Security for near field communication systems in e-Payment application

onal attacks [3]. In the next section, the paper presents measures to prevent the indicated security risks. Finally, we suggest a total solution based on the design and creation of a complete NFC system for one of the applications that need the highest security- payment via smart card on the latest components in the NFC field of NXP. Keywords: NFC; E-payment; Mifare DESfire; EV2; RF; Hardware security; Digital channel. 1. OVERVIEW AND SECURITY ISSUES OF NEAR FIELD COMMUNICATION SYSTEMS 1.1. Overview of near field communication system Near Field Communication (NFC) is a technology for short-distance, wireless, high-frequency point-to-point communications. The operating range of NFC is within 20 cm [3], which is good from a security perspective as it reduces the risk of eavesdropping. Other reasons to use NFC are the low cost of the required components and the connection time is negligible. It is a small circuit attached to a small antenna, capable of transmitting data up to several meters to a reading device (reader) in response to the query. The world NFC market is predicted to generate $ 24 billion in revenue by 2020 [1]. North America dominates the world NFC market, due to the strong demand from the US, but the trend shows the Asia-Pacific region will have a faster growth rate in the next period 1 . Key companies currently doing research and development in this area include Infineon Technologies, Apple Inc., NXP, Samsung Electronics Co. Ltd., Broadcom Corporation, Toshiba Corporation, and Inside Secure - now acquired by Intel [14]. In this paper, we focus on the product lines from NXP, considering this is the most representative NFC devices and NXP currently is the biggest NFC supplier worldwide1. Particularly, the most representative product lines of the company today, NFC EV2 smart card and MCU PN7462AU integrated front-end MCU for the smart card reader [2]. A basic NFC system consists of two main components: The reader and the tags or interacting device, which is an object with an embedded NFC chip, the latter can be either a standalone smart card or mobile phone, camera, or other objects with embedded NFC chip. For complex systems, additional components may exist such as computers, networks, servers, additional security components such as biometric security: fingerprint sensor, face recognition camera, and other executive components, services such as opening and closing, ATM, cumulative counter, etc. 1 Most NFC chips, NFC tags are now manufactured by NXP, while others have a small market share (According to www.grandviewresearch.com). Thông tin khoa học công nghệ Tạp chí Nghiên cứu KH&CN quân sự, Số Đặc san Viện Điện tử, 9 - 2020 241 Figure 1. Components of the NFC system and interactive operation of NFC. The analysis in [1] indicates that most NFC tags are passive, meaning they are battery-free and get power from the query signal. They can be attached to almost everything: goods, clothing, food, access cards, etc. Up to date, there are three typical applications of NFC technology which are subsequently discussed in the following: Wireless token, pair devices, e-ticket, e-payment, etc. When tags and devices with NFC chips are put into the interaction distance of the RF field created by the NFC reader, the processes take place as follows: the card receives energy from the RF signal through electromagnetic induction from its integrated antenna, accumulates through the circuit to create a stable power source for the chip in the card to start working. The interactive device generates synchronous pulses as well as initiates a question-and-answer process to authenticate the protocol, access rights of the card, secret keys for code, and pseudo-transmitting information. 1.2. Security in the NFC system Since NFC is a wireless communication interface, there are inevitable security threats associated with the transmission medium and its transmitted data. When two devices communicate via NFC, they use RF waves to talk to each other. An attacker could easily catch the transmitted data via the RF interface and with sufficient samples or when the data is not encrypted, the attacker can gain the necessary knowledge about the actual contents. This can be done without any special equipment and potentially lead to severe consequences in some critical applications such as e-banking, e-payment, and/or military applications. In 2018, Slawomir Jasek, a 10-years experienced IT security consultant, published a "Guide to hacking RFID / NFC systems 2018" publicly on the Internet. In this book, Jasek gives detailed instructions for “hacking” an RFID/NFC system based on the eavesdropping model to collect the secret key in the card. The hacked target is high-end RFID tags to NFC tags of Mifare (Classic, PLUS SL1, EV1) [3]. Jasek demonstration and other reports from the professional cryptanalysts as well as hackers’ activities place a big question on the security of the NFC system. And it the problem persists, this could directly limit the application ability of the technology and could lead to a great negative financial impact. In 2018, the MifareDESfire card was introduced with enhanced security features and is expected to address the majority of the security issues of the Kỹ thuật điện tử P. T. Cong, , L. H. Nam, “Security for near field in e-payment application.” 242 precursors. Subsequently, NXP has researched and developed the MifareDESfire EV2 series [1] by adding many strong features, focusing on data security, etc. This technology is the main focus of this report and is adopted for designing a complete professional e-payment system. The remaining of this report is organized as follows, Section 2 present the major NFC security threats. Section 3 describes the implementation of the e-payment system using MifareDESfire EV2, followed by the conclusion. 