Version Hamburg2007

Vortrag: NFCGate - NFC security analysis with smartphones

Use your smartphone to relay NFC data

Event large

NFC security analysis usually requires special hardware to relay and modify NFC traffic. We developed an app to do the same using two Android smartphones. Besides relaying and modifying traffic, our app can also clone the (supposedly) Unique ID of NFC tags. This alone is enough to fool a depressing number of NFC systems.

Near-Field Communication is widely used. Payment systems, access control, and even your ID documents communicate using NFC, allowing you to conveniently have your electronic wallet emptied by criminals fellow hackers while sipping your mate at your local hackerspace. High time to take a look at how secure these systems actually are.

Previous attempts at investigating NFC security have required expensive, specialized hardware like the Proxmark 3. But pretty much all of us carry NFC readers and even emulators around in our pockets: Modern Android phones can not only read NFC tags, but also emulate them using the Host Card Emulation (HCE) feature introduced in Android 4.4. Sadly, Google really does not want this feature to be (mis)used for security analysis (or more nefarious) purposes, and they put some measures in place to prevent this.

This talk will be about how we circumvented these measures and developed NFCGate, an App that converts your average NFC-enabled smartphone into an NFC security research tool. Using two smartphones, you can relay and modify NFC traffic, and even clone the (supposedly) unique identifiers all NFC cards have. We also discuss a few NFC systems we have tested - rest assured that their security was even worse than you assumed.

Finally, we will show you how you can use our software to run your own tests. NFCGate is open source, so feel free to play around with it.


Tag: 14.04.2017
Anfang: 17:00 Uhr
Dauer: 00:45
Raum: Vortragssaal

Sprache: en


Concurrent Events