23 research outputs found
Host card emulation with tokenisation: Security risk assessments
Host Card Emulation (HCE) é uma arquitetura que possibilita a representação virtual (emulação) de cartões contactless, permitindo a realização de transações através dispositivos móveis com capacidade de realizar comunicações via Near-Field Communication (NFC), sem a necessidade de utilização de um microprocessador chip, Secure Element (SE), utilizado em pagamentos NFC anteriores ao HCE. No HCE, a emulação do cartão é efetuada essencialmente através de software, geralmente em aplicações do tipo wallet. No modelo de HCE com Tokenização (HCEt), que ´e o modelo HCE específico analisado nesta dissertação, a aplicação armazena tokens de pagamento, que são chaves criptográficas derivadas das chaves do cartão original, críticas, por permitirem a execução de transações, ainda que, com limitações na sua utilização. No entanto, com a migração de um ambiente resistente a violações (SE) para um ambiente não controlado (uma aplicação num dispositivo móvel), há vários riscos que devem ser avaliados adequadamente para que seja possível materializar uma implementação baseada no risco. O presente estudo descreve o modelo de HCE com Tokenização (HCEt) e identifica e avalia os seus riscos, analisando o modelo do ponto de vista de uma aplicação wallet num dispositivo móvel, que armazena tokens de pagamento para poder realizar transações contactless
On the security of mobile sensors
PhD ThesisThe age of sensor technology is upon us. Sensor-rich mobile devices
are ubiquitous. Smart-phones, tablets, and wearables are increasingly
equipped with sensors such as GPS, accelerometer, Near Field Communication
(NFC), and ambient sensors. Data provided by such sensors, combined
with the fast-growing computational capabilities on mobile platforms,
offer richer and more personalised apps. However, these sensors
introduce new security challenges to the users, and make sensor management
more complicated.
In this PhD thesis, we contribute to the field of mobile sensor security by
investigating a wide spectrum of open problems in this field covering attacks
and defences, standardisation and industrial approaches, and human
dimensions. We study the problems in detail and propose solutions.
First, we propose “Tap-Tap and Pay” (TTP), a sensor-based protocol to
prevent the Mafia attack in NFC payment. The Mafia attack is a special
type of Man-In-The-Middle attack which charges the user for something
more expensive than what she intends to pay by relaying transactions
to a remote payment terminal. In TTP, a user initiates the payment by
physically tapping her mobile phone against the reader. We observe that
this tapping causes transient vibrations at both devices which are measurable
by the embedded accelerometers. Our observations indicate that
these sensor measurements are closely correlated within the same tapping,
and different if obtained from different tapping events. By comparing the
similarity between the two measurements, the bank can distinguish the
Mafia fraud apart from a legitimate NFC transaction. The experimental
results and the user feedback suggest the practical feasibility of TTP. As
compared with previous sensor-based solutions, ours is the only one that
works even when the attacker and the user are in nearby locations or share
similar ambient environments. Second, we demonstrate an in-app attack based on a real world problem
in contactless payment known as the card collision or card clash. A card
collision happens when more than one card (or NFC-enabled device) are
presented to the payment terminal’s field, and the terminal does not know
which card to choose. By performing experiments, we observe that the
implementation of contactless terminals in practice matches neither EMV
nor ISO standards (the two primary standards for smart card payment)
on card collision. Based on this inconsistency, we propose “NFC Payment
Spy”, a malicious app that tracks the user’s contactless payment transactions.
This app, running on a smart phone, simulates a card which
requests the payment information (amount, time, etc.) from the terminal.
When the phone and the card are both presented to a contactless
terminal (given that many people use mobile case wallets to travel light
and keep wallet essentials close to hand), our app can effectively win the
race condition over the card. This attack is the first privacy attack on
contactless payments based on the problem of card collision. By showing
the feasibility of this attack, we raise awareness of privacy and security
issues in contactless payment protocols and implementation, specifically
in the presence of new technologies for payment such as mobile platforms.
Third, we show that, apart from attacking mobile devices by having access
to the sensors through native apps, we can also perform sensor-based
attacks via mobile browsers. We examine multiple browsers on Android
and iOS platforms and study their policies in granting permissions to
JavaScript code with respect to access to motion and orientation sensor
data. Based on our observations, we identify multiple vulnerabilities,
and propose “TouchSignatures” and “PINLogger.js”, two novel attacks in
which malicious JavaScript code listens to such sensor data measurements.
