Method, apparatus, system and computer program for detecting a relay attack

By measuring and comparing transaction durations at the reader device, relay attacks are effectively detected, enhancing security in wireless communication systems without overburdening the user device, thus improving system reliability and resource efficiency.

WO2026130708A1PCT designated stage Publication Date: 2026-06-25ASSA ABLOY AB

Patent Information

Authority / Receiving Office
WO · WO
Patent Type
Applications
Current Assignee / Owner
ASSA ABLOY AB
Filing Date
2024-12-19
Publication Date
2026-06-25

AI Technical Summary

Technical Problem

Conventional methods for detecting relay attacks in wireless communication systems, such as RFID-based payment terminals and keyless entry systems, face challenges due to the lack of processing capabilities at the user device, making it difficult to identify these attacks effectively.

Method used

Implementing relay attack detection solely at the reader device by measuring and comparing the total transaction duration with an expected duration, utilizing predefined transaction protocols and user device processing capabilities to identify deviations caused by relay attacks.

Benefits of technology

Enhances system security by accurately detecting relay attacks without overburdening the user device with processing tasks, saving computing resources and improving transaction reliability.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure EP2024087593_25062026_PF_FP_ABST
    Figure EP2024087593_25062026_PF_FP_ABST
Patent Text Reader

Abstract

Disclosed is a method for detecting a relay attack between a user device as well as a method for wireless transactions between a user device and a reader device. The disclosure further relates to a corresponding apparatus, system and computer program.
Need to check novelty before this filing date? Find Prior Art

Description

[0001] 40184. AAB.P100PC S / Li / kt

[0002] 1

[0003] METHOD, APPARATUS, SYSTEM AND COMPUTER PROGRAM FOR DETECTING A RELAY ATTACK

[0004] TECHNICAL FIELD

[0005] The present disclosure generally relates to the field of IT-security, and more particularly to techniques for detecting a relay attack between a user device and a reader device. Certain embodiments may provide for improved transmission security between the user device and the reader device.

[0006] BACKGROUND

[0007] In recent years, relay attacks have emerged as a significant security threat to terminal systems, particularly those involved in wireless / contactless communication, such as RFIDbased payment terminals and keyless entry systems. A relay attack involves intercepting and forwarding communications between two legitimate devices (e.g., a user device and a reader device), often without altering the content of the communication itself. This attack effectively "relays" the signal, creating the appearance that the legitimate devices are within close proximity when, in reality, they are not. For example, in a contactless payment scenario, an attacker with a relay device near a user’s payment card can capture and extend the communication range to a second device near the payment terminal, enabling unauthorized transactions. By simulating proximity between the legitimate devices, the attacker exploits trust mechanisms that rely on the assumption that close physical proximity indicates a valid user interaction.

[0008] The consequences of relay attacks on terminal systems are severe, as they undermine core security assumptions regarding proximity-based authentication. Unlike traditional signal interception attacks, relay attacks bypass encryption and authentication protocols, as the relaying devices do not need to decrypt or alter the data being transmitted. This allows attackers to sidestep typical security measures, making it difficult to detect or prevent these intrusions with standard cryptographic safeguards. As a result, relay attacks can lead to unauthorized access, financial losses, and potential data breaches in applications reliant on contactless authentication. The ease with which relay attacks can be conducted, combined with their potential to cause significant harm, underscores the importance of implementing additional security measures to prevent or mitigate these types of intrusions in terminal systems. 40184. AAB.P100PC S / Li / kt

[0009] 2

[0010] To address this issue, conventional methods for detecting relay attacks frequently depend on timing measurements taken independently at both the user device and the reader device. These devices conduct separate timing assessments, which are subsequently compared to identify potential relay attacks. However, these methods encounter considerable challenges, particularly in situations where timing measurements cannot be performed on the user device, which often lacks the necessary capabilities for such assessments.

[0011] It is therefore an objective of the present disclosure to provide a method for detecting a relay attack between a user and a reader device, thereby overcoming the above-mentioned disadvantages of the prior art at least in part.

[0012] SUMMARY OF THE DISCLOSURE

[0013] The objective is solved by the subject-matter defined in the independent claims. Advantageous modifications of embodiments of the present disclosure are defined in the dependent claims as well as in the description and the figures.

[0014] As a general overview, certain aspects of the present disclosure provide for techniques for detecting a relay attack between a user device and a reader device by performing the corresponding measurement only at the reader device, because these are anyways equipped with enough processing capabilities. This way, limitations at the user device regarding processing capabilities are overcome. While described with respect to relay attacks, the present techniques are also applicable to other system attacks if they are detectable based on timing measurements.

[0015] In summary, the present disclosure provides nuanced and adaptable relay attack detection mechanism contributing to the overall robustness of transactions between user and reader devices.