2. METHODS TO ENHANCE SECURITY IN NFC SYSTEMS In this report, we analyze different security aspects in the NFC interface. There are five major security threats on the NFC system: Eavesdrop, data corruption, data modification, data insertion, MITM attack as described in [1]. This section presents a summary of the basic countermeasures against those security risks. NFC system can be considered as a digital radio communication system, hence, all described countermeasures are for protecting the digital channel against unauthorized access. Anti eavesdropping NFC itself cannot protect against eavesdropping. It is important to note that data transmitted in passive mode is significantly less vulnerable to eavesdropping, but using passive mode may not be sufficient for most important data transfer applications. The only real solution to protect against eavesdropping is to establish a secure channel that will be presented in Section 3. Anti data corruption NFC devices can counteract this attack because they can check the RF field, while they are transmitting data. If an NFC device does this, it will be able to detect the attack. The capacity required to corrupt data is significantly greater than the capacity that NFC devices can detect. Therefore, every such attack should be detected. Besides, the operation of the user when touching the card to the reader may also occur in case of corrupted or lost data; Data transmission was interrupted due to interference. In this case, the new types of protocols used for NFC have integrated additional "anti-tear" data. This method will be presented in more detail in section Mifare DESfire EV2 in section 3 of the paper. Anti data modification Protection against data modification can be achieved in various ways. By using 106k Baud in operating mode, an attacker cannot modify all data transmitted via the RF link as described. This means that there is a need to operate in both directions to protect against data modification. While this is possible, this has a major drawback, which is that this mode is most likely to be bugged. Besides, the protection against modification is not perfect, because even at 106k Baud, some bits can be modified. Two other options can, therefore, be preferred. NFC device can check the RF field during sending. This means that the sending device can continually check for such an attack and may stop transmitting data when an attack is detected. The third and perhaps best solution would be a secure channel as described in section 3. Thông tin khoa học công nghệ Tạp chí Nghiên cứu KH&CN quân sự, Số Đặc san Viện Điện tử, 9 - 2020 243 Anti data insertion There are three possible countermeasures to insertion attacks. First, the card performs the answering device without delay. In this case, the attacker cannot be faster than the correct device. The controller may be as fast as the correct device, but if two devices reply at the same time, they will not receive the correct data. The second countermeasure might be listening by the channel answering device during that time, it opens and the starting point of the line. The device can then detect an attacker who wants to insert data. And the third option is to establish a secure channel between the two devices. Anti Man in the Middle attack As stated in the section above, it is practically impossible to carry out an intermediary attack on the NFC link. It is recommended to use the active-passive communication mode so that the RF field is continuously generated by one of the valid parties. Also, the operator should listen for RF submissions while sending data so that it can detect any disturbance caused by an attacker likely to cause it. 3. DESIGN A HIGH-SECURITY NFC SYSTEM AND THE EXPERIMENTAL MODEL FOR E-PAYMENT This section proposes a total solution to build an NFC system with the up-to- dated security features based on the latest technologies of NXP with Mifare Desfire EV2 and PN7462 chips. The design of a complete NFC system, including the hardware and software modules, have been presented. The design strictly follows the technical standards and requirements from the manufacturer, especially for the security aspects. The data exchange between the card readers and cards is fully encrypted by using either AES-128 or 3-DES. The secret key is negotiated and shared via a private and proprietary channel. The system has been fully implemented and tested. The practical test results indicate that the designed system meets the basic features for an NFC card payment service and is ready for real applications. 3.1. Design specialized NFC interactive equipment and specialized proximity coupling device In this work, we have developed to make two types of interactive devices. One is the card formatted, that performs card format, that including setting up secret key for the card via a proprietary interface (i.e., accessible by NXP proprietary devices only). The other is the card reader performs all basic interactions with the card such as: read the contents of the card, top-up and deduct the value of the card, record the card's ID, and interact with the computer to receive orders and respond to the status. These two interactive devices have the same hardware principle diagram, the difference here is that the latter is equipped additional display section for users to easily observe and track the interaction process of the card. The power of the system uses two main voltages: 3.3V and 5V, the power supply for the system is designed to input a wide voltage range but does not need to be high stability. The main solution consists of an AC bridge implemented on four Schottky PMEG302EJ diodes with a withstand voltage of up to 30V and a Kỹ thuật điện tử P. T. Cong, , L. H. Nam, “Security for near field in e-payment application.” 