Abstract
Magnetic secure transmission (MST) is a technology that emulates the action of swiping a magstripe card in a card reader in that it artificially generates the magnetic signal produced when a card is swiped. MST provides extremely high backward compatibility, i.e., mobile payment using an MST device is possible through most conventional magstripe readers. However, MST devices transmit magnetic signals to a remote magstripe card reader. Hence, it is possible to eavesdrop on such signals. We developed a device that can remotely eavesdrop on magnetic signals emitted by MST devices. Thus, we could obtain the one-time payment token contained in such signals at a maximum distance of 2.7 m. We successfully performed a wormhole attack against Samsung Pay, a widely used MST-based mobile payment service, and we were able to execute payment a few kilometers from where the eavesdropped one-time token was actually created.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