[0016] One aspect of the present disclosure relates to a method for detecting a relay attack between a user device and a reader device. The method may be computer-implemented. The method may be performed at the reader device. The method may comprise measuring a total duration required for a performed transaction between the user device and the reader device. The method may comprise comparing the total duration with an expected duration for the performed transaction. The method may comprise detecting the relay attack based on the comparing.

[0017] This way, a relay attack can be detected without the need of timing measurements at the side of the user device. Instead, the reader device may utilize an expected duration for the 40184. AAB.P100PC S / Li / kt

[0018] 3 performed transaction based on which a comparison can be performed. The reason why this comparison-based approach works is that a relay attack introduces additional delay due to the relaying of the transmissions associated with the performed transaction. In addition, a transaction typically is associated with a predefined duration. This predefined duration may substantially correspond to the expected duration, given that transaction underly certain network and / or communication constrains. This is because transactions are typically implemented according to a predefined protocol or standard. Accordingly, they are associated with a more or less fixed (i.e. , predefined) transaction duration. For example, a transaction of a first type may be associated with a first predefined duration and a transaction of a second type may be associated with a second predefined duration, wherein the first type is different from the second type and the first predefined duration is different from the second predefined duration. This predefined transaction duration may depend on factors such as number of bytes exchanged, baud rate, Waiting Time Extension (WTX) setting and / or frame size. The predefined duration may also depend on the processing capability of the user device as explained below. For example, for a simple transaction type where only one item (e.g., a user ID with about 15 byte) is transmitted, the predefined transaction duration may be 100 milliseconds. For example, for a more complex transaction type (e.g., transmission of a biometric template or any other item of larger size e.g., >1000 byte) where more data is exchanged, more processing (e.g., encryption or decryption) has to be performed etc., the predefined transaction duration may be 220 milliseconds.

[0019] Thus, the reader device is able to identify based on the comparison between the expected duration (i.e., the time it should take to perform the transaction) and the measured total duration of the performed transaction (i.e., the time it actually took to perform the transaction) whether there is a certain deviation. Such a deviation may be a result from the additional delay caused by the relay attack and is thus an indication for the reader device that there was indeed a relay attack performed on the transaction.

[0020] As a result, system security is improved while also saving computing resources at the user device. Furthermore, computing resources for transmission of the corresponding timing measurements between both devices are saved.

[0021] Throughout the present disclosure, a “reader device” should be understood as any mobile or stationary device with the capability of performing a transaction as well as corresponding transmissions. A reader device may for example be:

[0022] A Point-of-Sale (POS) Terminal as typically used for contactless payment transactions. 40184. AAB.P100PC S / Li / kt

[0023] 4

[0024] - An access control reader employed in secure entry systems to grant or deny access based on contactless transmission of credentials.

[0025] - A keyless entry system as found in automotive or building access.

[0026] - A public transit fare reader as used in buses, trains, and subways.

[0027] - A smartphone NFC reader which is built into smartphones to read or interact with NFC tags for applications like payments, ticketing, or data sharing.

[0028] - An electronic passport reader as used by immigration or security authorities to read data from e-passports for identity verification.

[0029] - A warehouse or inventory RFID readers as employed in logistics to track and manage inventory through RFID-tagged items.

[0030] - A (hotel) room key reader which is typically integrated into door locks to allow room access through RFID cards or mobile credentials.

[0031] Throughout the present disclosure, a “user device” should be understood as any device, preferably mobile device, with the capability of performing a transaction as well as corresponding transmissions. A user device may for example be:

[0032] - A smartphone (typically NFC-Enabled) used for mobile payments, ticketing, and access control by communicating with PCS terminals, access readers, and other NFC-enabled devices.

[0033] - A smart card (e.g., for contactless payment, public transit cards, student ID cards or medical ID cards).

[0034] - A RFID key fob (i.e. , small devices used for access control, often in keyless entry systems).

[0035] A smartwatch and wearable-device which are typically equipped with NFC or RFID for payments, fitness tracking, or access control (e.g., home entry, gym entry or public transit).

[0036] An electronic passport (e-passport) which typically contains RFID chip(s) that store biometric information and can be read by a reader device (e.g. a passport reader) at border control. 40184. AAB.P100PC S / Li / kt

[0037] 5

[0038] An employee ID badge (typically with RFID or NFC) used in workplace access control systems, allowing employees to gain access to buildings or restricted areas.

[0039] - A wireless smart key for vehicles used in proximity-based car unlocking and starting, allowing keyless entry and ignition.

[0040] According to another aspect of the present disclosure, the comparing may comprise determining whether the total duration exceeds the expected duration by a predefined time duration threshold. The predefined time duration threshold may be defined based on the performed transaction (e.g., based on a transmission type of the performed transaction) and / or the processing capability of the user device as explained below. In other words, depending on which transaction is performed, the time duration threshold may vary. For defining the threshold duration, a set of test transactions could be evaluated. The evaluation could be based on a system preference (i.e., whether it is better to potentially allow I not being able to detect a short relay e.g. when the transaction is performed within the same network across a room or potentially refusing a valid transaction). The threshold could be defined in an absolute duration or a percentage of the predefined transaction duration.

