Attacks on NFC phones?
CollinMulliner showed some known theoretical attacks and how they may work in thefield. He presented results from analyzing a specific NFC mobile phone (Nokia6131 NFC), revealed some security issues and methods to exploit them. Theresearcher released on his website a small set of tools to do further analysis onNFC mobile phones and applications.
The presentation covered:• an introduction to NFC, with details about the specification, various data formats, NFC-triggered actions, and relations with RFID,
- the analysis of a NFC Nokia 6131 NFC handset, demonstration of various attacks against it, including phishing attacks, and Collin Mulliner mentioned he has been in close relation with Nokia,
- a NFC toolkit description, allowing the security professional to test and access various security features in a NFC tag and handset,
- a survey of NFC services on the field and their vulnerabilities that focused on services available in Vienna, Austria and Frankfurt, Germany: public transport in Vienna, Selecta vending machine, ÖBB (Austrian railways) tickets, RMV (public transport in Frankfurt area) tickets,
- a description of potential passive tag attacks, and hints on how to secure them.
The researcher has not yet evaluated or attacked the card emulation and secureelement.
Collin Mulliner is a full time researcher at Fraunhofer Institute for SecureInformation Technology SIT (Division for Secure Mobile Systems). He belongs tothe Trifinite Group, a bunch of computer experts that teamed up in order to dosome projects in the area of wireless devices with special focus on security. TheTrifinite Group has already published attacks on Bluetooth, PalmOS-baseddevices, as well as mobile Linux devices and PocketPC-based smart phones.