Questions tagged [nfc]
NFC (Near-Field Communication) is a short-range wireless technology, typically requiring a distance of 4cm or less to initiate a connection between two endpoints.
93 questions
3
votes
1
answer
206
views
Understanding and Troubleshooting TAG IC Signature Verification Failure
I have a number of NFC tags with the following metadata:
[usb] pm3 --> hf mfu info
[=] --- Tag Information --------------------------
[+] TYPE: NTAG 215 504bytes (NT2H1511G0DU)
[+] ...
- 131
0
votes
1
answer
132
views
Can NFC pose a risk without user interaction?
While I doubt I would ever be tricked into performing the required user interaction for an attack, should I still disable the NFC feature of my mobile phone when it isn’t needed?
For example: if my ...
- 4,795
1
vote
1
answer
180
views
Is it always possible to copy digital information from a physical medium?
If I have access to the physical medium on which information is stored (hard drive, NFC chip, SSD), are there any physical measures possible to stop me from cloning the exact data to a duplicate?
...
- 121
0
votes
0
answers
138
views
How to avoid non-in-person "handshakes" and spoofing due to compromised URL data on NFC card
I am designing a system that allows users to purchase my NFC cards and sign up for an account on my online SaaS website.
The System
For the sake of explanation, assume the website is hosted at domain ...
4
votes
0
answers
5k
views
Are there any risks sharing my phone's SEID number with the bank of my credit card?
I was not able to add a credit card to Apple Pay on an iPhone. The bank told me that they need the SEID number of the phone to resolve the issue.
By a quick search on the Internet, I learned that the ...
- 141
1
vote
1
answer
208
views
Are Bluetooth and/or NFC anonymous?
Suppose I have a smartphone and I have disabled all usual de-anonymizing things (e.g., wifi probe requests). My phone sends some data over Bluetooth (or NFC) to device A, and then at a different place ...
- 111
0
votes
0
answers
2k
views
Is using the CSN of a mifare desfire EV2 safe?
From what I know, Mifare Classic cards are easy to copy/clone using a device such as a flipperzero, and it has to do with authentication using the CSN (card serial number)
However, let's say that a ...
- 1
0
votes
0
answers
178
views
What kind of security protocols do current NFC or RFID based technologies use?
I have an information security class this semester, and I need to write a paper evaluating how secure NFC and RFID technology is.
A lot of questions previously asked here are at least 3 years old, and ...
- 1
0
votes
1
answer
352
views
If the terminal is malicious, is paying with NFC still safe?
Paying with credit card's NFC. I know about tokenization and all that, but does that actually protect my card against theft when the terminal is malicious?
0
votes
0
answers
157
views
Options for Integrating or developing a physical security solution (physical access control via in-house mobile apps [NFC/Bluetooh])
Our team is looking to either integrate or develop a physical security solution for a rather large campus.
Requirements:
Ability to either integrate (with reader/electronic lock hardware) from our ...
- 113
2
votes
0
answers
526
views
What are the security risks to NFC based YubiKeys?
What are the risks of using NFC on a YubiKey versus just a hard connector?
I imagine it would be possible to sniff some data off of these security keys? How real is the risk of sniffing and what could ...
- 123
3
votes
1
answer
1k
views
Is it possible to emulate a full (mifare 1k) card with the ChameleonMini (Rev.G 2)?
I am testing a lock box I own, it uses a Mifare 1k lock with default key, and I use a keyfob to unlock it.
I have both a Proxmark3 and a ChameleonMini.
With the Proxmark3 I am able to both clone the ...
- 234
1
vote
0
answers
193
views
Any NFC readers (Android or iOS) able to access the ePassport raw (still encrypted) data e.g. without the Basic Access Control (BAC)?
Firstly, I assume it's possible to passively read the encrypted data from a ePassport NFC chip?
All of the NFC scanning apps fail to load anything without the BAC. We are not interested in the ...
- 11
2
votes
1
answer
196
views
How is the timer implemented in mutual distance-bounding protocols?
I've come across several papers introducing the concept of mutual distance-bounding, where basically both sides can verify an upper bound of the distance in between, rather than having this unilateral ...
- 121
1
vote
1
answer
2k
views
Are there any contactless (RFID/NFC) card vulnerabilities that are still unsolved? even minor ones
The title is pretty self explanatory. The market is pretty secretive about these kinds of matter since companies won't give out vulnerabilities for attackers to abuse and will give out vulnerabilities ...
- 25