[0041] For example, a first time duration threshold may be predefined for a first transaction type associated with a first predefined transaction duration and a second time duration threshold may be predefined for a second transaction type associated with a second predefined transaction duration, wherein the first transaction type is different from the second transaction type, the first time duration threshold is different from the second time duration threshold and the first predefined transaction duration is different from the second predefined transaction duration. For example, the first transaction duration may be longer than the second transaction duration. Therefore, a delay caused by a potential relay attack is typically also larger for the first transaction type compared to the second transaction type. Accordingly, the first time duration threshold may also be larger than the second time duration threshold in order to improve the reliability of detection. For the simple transaction type as outlined above with a predefined transaction duration of 100 milliseconds, the time duration threshold could be set to 150 milliseconds (i.e., if the transaction takes longer than 150 milliseconds, a relay attack is suspected). For the complex transaction type as outlined above with a predefined transaction duration of 220 milliseconds, the time duration threshold could be set to 300 milliseconds (i.e., if the transaction takes longer than 300 milliseconds, a relay attack is suspected). As one can see, defining different time duration thresholds for different transaction types associated with different predefined transactions durations improves the reliability of detection. 40184. AAB.P100PC S / Li / kt

[0042] 6

[0043] According to another aspect of the present disclosure, the method may further comprise receiving an indication of a processing capability of the user device. The expected duration may be based at least in part on the processing capability of the user device. The indication may be implemented as an index (e.g., 1 for low processing capability, 2 for medium processing capability or 3 for high processing capability) or a number (e.g., indicating the actual duration required by the user device for processing the parts of the transaction belonging to the user device, for example in ms).

[0044] According to another aspect of the present disclosure, the method may further comprise transmitting, to the user device, a request for indicating the processing capability of the user device. The method may further comprise receiving, in response to the request, a response from the user device. The response may comprise the indication of the processing capability.

[0045] According to another aspect of the present disclosure, the processing capability may comprise processing time information associated with the performed transaction and / or a device class of the user device. The device class may be indicative of a processing time associated with the performed transaction.

[0046] Throughout the present disclosure a “device class” should be understood as a classification of user devices into different classes wherein each class is associated with a different processing capability. For example, user devices may be classified into three different device classes, wherein a first device class is associated with a high processing capability, a second device class is associated with a medium processing capability and a third device class is associated with a low processing capability. The processing capability of a device may be based on a hardware configuration (e.g., CPU, RAM etc.) and / or a software configuration (e.g., installed OS such as Android or iOS, current update status of the device / app etc.). For example, if the entire logic for processing is encased in the User Memory and the main CPU is used for all calculations associated with the processing, such a user device may be classified into a first device class associated with a high processing capability. For example, if the logic is put into a secure element where a different entity (e.g., a dedicated CPU) takes over the processing, such a user device may be classified into a device class associated with a lower processing capability.

[0047] By considering the processing capability of the user device, the reader device is able to estimate the expected duration more accurately. This is because the reader device is provided with information about how long it takes for the user device to process those parts of the transaction belonging to the user device. For example, a transaction may comprise one or more request / command parts and corresponding response parts. The reader device 40184. AAB.P100PC S / Li / kt

[0048] 7 may transmit the request / command (e.g., request for credentials). Therefore, this part of the transaction may belong to the reader device, because the reader device is the entity performing the action. The user device on the other hand may transmit a corresponding response (e.g., credentials). Therefore, this part of the transaction may belong to the user device, because the user device is the entity performing the action. As user devices of different processing capabilities may process these actions (e.g., preparing and transmitting the response) faster than others, the estimated duration may vary depending on this information.

[0049] According to another aspect of the present disclosure, the method may further comprise estimating the expected duration based at least in part on a transaction type of the performed transaction.

[0050] Throughout the present disclosure, a “transaction type” should be understood as a classification of a transaction. For example, transactions may be classified according to their intended purpose such as a financial transaction (e.g., a first transaction type), a transit transaction (e.g., a second transaction type) or an access transaction (e.g., a second transaction type). Each transaction type may define a different sequence, amount and / or content of transmissions to be performed. Therefore, each transaction type may be associated with a different transaction duration.

[0051] Accordingly, by taking the transaction type into account, the reader device may estimate the expected duration more precisely. As a result, detection accuracy is improved.

[0052] According to another aspect of the present disclosure, the transaction may comprise a plurality of transmissions between the user device and the reader device. Each transmission of the plurality of transmission may be associated with a transmission duration. The transmission duration may be predefined. Estimating the expected duration may further be based on a plurality of transmission durations resulting from the plurality of transmissions.