244 current of up to 2A. After the bridge rectifier, the supply voltage is flattened by using anti-interference filter capacitors C80 and C81; the 5V stable DC power source after rectifier is fed to NCP1117 voltage stabilizer IC; subsequently, output the voltage stabilizer is fed to 3.3V ADP3338KCZ voltage regulator to produce the main 3.3V DC for MCU unit. Figure 2. Schematics of the reader device. The MCU unit principle diagram is adopted similar to the version of Development Kit OM27462CDK from NXP. We have omitted many parts that are not necessary for our final application to simplify the design and reduce the cost. The core of this central processing unit is the PN7462AU MCU, which operates with external quartz with a very special oscillator frequency of 27.15 Mhz, this frequency is the basis for generating RF frequency of 13.56 Mhz of electromagnetic field serves as the transmission medium as well as powering the operation card. Besides, there is a circuit that connects the USB port to transfer data to the computer. In addition, there are signal lights, filter capacitors, pulling resistors and auxiliary current limiting added to the schematic. The adaptation of the impedance circuit is designed according to the manufacturer's instructions and recommendations according to the datasheet. The circuit is designed into two symmetrical branches, both in type and value of components, the RF signal of frequency 13.56 Mhz is fed directly from these two branches, through amplifier and adaption circuits lead to the antenna block. Antennas are designed according to the recommendation from the manufacturer. PS1 and PS2 lines are designed according to closed-loop circuits forming a coil so that the impedance and amplification meet the standard requirements. The card format device has a special key function which is to format the card and issue a secret key to the card. All processes take place with the highest reliability. Therefore, the power supply for the card needs to be maintained at the Thông tin khoa học công nghệ Tạp chí Nghiên cứu KH&CN quân sự, Số Đặc san Viện Điện tử, 9 - 2020 245 most stable level so that during the process of formatting and transmitting the secret key and the antenna is designed with a sufficiently large size. Figure 3. PCB of card format device and PCD. Figure 4. The shape and layout of the card format device and PCD. Specialized PCD is designed with a compact shape that is convenient to deploy in public service areas, so in the design, it integrates both central processing unit and antenna on one board with compact size. The PCB designs and the final prototypes are shown in Fig. 4. 3.2. Communication protocols setting for card and reader According to the datasheet of the EV2 card, the algorithm flowchart of the card's protocol with the reader is shown in figure 5. From the figure, when the card is outside the interactive field, it will be off, when entering the interactive field, the induction circuits accumulate energy and the card becomes activate and start listening. After that, the card is ready for issuing commands AC, nAC, SELECT, nSELECT, HLTA, error, REQA, WUPA to get ready. When ready, if the tag receives a SELECT statement, the tag enters the active state; In other cases, the card will return to the listening state. In the active mode, the card will wait for media protocol confirmation, if the card and the reader agree on the communication protocol standard, the data transmission can be started. From there, the flowchart of the algorithm for setting the protocol for the EV2 card reader can be constructed as follow. Initially, the reader sent the REQA command, waiting for the ATQA command response from the card (structure these commands according to the standard ISO 14443). Next comes the anti-conflict loop as described above. By checking the SAK from the feedback card, the reader Kỹ thuật điện tử P. T. Cong, , L. H. Nam, “Security for near field in e-payment application.” 246 will enter a communication state with the card according to ISO 14443-4 or enter the state of self-adaptive commands and protocols. This state is the open state of the reader when it needs to interact with other cards and other functions, more protocols and procedures can be implemented for the reader. Figure 5. Set up communication protocols for EV2 card and PCD. Once the card and the reader have passed the selection, anti-collision, authentication steps, and the protocol according to ISO 14443-4, the data transmission will be conducted through encryption and pseudocode stages using AES128 or 3DES. The secret key is programmed into the card via a proprietary protocol provided by the manufacturer (In this work, a specialized reader was designed for key programming). 