The present invention relates to wireless devices and methods for providing secure data transmission with such devices.
Wireless payment devices, such as smart cards, mobile phones and personal digital assistants (PDAs) have become increasingly common for everyday purchases of goods and services. In use, such devices are typically waved or otherwise placed in close proximity to a merchant's payment terminal so that a wireless communication can occur between the device and the terminal to authorize a payment transaction.
“Smart cards,” as they are known, physically resemble credit cards but are far more powerful in that they have one or more signal processing integrated circuits (ICs) or microcontrollers embedded in their plastic which manage access to, and storage of, sensitive data that is actually stored in memory devices on the smart card. Data that might be stored in a smart card includes bank account numbers, personal data, or the electronic equivalent of currency.
A typical smart card may have six IC contacts positioned on the card surface. In some embodiments, six of the eight signals at the contact points are defined as VCC (supply voltage), RST (reset signal), CLK (clock signal), GND (ground), VPP (programming voltage for programming memory in the card IC), and I/O (serial data input/output). In other embodiments, the VPP contact is not used.
The IC in a smart card processes data such as security control information as part of an access control protocol. The processor further performs various security control functions including entitlement management and generating the key for descrambling the scrambled data component of the signal.
Despite such security controls, communications between such handheld payment devices and payment terminals are vulnerable to attacks by an intervener, known in the art as a man-in-the-middle (MITM). Some attacks on communication systems involve the interception of a communication between two or more intended parties by a MITM with subsequent modification of the content of the communication. Defenses to such attacks typically involve many well-established cryptographic techniques and protocols to protect the communication.
Other attacks, known as relay attacks, allow a MITM to impersonate a participant during an authentication protocol by effectively extending the intended transmission range for which the system was designed. For example, a relay attack occurs when an innocent purchaser presents a smart card to authorize a payment transaction at a first location and the authorization is sent to a MITM at a second unintended location where it is accepted as a valid authorization by the MITM. In this manner, the MITM can purchase goods using the innocent purchaser's smart card authorization provided at a remote location.
Accordingly, it would be desirable to provide a method to prevent or at least hinder such exploitative interception and relay of wireless communications with respect to payment transactions.