[0053] As outlined above, the transaction may comprise a plurality of transmissions (e.g., request / command and response pairs). Each of these transmissions is associated with a corresponding transmission duration. Accordingly, the number of transmissions as well as the associated durations have a direct impact on the overall duration of the performed transaction. Therefore, the detection accuracy is further increased by considering those in the estimation of the expected duration.

[0054] According to another aspect of the present disclosure, the plurality of transmissions may comprise a plurality of Application Protocol Data Unit (APDU) command exchanges. 40184. AAB.P100PC S / Li / kt

[0055] 8

[0056] According to another aspect of the present disclosure, the transaction between the user device and the reader device may be performed according to ISO 7816.

[0057] Utilizing a predefined format / protocol for the transmissions / transaction ensures that the estimation can be performed reliably without causing additional signaling overhead. This is because otherwise, the user device and reader device would have to exchange additional information (e.g., how long certain transmissions / transactions take) which would lead to signaling overhead and thus inefficient bandwidth usage.

[0058] According to another aspect of the present disclosure, estimating the expected duration may comprise determining a first duration required by the reader device for processing parts of the transaction related to the reader device. Additionally or alternatively, estimating the expected duration may comprise determining a second duration required for a round-trip data transmission between the reader device and the user device associated with the transaction type. The expected duration may be based on the first and / or the second duration.

[0059] According to another aspect of the present disclosure, estimating the expected duration may further comprise determining, based on the indication of the processing capability of the user device, a third duration required by the user device for processing parts of the transaction related to the user device.

[0060] By considering how long each entity needs for processing their corresponding parts of the transactions and / or how long a round-trip data transmission takes (i.e. , the duration required for transmitting / receiving the request and corresponding response), the estimation accuracy is improved. As a result, detection accuracy and thus system security is improved.

[0061] According to another aspect of the present disclosure, the method may further comprise causing, after detecting the relay attack, an alarm signal to be triggered at the user device and / or the reader device.

[0062] By signaling an alarm to a monitoring system and / or a user of the user / reader device, the monitoring system and / or the user is getting aware of the detected relay attack and can perform corresponding measures such as verifying whether the detection is correct or freezing / cancelling of the transaction (e.g., by ensuring that the attacker gains no access to the attacked system).

[0063] According to another aspect of the present disclosure, the method may further comprise freezing, after detecting the relay attack, the transaction between the user device and the reader device. The method may further comprise causing, after freezing the transaction, an 40184. AAB.P100PC S / Li / kt

[0064] 9 additional security check to be performed. The method may further comprise cancelling or continuing the transaction based on a result of the additional security check. The additional security check may comprise a two-factor authentication such as:

[0065] - A biometric verification (e.g., fingerprint or face) on the user device and / or reader device.

[0066] - A one-time password (e.g., SMS or app-based) to be inserted at the user device and / or reader device.

[0067] - Pin input on the user device and / or reader device.

[0068] - A challenge question to the user of the user device (e.g., name of your first dog etc.).

[0069] - An additional hardware check (e.g., prompting the user to present his / her ID card to prove his / her identity).

[0070] By causing an additional security check it can be verified whether the detection was correct. Furthermore, by causing the additional security check, the identity of the user can be proven (e.g. that it was actually the user who attempted to access the system or intended to perform the transaction). This way, corresponding measures can be performed. For example, cancelling the transaction if the additional security check comes to the conclusion that the detection was correct or continuing the transaction if the additional security check comes to the conclusion that the detection was incorrect. For example, denying access or raising an alert to the user of the user device about the attack. This way, efficient operation of a system implementing the present technique can be ensured.

[0071] According to another aspect of the present disclosure, the transaction between the user device and the reader device may be performed using a wireless communication protocol, in particular using near field communication (NFC).

[0072] With most common user and reader devices being capable of NFC, using NFC for the transactions causes no additional hardware and software requirements. As a result, the present technique can be easily implemented and scaled across a plurality of different devices.

[0073] Another aspect of the present disclosure relates to a method for wireless transactions between a user device and a reader device. The method may be computer-implemented. The method may be performed at a user device. The method may comprise transmitting, to the reader device, an indication of a processing capability of the user device. The method 40184. AAB.P100PC S / Li / kt

[0074] 10 may comprise performing, after the transmitting, a transaction. The method may comprise receiving, from the reader device, an indication of a detected relay attack on the transaction.

[0075] The advantages that were mentioned with regards to any one of the previous aspects apply likewise. Further advantages may be applicable.

[0076] According to another aspect of the present disclosure, the method may further comprise receiving, from the reader device, a request for indicating the processing capability of the user device. The method may further comprise transmitting, in response to the request, a response to the reader device. The response may comprise the indication of the processing capability.

[0077] The advantages that were mentioned with regards to any one of the previous aspects apply likewise. Further advantages may be applicable.

[0078] According to another aspect of the present disclosure, the processing capability may comprise processing time information associated with the performed transaction and / or a device class of the user device indicative of a processing time associated with the performed transaction.

