1

I've come across several papers introducing the concept of mutual distance-bounding, where basically both sides can verify an upper bound of the distance in between, rather than having this unilateral relationship between a verifier and a prover. Although promising, these papers do not address the fact that in relay attacks the prover is usually an NFC capable card or chip. My question is, how can we implement a timer on this card to actually perform mutual distance-bounding protocols?

For reference, see Mutual Distance Bounding Protocols and SECTOR: Secure Tracking of Node Encounters in Multi-hop Wireless Networks.

This is a follow up question for Are there any transaction time constraints in EMV contact and contactless cards but in a broader context.

defalt
  • 6,231
  • 2
  • 22
  • 37

1 Answers1

2

It is more important for the terminal to know whether a relay device is being used than it is for the card to know whether a terminal is being relayed. Most of the threats that use relays targets terminal's point of view to trick it into accepting fraudulent transaction.

In NFC payments, transaction always goes online verification by the issuer and regardless of mode, transactions can be always traced back to the merchant who was targeted by payment fraud. Securing terminals from fraudulent cards gives more payment protection than securing cards from fake terminals.

To counter relay attack, fixing either side can prevent relays. Distance Bounding Protocol requires to be installed in both terminal and card but the role of verifier can only be performed by the terninal as smart card does not have its own internal clock.

There is a patent available for Chip card device with real time clock for credit card. To count time, a clock doesn't have to be synchronised with real time. It only has to increment a counter for every second passed when provided power and then reset it for every transaction. But this requires changes to EMV architecture which can take years to standardize. Whereas Distance Bounding Protocol only requires changes to the software.

This company is offering next generation smart cards with built-in display, touch sensitive buttons and a real time clock with its ultra low powered battery which can last for more than 5 years. Theoretically, you can use any NFC hardware where ICC can be mounted. As Mutual Distance Bounding Protocols require clock for both parties, I don't think there is any way to verify relays from the NFC card itself without the clock.

defalt
  • 6,231
  • 2
  • 22
  • 37