3.3. Testing the designed system in a practical e-payment system To demonstrate the format of the card and issue the secret key to the card, we use NXP tag Info software installed on mobile devices with NFC to read the card. With the new unformatted card, we can read the card on mobile devices in the free access mode, i.e., no secret key is programmed and used for communication. In this mode, all the memory on the card has not been granted a secret key to encrypt data, grant access to applications, all memory on the card can be read easily by the Firm's dedicated software, we can read and write to the device or change the lock. The message transmitted is completely plaintext. Once the card is formatted, a secret key is generated issued to the card, the readable contents on the card by NXP tag Info software then will need to know the secret key to access the content of the card. Furthermore, we set up a test model that consists of a computer connected to an interaction device. The commands are issued from the console to conduct read and write operations on the EV2 card. The task of transmitting commands from computers and receiving answers from interactive devices is carried out via Comport Tool Kit 4.0 software. In this test, the EV2 card is adopted as an Thông tin khoa học công nghệ Tạp chí Nghiên cứu KH&CN quân sự, Số Đặc san Viện Điện tử, 9 - 2020 247 e-payment device and the interactive operation is fully done via the secure channel, i.e., when the card is formatted and issued a secret key. The card is programmed to store a dedicated amount (of money), then this card interacts with the reader to perform the typical operations of an e-payment card, which is to deduce, to top-up or to query the card information. Those operations are illustrated in Fig. 7. Figure 6. The memory areas on the EV2 card are displayed by NXP's TagInfo software for unformatted (a) and formated (b) card. Figure 7. Top up, deduct value, and query data from the formatted card via a secure channel. Kỹ thuật điện tử P. T. Cong, , L. H. Nam, “Security for near field in e-payment application.” 248 4. CONCLUSIONS This paper has conducted a comprehensive study on the NFC system and application, which specially focuses on the security aspects. First, the fundamental background and basic concepts of NFC systems have been presented. The security issues in NFC systems, which are the main focus of this paper then have been discussed. A throughout survey on theoretical and practical security breaches of the NFC has been given that concludes that the security threat is serious and it could have a strong impact on the development and application of NFC. Therefore, it is essential to have enhanced technology for securing the NFC system. The remaining of the paper presented a practical solution from NXP to tackle the security issue in the next generation of NXP devices and systems. This solution has been fully deployed as a complete system, including hardware and software modules for programming the cards and these interactions. The practical verification result of the deployed system showed that the proposed solution meets most of the basic requirements. As the major technical enhancement, the communication channel is encrypted by using adequate ciphers (AES or TDES), where the key exchange is conducted through a proprietary tool and device. The testing scenarios for the system is built based on the real e-payment application. The major testing results indicate that the system can successfully perform secure transactions and is ready for the actual application. REFERENCES [1]. M. M. A. Allah, "Strengths and Weaknesses of Near Field Communication (NFC) Technology," Global Journal of Computer Science and Technology, p. 7, 2011. [2]. S. D. Dominic Schurmann, "OpenKeychain: An Architecture for Cryptography with Smart Cards and NFC Rings on Android," LARS WOLF, Vols. Vol. 1, No. 3,Article99, no. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies, p. 24, 2017. [3]. S. Jasek, “A 2018 practical guide to hacking NFC/RFID”, Kraków: Confidence, 2018. [4]. R. Meindl, “NFCIP-1 Security Standard Protects Near Field Communication”, Sophia Antipolis: ETSI Security Workshop, 2009. [5]. NXP, “MIFARE product and handling of UIDs AN10927”, Eindhoven, Netherlands: NXP.com, 2019. [6]. R. T. Tarang, "A Literature Survey on Near Field Communication," American International Journal of Research in Science, Technology, Engineering & Mathematics, p. 9, 2017. [7]. Y. W. W. C. Jie Ling, "An Improved Privacy Protection Security Protocol Based on NFC," International Journal of Network Security, vol. 19, pp. 39-46, 2017. [8]. K. L. M. S. T. S. L. Z. Dennis Giese, “Security Analysis of Near-Field Communication (NFC) Payments”, 2018. [9]. "https://www.grandviewresearch.com/press-release/global near field communication nfc market," Grand View Research, Inc, October 2016. [Online]. [Accessed 19 April 2020]. Thông tin khoa học công nghệ Tạp chí Nghiên cứu KH&CN quân sự, Số Đặc san Viện Điện tử, 9 - 2020 249 TÓM TẮT BẢO MẬT CHO HỆ THỐNG THÔNG TIN TRƯỜNG GẦN (NFC) TRONG ỨNG DỤNG THANH TOÁN ĐIỆN TỬ Bài báo trình bày kết quả nghiên cứu về an ninh cho hệ thống thông tin trường gần gồm một số nội dung: Tổng quan và thực trạng phát triển của các hệ thống thông tin trường gần NFC; Thành phần của các hệ thống thông tin trường gần; ứng dụng và tương lai phát triển của hệ thống NFC trong thực tế; những nguy cơ và giải pháp an ninh bảo mật cho hệ thống NFC; cập nhật những hoạt động của hacker trên thế giới cũng như giải pháp mới nhất của hãng NXP trong lĩnh vực NFC; ứng dụng những giải pháp công nghệ mới của NXP để xây dựng hệ thống thực nghiệm; thử nghiệm và phát triển ứng dụng thanh toán điện tử. Nội dung nghiên cứu trình bày trong bài báo là kết quả của sự tổng hợp, nghiên cứu từ nhiều nguồn tài liệu, các bài báo khoa học khác nhau để đưa ra những nội dung tổng quát, chi tiết nhất về vấn đề nghiên cứu. Từ khóa: NFC; Thanh toán điện tử; Mifare DESfire; EV2; Bảo mật. Received 6 th April 2020 Revised 21 th August 2020 Published 28 th August 2020 Địa chỉ: 1Viện Điện tử, Viện Khoa học và Công nghệ quân sự. 2Học viện Kỹ thuật quân sự. *Email: thanhcongvdt@gmail.com.