[0079] The advantages that were mentioned with regards to any one of the previous aspects apply likewise. Further advantages may be applicable.

[0080] According to another aspect of the present disclosure, the method may further comprise triggering, in response to receiving the indication, an alarm signal.

[0081] The advantages that were mentioned with regards to any one of the previous aspects apply likewise. Further advantages may be applicable.

[0082] According to another aspect of the present disclosure, the method may further comprise freezing, after receiving the indication, the transaction between the user device and the reader device. The method may further comprise causing, after freezing the transaction, an additional security check to be performed. The method may further comprise cancelling or continuing the transaction based on a result of the additional security check.

[0083] The advantages that were mentioned with regards to any one of the previous aspects apply likewise. Further advantages may be applicable.

[0084] Another aspect of the present disclosure relates to data processing apparatus at a reader device comprising means for carrying out the method performed at the reader device 40184. AAB.P100PC S / Li / kt

[0085] 11 according to any one of the aspects described herein. As such, the data processing apparatus may comprise means for measuring a total duration required for a performed transaction between the user device and the reader device, means for comparing the total duration with an expected duration for the performed transaction and means for detecting the relay attack based on the comparing.

[0086] The advantages that were mentioned with regards to any one of the previous aspects apply likewise. Further advantages may be applicable.

[0087] Another aspect of the present disclosure relates to a data processing apparatus at a reader device. The data processing apparatus may comprise a processor, memory coupled with the processor and instructions stored in the memory and executable by the processor to cause the apparatus to carry out the method performed at the reader device according to any one of the aspects described herein. As such, the instructions may cause the data processing apparatus to measure a total duration required for a performed transaction between the user device and the reader device, compare the total duration with an expected duration for the performed transaction and detect the relay attack based on the comparing.

[0088] The advantages that were mentioned with regards to any one of the previous aspects apply likewise. Further advantages may be applicable.

[0089] Another aspect of the present disclosure relates to data processing apparatus at a user device comprising means for carrying out the method performed at the reader device according to any one of the aspects described herein. As such, the data processing apparatus may comprise means for transmitting, to a reader device, an indication of a processing capability of the user device, means for performing, after the transmitting, a transaction between the user device and the reader device and means for receiving, from the reader device, an indication of a detected relay attack on the transaction.

[0090] The advantages that were mentioned with regards to any one of the previous aspects apply likewise. Further advantages may be applicable.

[0091] Another aspect of the present disclosure relates to a data processing apparatus at a user device. The data processing apparatus may comprise a processor, memory coupled with the processor and instructions stored in the memory and executable by the processor to cause the apparatus to carry out the method performed at the user device according to any one of the aspects described herein. As such, the instructions may cause the data processing apparatus to transmit, to a reader device, an indication of a processing capability of the user device, perform, after the transmitting, a transaction between the user device and the reader 40184. AAB.P100PC S / Li / kt

[0092] 12 device and receive, from the reader device, an indication of a detected relay attack on the transaction.

[0093] The advantages that were mentioned with regards to any one of the previous aspects apply likewise. Further advantages may be applicable.

[0094] Another aspect of the present disclosure relates to a data processing system comprising a reader device and a user device. The reader device may comprise a data processing apparatus according to any one of the aspects described herein. Additionally or alternatively, the user device may comprise a data processing apparatus according to any one of the aspects described herein.

[0095] The advantages that were mentioned with regards to any one of the previous aspects apply likewise. Further advantages may be applicable.

[0096] Another aspect of the present disclosure relates to a computer program or a computer- readable medium having stored there on the computer program. The computer program may comprise instructions which, when the computer program is executed by a data processing apparatus, cause the data processing apparatus to carry out the method(s) of any one of the aspects described herein.

[0097] The advantages that were mentioned with regards to any one of the previous aspects apply likewise. Further advantages may be applicable.

[0098] BRIEF DESCRIPTION OF THE DRAWINGS

[0099] The disclosure may be better understood by reference to the following drawings:

[0100] Fig. 1 : A flowchart of a method for detecting a relay attack between a user device and a reader device in accordance with embodiments of the present disclosure.

[0101] Fig. 2: A data processing apparatus in accordance with embodiments of the present disclosure.

[0102] Fig. 3: A data processing system in accordance with embodiments of the present disclosure.

[0103] Fig. 4: A flowchart of a method for wireless transactions between a user device and a reader device in accordance with embodiments of the present disclosure. 40184. AAB.P100PC S / Li / kt

[0104] 13

[0105] DETAILED DESCRIPTION

[0106] In the following, representative embodiments illustrated in the accompanying drawings will be explained. It should be understood that the illustrated embodiments and the following descriptions refer to examples which are not intended to limit the embodiments to one preferred embodiment.

[0107] Fig. 1 illustrates a flowchart of a method 100 for detecting a relay attack between a user device and a reader device in accordance with embodiments of the present disclosure. The method may be performed at a reader device (e.g., reader device 304).