We demonstrate that, despite the much lower sampling rate (comparing to
a native app), a remote attacker is able to learn sensitive user information
such as physical activities, phone call timing, touch actions (tap, scroll,
hold, zoom), and PINs based on these sensor data. This is the first report
of such a JavaScript-based attack. We disclosed the above vulnerability to
the community and major mobile browser vendors classified the problem
as high-risk and fixed it accordingly.
Finally, we investigate human dimensions in the problem of sensor management.
Although different types of attacks via sensors have been known for many years, the problem of data leakage caused by sensors has remained
unsolved. While working with W3C and browser vendors to fix
the identified problem, we came to appreciate the complexity of this problem
in practice and the challenge of balancing security, usability, and functionality.
We believe a major reason for this is that users are not fully
aware of these sensors and the associated risks to their privacy and security.
Therefore, we study user understanding of mobile sensors, specifically
their risk perceptions. This is the only research to date that studies risk
perceptions for a comprehensive list of mobile sensors (25 in total). We
interview multiple participants from a range of backgrounds by providing
them with multiple self-declared questionnaires. The results indicate that
people in general do not have a good understanding of the complexities
of these sensors; hence making security judgements about these sensors
is not easy for them. We discuss how this observation, along with other
factors, renders many academic and industry solutions ineffective. This
makes the security and privacy issues of mobile sensors and other sensorenabled
technologies an important topic to be investigated further
Host Card Emulation with Tokenisation: Security Risk Assessment
Host Card Emulation (HCE) is an architecture that provides virtual representation of contactless cards, enabling transactional communication for mobile devices with Near-Field Communication (NFC) support without the need of Secure Element (SE) hardware. Performing the card emulation mainly by software, usually in wallet-like applications which store payment tokens for enabling transactions, creates several risks that need to be properly evaluated in order to be able to materialise a risk-based implementation. This paper describes the HCEt and proposes the identification and assessment of its risks through a survey conducted to specialists in the subject matter, analysing the model from the point of view of a wallet application on a mobile device that stores payment tokens to be able to perform contactless transactions. Despite the increasing complexity and specialisation of software, hardware, and the respective technical cyberattacks we conclude that the human nature remains the easiest to exploit, with greater gains
TWallet ARM TrustZone Enabled Trustable Mobile Wallet: A Case for Cryptocurrency Wallets
With the increasing popularity of Blockchains supporting virtual cryptocurrencies it has
become more important to have secure devices supporting operations in trustable cryp-
tocurrency wallets. These wallets, currently implemented as mobile Apps or components
of mobile Apps must be protected from possible intrusion attacks.
ARM TrustZone technology has made available an extension of the ARM processor ar-
chitecture, allowing for the isolation of trusted and non-trusted execution environments.
Critical components and their runtime support can be "booted" and loaded to run in
the isolated execution environment, backed by the ARM processor. The ARM TrustZone
solution provides the possible enforcement of security and privacy conditions for applica-
tions, ensuring the containment of sensitive software components and data-management
facilities, isolating them from OS-level intrusion attacks. The idea is that sensitive compo-
nents and managed data are executed with a trust computing base supported at hardware
and firmware levels, not affected by intrusions against non-protected OS-level runtime
components.
In this dissertation we propose TWallet: a solution designed as a generic model to sup-
port secure and trustable Mobile Client Wallets (implemented as mobile Apps), backed by
the ARM TrustZone technology. The objective is to manage local sensitive stored data and
processing components in a trust execution environment isolated from the Android OS.
We believe that the proposed TWallet framework model can also inspire other specific
solutions that can benefit from the isolation of sensitive components in mobile Android
Apps.
As a proof-of-concept, we used the TWallet framework model to implement a trusted
wallet application used as an Ethereum wallet, to operate with the Ethereum Blockchain.
To achieve our goals, we also conducted different experimental observations to analyze
and validate the solution, with the implemented wallet integrated, tested and validated
with the Rinkeby Ethereum Test Network.Com o aumento da popularidade de Blockchains e utilização de sistemas de criptomoedas, tornou-se cada vez mais importante a utilização de dispositivos seguros para suportar aplicações de carteiras móveis (vulgarmente conhecidas por mobile wallets ou mobile cryptowallets). Estas aplicações permitem aos utilizadores uma gestão local, cómoda, confiável e segura de dados e operações integradas com sistemas de Blockchains. Estas carteiras digitais, como aplicações móveis completas ou como componentes de outras aplicações, têm sido desenvolvidas de forma generalizada para diferentes sistemas operativos convencionais, nomeadamente para o sistema operativo Android e para diferentes sistemas
de criptomoedas.
