Man-in-the-Middle Attack on Contactless Payment over NFC Communications: Design, Implementation, Experiments and Detection

recent development emanating from RFID technology is Near Field Communication (NFC). Basically, NFC is a popular short range (< 10 cm) wireless communication technology with applications in areas sensitive to security and privacy concerns like contactless payment. Since NFC communications require very close proximity between two communicating devices (e.g., a smartcard and a terminal), it is generally believed that Man-in-the-Middle (MITM) attacks are practically infeasible here. Contrasting this belief, in this paper, we successfully establish MITM attack in NFC communications between a passive tag and an active terminal. We carefully present physical fundamentals of the attack, our engineering design, and results of successful attack implementation. We then identify a potential vulnerability in existing contactless payment protocols due to separation between card authentication and transaction authorization phases. We then show in this paper, how an attacker can compromise the integrity of contactless payment using a malicious MITM smartcard, and also present multiple attack/victim scenarios to demonstrate practicality of our contributions. We also conduct rigorous experimental studies to analyze both hardware and practical ramifications of our attack. Finally, we propose a countermeasure to detect the MITM attack based on experimental analysis, that does not demand any additional hardware.