[0108] The method 100 may comprise measuring (step 102) a total duration required for a performed transaction between a user device and a reader device.

[0109] The method 100 may comprise comparing (step 104) the total duration with an expected duration for the performed transaction.

[0110] The method 100 may comprise detecting (step 106) a relay attack based on the comparing.

[0111] The method may further comprise any aspects as described herein.

[0112] Fig. 2 illustrates a data processing apparatus 200 in accordance with embodiments of the present disclosure. The data processing apparatus 200 may be a component of a user device (e.g., user device 302) or a component of a reader device (e.g., reader device 304). In other words, a user device (e.g., user device 302) may comprise the data processing apparatus 200 or a reader device (e.g., reader device 304) may comprise the data processing apparatus 200. In another implementation, the data processing apparatus 200 may correspond to the reader device (e.g., reader device 304) or the user device (e.g., user device 302).

[0113] The data processing apparatus 200 may comprise means for performing the method(s) according to the present disclosure (e.g., the method 100 and / or the method 400). The means may comprise a processor 202 and a memory 204. The processor 202 and the memory 204 may be operatively connected. The memory 204 may store a computer program 206, wherein the computer program 206 comprises instructions that, when the computer program 206 is executed by the data processing apparatus 200, cause the data processing apparatus 200 to execute the method(s) according to any of the aforementioned aspects (e.g., the method 100 and / or the method 400). 40184. AAB.P100PC S / Li / kt

[0114] 14

[0115] Fig. 3 illustrates a data processing system 300 in accordance with embodiments of the present disclosure. The data processing system 300 may comprise a user device 302 and a reader device 304 which are configured to perform transactions 306 between each other. For this purpose, the user device 302 may comprise or correspond to the data processing apparatus 200 so that the method for wireless transactions between the user device 302 and the reader device 304 according to the aspects of the present disclosure may be performed at the user device 302 (e.g., method 400 of Fig. 4). Similarly, the reader device 304 may comprise or correspond to the data processing apparatus 200 so that the method for detecting a relay attack between the user device 302 and the reader device 304 may be performed at the reader device 304 (e.g., the method 100 of Fig. 1).

[0116] Fig. 4 illustrates a flowchart of a method 400 for wireless transactions between a user device and a reader device in accordance with embodiments of the present disclosure. The method may be performed at a user device (e.g., user device 302).

[0117] The method 400 may comprise transmitting (step 402), to a reader device, an indication of a processing capability of a user device.

[0118] The method 400 may comprise performing (step 404), after the transmitting, a transaction.

[0119] The method 400 may comprise receiving (step 406), from the reader device, an indication of a detected relay attack on the transaction.

[0120] The method may further comprise any aspects as described herein.

[0121] As used herein the term “and / or” includes any and all combinations of one or more of the associated listed items and may be abbreviated as

[0122] Although some aspects have been described in the context of an apparatus, it is clear that these aspects also represent a description of the corresponding method, where a block or device corresponds to a method step or a feature of a method step. Analogously, aspects described in the context of a method step also represent a description of a corresponding block or item or feature of a corresponding apparatus.

[0123] Embodiments of the present disclosure may be implemented on a computer system. The computer system may be a local computer device (e.g., personal computer, laptop, tablet computer or mobile phone) with one or more processors and one or more storage devices or may be a distributed computer system (e.g., a cloud computing system with one or more processors and one or more storage devices distributed at various locations, for example, at a local client and / or one or more remote server farms and / or data centers). The computer 40184. AAB.P100PC S / Li / kt

[0124] 15 system may comprise any circuit or combination of circuits. In one embodiment, the computer system may include one or more processors which can be of any type. As used herein, processor may mean any type of computational circuit, such as but not limited to a microprocessor, a microcontroller, a complex instruction set computing (CISC) microprocessor, a reduced instruction set computing (RISC) microprocessor, a very long instruction word (VLIW) microprocessor, a graphics processor, a digital signal processor (DSP), multiple core processor, a field programmable gate array (FPGA), or any other type of processor or processing circuit. Other types of circuits that may be included in the computer system may be a custom circuit, an application-specific integrated circuit (ASIC), or the like, such as, for example, one or more circuits (such as a communication circuit) for use in wireless devices like mobile telephones, tablet computers, laptop computers, two-way radios, and similar electronic systems. The computer system may include one or more storage devices, which may include one or more memory elements suitable to the particular application, such as a main memory in the form of random-access memory (RAM), one or more hard drives, and / or one or more drives that handle removable media such as compact disks (CD), flash memory cards, digital video disk (DVD), and the like. The computer system may also include a display device, one or more speakers, and a keyboard and / or controller, which can include a mouse, trackball, touch screen, voice-recognition device, or any other device that permits a system user to input information into and receive information from the computer system.