As wallets devem permitir processar e armazenar informação sensível associada ao controlo das operações realizadas, incluindo gestão e consulta de saldos de criptomoedas, realização e consultas de históricos de movimentos de transações ou consolidação do estado destas operações integradas com as Blockchains remotas. Devem também garantir o controlo seguro e confiável do processamento criptográfico envolvido, bem como a segurança das respetivas chaves criptográficas utilizadas.
A Tecnologia ARM TrustZone disponibiliza um conjunto de extensões para as arquiteturas de processadores ARM, possibilitando o isolamento e execução de código num ambiente de execução suportado ao nível do hardware do próprio processador ARM. Isto possibilita que componentes críticos de aplicações ou de sistemas operativos suportados em processadores ARM, possam executar em ambientes isolados com minimização propiciada pelo isolamento da sua Base de Computação Confiável (ou Trusted Computing Base).
A execução em ambiente seguro suportado pela solução TrustZone pode oferecer assim um reforço adicional de propriedades de confiabilidade, segurança e privacidade. Isto possibilita isolar componentes e dados críticos de possíveis ataques ou intrusões ao nível do processamento e gestão de memória ou armazenamento suportados pelo sistema operativo ou bibliotecas middleware, como é usual no caso de aplicações móveis, executando em ambiente Android OS ou noutros sistemas operativos de dispositivos móveis.
Nesta dissertação propomos a solução TWallet, uma aproximação genérica para suporte de wallets utilizadas como aplicações móveis confiáveis em ambiente Android OS e fortalecidas pela utilização da tecnologia ARM TrustZone. O objetivo é possibilitar o isolamento de dados e componentes sensíveis deste tipo de aplicações, tornando-as mais seguras e confiáveis. Acreditamos que o modelo de desenho e implementação da solução TWallet, visto como uma framework de referência, poderá também ser utilizada no desenvolvimento de outras aplicações móveis em que o isolamento e segurança de componentes e dados críticos são requisitos semelhantes aos endereçados. Este pode ser o caso de aplicações de pagamento móvel, aplicações bancárias na área de mobile banking ou aplicações de bilhética na área vulgarmente chamada como mobile e-ticketing, entre outras.
Como prova de conceito, utilizámos a TWallet framework para implementar um protótipo de uma wallet confiável, suportável em Android OS, para gestão de operações e criptomoedas na Blockchain Ethereum. A implementação foi integrada, testada e validada na rede Rinkeby Test Network - uma rede de desenvolvimento e testes utilizada como primeiro estágio de validação de aplicações e componentes para a rede Ethereum em operação real. Para validação da solução TWallet foi realizada uma avaliação experimen-
tal. Esta avaliação envolveu a observação de indicadores de operação com verificação e comparação de diferentes métricas de operação e desempenho, bem como de alocação de recursos da aplicação protegida no modelo TWallet, comparando esses mesmo indicadores com o caso da mesma aplicação sem essa proteção
Attacks On Near Field Communication Devices
For some years, Near Field Communication (NFC) has been a popularly known technology characterized by its short-distance wireless communication, mainly used in providing different agreeable services such as payment with mobile phones in stores, Electronic Identification, Transportation Electronic Ticketing, Patient Monitoring, and Healthcare. The ability to quickly connect devices offers a level of secure communication. That notwithstanding, looking deeply at NFC and its security level, identifying threats leading to attacks that can alter the user’s confidentiality and data privacy becomes obvious. This paper summarizes some of these attacks, emphasizing four main attack vectors, bringing out a taxonomy of these attack vectors on NFC, and presenting security issues alongside privacy threats within the application environment
Mobile financial services in Ghana - Measures for achieving safety and security of services
Thesis submitted to the Department of Computer Science, Ashesi University College, in partial fulfillment of Bachelor of Science degree in Management Information Systems, April 2017The use of mobile phones has become part of the daily activities of about ninety percent of
Ghanaian adults. This has contributed to the rapid adoption of mobile financial services by
Ghanaians. In 2014, Bank of Ghana reported over two million registered users. Africa and
the rest of the world have also experienced this exponential growth in the use of mobile
financial services. Due to the huge money it is raising in that sector, fraudsters have made
several attempts on these systems leading to the loss of enormous sums of money. The
objective of this study is to understand the mobile financial service ecosystem in Ghana and
internationally, assess what risks users may face and suggest measures to help prevent or
reduce the effects of these risks.
