram, Sarah Hani Abu Ghazalah, Mumraiz Kasi, Damien Sauveron, Gerhard Hancke

Research output: Contribution to journalArticlepeer-review

Abstract

Near-Field Communication (NFC) has enabled mobile devices to emulate contactless smart cards, which has also rendered them susceptible to relay attacks. Numerous countermeasures have been proposed that use ambient sensors as an anti-relay mechanism. However, there are concerns regarding their efficacy in time-critical scenarios, such as transport ticketing and contactless payments. This paper empirically and comprehensively evaluates whether ambient sensors are an effective anti-relay mechanism for such NFC-based contactless transactions. To this end, we examine 17 sensors available via the Android platform. Each sensor, where feasible, was used to record measurements in 1,000 contactless transactions with 252 users across four physical locations. We then conduct an extensive four-part evaluation using similarity metrics, traditional machine learning models, and deep learning methods used in existing work and beyond. We conclude that mobile ambient sensors are currently unsuitable for detecting relay attacks on NFC contactless transactions under realistic timing constraints, contrary to the suggestions and proposals made in existing work.

Original languageEnglish
Pages (from-to)150372-150386
Number of pages15
JournalIEEE Access
Volume12
DOIs
Publication statusPublished - 24 Oct 2024

Bibliographical note

Publisher Copyright:
© 2013 IEEE.

Keywords

  • ambient sensors
  • contactless transactions
  • mobile payment
  • Near field communication (NFC)
  • relay attacks
  • security

Fingerprint

Dive into the research topics of 'Using Ambient Sensors for Proximity and Relay Attack Detection in NFC Transactions: A Reproducibility Study'. Together they form a unique fingerprint.

Cite this