[0125] Some or all of the method steps may be executed by (or using) a hardware apparatus, like for example, a processor, a microprocessor, a programmable computer or an electronic circuit. In some embodiments, some one or more of the most important method steps may be executed by such an apparatus.

[0126] Depending on certain implementation requirements, embodiments of the present disclosure can be implemented in hardware or in software. The implementation can be performed using a non-transitory storage medium such as a digital storage medium, for example a floppy disc, a DVD, a Blu-Ray, a CD, a ROM, a PROM, and EPROM, an EEPROM or a FLASH memory, having electronically readable control signals stored thereon, which cooperate (or are capable of cooperating) with a programmable computer system such that the respective method is performed. Therefore, the digital storage medium may be computer readable.

[0127] Some embodiments according to the present disclosure comprise a data carrier having electronically readable control signals, which are capable of cooperating with a programmable computer system, such that one of the methods described herein is performed. 40184. AAB.P100PC S / Li / kt

[0128] 16

[0129] Generally, embodiments of the present disclosure can be implemented as a computer program product with a program code, the program code being operative for performing one of the methods when the computer program product runs on a computer. The program code may, for example, be stored on a machine-readable carrier.

[0130] Other embodiments comprise the computer program for performing one of the methods described herein, stored on a machine-readable carrier.

[0131] In other words, an embodiment of the present disclosure is, therefore, a computer program having a program code for performing one of the methods described herein, when the computer program runs on a computer.

[0132] A further embodiment of the present disclosure is, therefore, a storage medium (or a data carrier, or a computer-readable medium) comprising, stored thereon, the computer program for performing one of the methods described herein when it is performed by a processor. The data carrier, the digital storage medium or the recorded medium are typically tangible and / or non-transitory. A further embodiment of the present disclosure is an apparatus as described herein comprising a processor and the storage medium.

[0133] A further embodiment of the present disclosure is, therefore, a data stream or a sequence of signals representing the computer program for performing one of the methods described herein. The data stream or the sequence of signals may, for example, be configured to be transferred via a data communication connection, for example, via the internet.

[0134] A further embodiment comprises a processing means, for example, a computer or a programmable logic device, configured to, or adapted to, perform one of the methods described herein.

[0135] A further embodiment comprises a computer having installed thereon the computer program for performing one of the methods described herein.

[0136] A further embodiment according to the present disclosure comprises an apparatus or a system configured to transfer (for example, electronically or optically) a computer program for performing one of the methods described herein to a receiver. The receiver may, for example, be a computer, a mobile device, a memory device or the like. The apparatus or system may, for example, comprise a file server for transferring the computer program to the receiver.

[0137] In some embodiments, a programmable logic device (for example, a field programmable gate array) may be used to perform some or all of the functionalities of the methods described 40184.AAB.P100PC S / Li / kt

[0138] 17 herein. In some embodiments, a field programmable gate array may cooperate with a microprocessor in order to perform one of the methods described herein. Generally, the methods are preferably performed by any hardware apparatus.

Claims

40184. AAB.P100PC S / Li / kt18CLAIMS1. A computer-implemented method (100) for detecting a relay attack between a user device (302) and a reader device (304), wherein the method is performed at the reader device (304) and comprises: measuring (102) a total duration required for a performed transaction (306) between the user device (302) and the reader device (304); comparing (104) the total duration with an expected duration for the performed transaction (306); and detecting (106) the relay attack based on the comparing (104).

2. The method of the preceding claim, wherein the comparing (104) comprises: determining whether the total duration exceeds the expected duration by a predefined time duration threshold.

3. The method of any one of the preceding claims, further comprising: receiving an indication of a processing capability of the user device (302); and wherein the expected duration is at least in part based on the processing capability of the user device (302).

4. The method of the preceding claim, further comprising: transmitting, to the user device (302), a request for indicating the processing capability of the user device (302); and receiving, in response to the request, a response from the user device (302), wherein the response comprises the indication of the processing capability.

5. The method of any one of claims 3-4, wherein the processing capability comprises: processing time information associated with the performed transaction (306); and / or a device class of the user device (302) indicative of a processing time associated with the performed transaction (306).

6. The method of any one of the preceding claims, further comprising: estimating the expected duration based at least in part on a transaction type of the performed transaction (306).

7. The method of the preceding claim, wherein the transaction (306) comprises a plurality of transmissions between the user device (302) and the reader device (304), each40184. AAB.P100PC S / Li / kt19 associated with a transmission duration; and wherein estimating the expected duration is further based on a plurality of transmission durations resulting from the plurality of transmissions.

8. The method of the preceding claim, wherein the plurality of transmissions comprises a plurality of Application Protocol Data Unit, APDU, command exchanges.

9. The method of any one of claims 6-8, wherein estimating the expected duration comprises: determining a first duration required by the reader device (304) for processing parts of the transaction (306) related to the reader device (304); and determining a second duration required for a round-trip data transmission between the reader device (304) and the user device (302) associated with the transaction type; wherein the expected duration is based on the first and the second duration.