In order to better understand the concept of mobile financial service, some academic papers
were reviewed revealing the components of the ecosystem, risks that these players may face
and some proposed solutions by scholars. Case studies, in-depth interviews and secondary
data were gathered for this research.
Findings from the data collected show that some risks users may face include: malware
infection of devices or point of sale terminals, corruption of information stored on the server
of acquirers or service providers, theft of data during transaction, including man-in-the
middle attacks, advanced persistent thefts and insecure data connectivity.
Also some mitigation measures to these threats include enforcement of two factor
authentication on systems, securing data connections using Secured Socket Layer (SSL)
authentication, secure configuration, hardening of critical servers and data encryption during
transactions.
This study is limited geographically because the interviews held included players in the
mobile financial service ecosystem in Accra only. Also only three companies were
interviewed for this study due to the limited time constraint.Ashesi University Colleg
Challenges and opportunities of mobile payments innovations
Innovation in financial services is a major trend on the sector and the payments industry is no
exception to that. New ways of paying, as mobile payments, are emerging and changing the
payments market. Non-financial institutions are entering the market through the provision of
mobile payments, threatening the dominant position banks hold in the industry. This thesis aim
is to analyze mobile payments as a service innovation, primarily through the spectrum of banks
as old incumbents in this market. To understand the traits and main characteristics of these
products, as well as how innovation in mobile payments is changing or even creating a new
market.
The results of the study suggest that we are facing a radical innovation, according to the Gallouj
and Weinstein (1997) modes and models of innovation, as there is a completely new system
behind mobile payments services. This innovation is assuming different forms and is still hard
to infer if mobile payments are creating a new market, as these kind of services are still majorly
seen by experts in the area, who were interviewed for this study, as a complement to other ways
of paying, regardless of being a complete new system with different competences needed for
operating. With regard to the new and different providers of these services operating in the
market, it was found that they can be segmented into three clusters with different characteristics:
Banks, which are the traditional incumbents of this market; Mobile Network Operators &
Manufacturers, which are extremely focused on technology and data; Others, which include
companies from other sectors, fintechs or other startups, characterized by being very innovative
and flexible. These new services come with new market dynamics involving companies that
traditionally were not associated with the provision of financial services, and threatening the
relevance banks used to have in the payments industry.A inovação nos serviços financeiros é uma tendência geral do sector e a área dos pagamentos
não é exceção. A área financeira dos pagamentos tem sofrido enormes mudanças, o que está a
ter implicações nos mercados financeiros, e em particular nos serviços de pagamentos. Várias
instituições não financeiras estão a entrar no mercado através da criação de novos serviços de
pagamentos móveis, ameaçando a posição dominante que os bancos possuíam na área. Esta tese
tem como objetivo analisar os pagamentos móveis enquanto uma inovação em serviços,
focando principalmente a perspetiva dos bancos que tradicionalmente possuíam uma posição
dominante neste mercado. A tese pretende entender e discutir as principais características destes
produtos inovadores de pagamentos móveis, bem como se estes novos serviços estão a mudar
ou mesmo a criar um novo mercado. Os resultados deste estudo sugerem que estamos perante uma inovação radical, pois de acordo com os modos e modelos de inovação de Gallouj e Weinstein (1997), os serviços de pagamentos móveis são um novo sistema de pagamentos. Esta inovação tem assumido diferentes formas, havendo ainda um elevado grau de ambiguidade quanto à sua capacidade de geração de um novo mercado, já que este tipo de serviços são considerados por especialistas da área, que foram entrevistados no âmbito deste estudo, como um complemento a outros métodos de pagamento. Isto, apesar de se tratar de um sistema novo com diferentes competências necessárias à sua execução e utilização. O estudo conclui que os fornecedores destes serviços podem ser segmentados em três clusters com diferentes características: Bancos, os tradicionais incumbentes deste mercado; Fabricantes e Operadores de redes móveis, que são extremamente focados em tecnologia e data; Outros, incluindo empresas de outros sectores, fintechs e outras start-ups, caracterizados por serem extremamente inovadores e flexíveis. O estudo evidência que estes novos serviços de pagamentos trazem novas dinâmicas ao mercado envolvendo empresas que tradicionalmente não estariam associados à prestação de serviços financeiros, o que ameaça a relevância dos bancos no sector dos pagamentos