10. The method of the preceding claim and any one of claims 3-5, wherein estimating the expected duration further comprises: determining, based on the indication of the processing capability of the user device (302), a third duration required by the user device (302) for processing parts of the transaction (306) related to the user device (302).

11. The method of any one of the preceding claims, further comprising: causing, after detecting the relay attack, an alarm signal to be triggered at the user device (302) and / or the reader device (304).

12. The method of any one the preceding claims, further comprising: freezing, after detecting the relay attack, the transaction (306) between the user device (302) and the reader device (304); causing, after freezing the transaction (306), an additional security check to be performed; and cancelling or continuing the transaction (306) based on a result of the additional security check.

13. The method of any one of the preceding claims, wherein the transaction (306) between the user device (302) and the reader device (304) is performed according to ISO40184. AAB.P100PC S / Li / kt2014. The method of any one of the preceding claims, wherein the transaction (306) between the user device (302) and the reader device (304) is performed using a wireless communication protocol, in particular using near field communication, NFC.

15. A computer-implemented method (400) for wireless transactions (306) between a user device (302) and a reader device (304), wherein the method (400) is performed at a user device (302) and the method (400) comprises: transmitting (402), to the reader device (304), an indication of a processing capability of the user device (302); performing (404), after the transmitting (402), a transaction (306); and receiving (406), from the reader device (304), an indication of a detected relay attack on the transaction (306).

16. The method of the preceding claim, further comprising: receiving, from the reader device (304), a request for indicating the processing capability of the user device (302); and transmitting, in response to the request, a response to the reader device, wherein the response comprises the indication of the processing capability.

17. The method of any one of claims 15-16, wherein the processing capability comprises: processing time information associated with the performed transaction (306); and / or a device class of the user device (302) indicative of a processing time associated with the performed transaction (306).

18. The method of any one of claims 15-17, further comprising: triggering, in response to receiving (406) the indication, an alarm signal.

19. The method of any one of claims 15-18, further comprising: freezing, after receiving (406) the indication, the transaction (306) between the user device (302) and the reader device (304); causing, after freezing the transaction (306), an additional security check to be performed; and cancelling or continuing the transaction (306) based on a result of the additional security check.

20. A data processing apparatus (200) at a reader device (304), comprising:40184. AAB.P100PC S / Li / kt21 means for measuring (102) a total duration required for a performed transaction (306) between the user device (302) and the reader device (304); means for comparing (104) the total duration with an expected duration for the performed transaction (306); and means for detecting (106) the relay attack based on the comparing (104)21. The data processing apparatus (200) of the preceding claim, further comprising means for carrying out the method of (100) any one of claims 2-14.

22. A data processing apparatus (200) at a reader device (304), comprising: a processor (202), memory (204) coupled with the processor and instructions stored in the memory and executable by the processor to cause the apparatus (200) to: measure (102) a total duration required for a performed transaction (306) between the user device (302) and the reader device (304); compare (104) the total duration with an expected duration for the performed transaction (306); and detect (106) the relay attack based on the comparing (104).

23. The data processing apparatus (200) of the preceding claim, wherein the instructions further cause the apparatus (200) to carry out the method (100) of any one of claims 2-14.

24. A data processing apparatus (200) at a user device (302), comprising: means for transmitting (402), to a reader device (304), an indication of a processing capability of the user device (302); means for performing (404), after the transmitting (402), a transaction (306) between the user device (302) and the reader device (304); and means for receiving (406), from the reader device (304), an indication of a detected relay attack on the transaction (306).

25. The data processing apparatus (200) of the preceding claim, further comprising means for carrying out the method (400) of any one of claims 16-19.

26. A data processing apparatus (200) at a user device (302), comprising: a processor (202), memory (204) coupled with the processor and instructions stored in the memory and executable by the processor to cause the apparatus (200) to: transmit (402), to a reader device (304), an indication of a processing capability of the user device (302);40184. AAB.P100PC S / Li / kt22 perform (404), after the transmitting (406), a transaction (306) between the user device (302) and the reader device (304); and receive (406), from the reader device (304), an indication of a detected relay attack on the transaction (306).

27. The data processing apparatus (200) of the preceding claim, wherein the instructions further cause the apparatus (200) to carry out the method (400) of any one of claims 16-19.

28. A data processing system (300) comprising a reader device (304) comprising the data processing apparatus (200) of any one of claims 20-23 and a user device (302).

29. The data processing system (300) of the preceding claim, wherein the user device (302) comprises the data processing apparatus (200) of any one of claims 24-27.

30. A computer program (206) or a computer-readable medium having stored there on the computer program (206), the computer program (206) comprising instructions which, when the computer program (206) is executed by a data processing apparatus (200), cause the data processing apparatus (200) to carry out the method (100, 400) of any one of claims 1-19.