WO2021191261A1 - Preventing a communication with a contactless credential - Google Patents

Preventing a communication with a contactless credential Download PDF

Info

Publication number
WO2021191261A1
WO2021191261A1 PCT/EP2021/057543 EP2021057543W WO2021191261A1 WO 2021191261 A1 WO2021191261 A1 WO 2021191261A1 EP 2021057543 W EP2021057543 W EP 2021057543W WO 2021191261 A1 WO2021191261 A1 WO 2021191261A1
Authority
WO
WIPO (PCT)
Prior art keywords
signal
modulation type
protective
protection device
time period
Prior art date
Application number
PCT/EP2021/057543
Other languages
French (fr)
Inventor
Anton VARAVIN
Original Assignee
Skimsafe Holding Ab
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Skimsafe Holding Ab filed Critical Skimsafe Holding Ab
Publication of WO2021191261A1 publication Critical patent/WO2021191261A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/352Contactless payments by cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • G06K19/073Special arrangements for circuits, e.g. for protecting identification code in memory
    • G06K19/07309Means for preventing undesired reading or writing from or onto record carriers
    • G06K19/07318Means for preventing undesired reading or writing from or onto record carriers by hindering electromagnetic reading or writing
    • G06K19/07336Active means, e.g. jamming or scrambling of the electromagnetic field
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K3/00Jamming of communication; Counter-measures
    • H04K3/40Jamming having variable characteristics
    • H04K3/44Jamming having variable characteristics characterized by the control of the jamming waveform or modulation type
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K3/00Jamming of communication; Counter-measures
    • H04K3/40Jamming having variable characteristics
    • H04K3/45Jamming having variable characteristics characterized by including monitoring of the target or target signal, e.g. in reactive jammers or follower jammers for example by means of an alternation of jamming phases and monitoring phases, called "look-through mode"
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K3/00Jamming of communication; Counter-measures
    • H04K3/80Jamming or countermeasure characterized by its function
    • H04K3/86Jamming or countermeasure characterized by its function related to preventing deceptive jamming or unauthorized interrogation or access, e.g. WLAN access or RFID reading
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K2203/00Jamming of communication; Countermeasures
    • H04K2203/10Jamming or countermeasure used for a particular application
    • H04K2203/20Jamming or countermeasure used for a particular application for contactless carriers, e.g. RFID carriers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04KSECRET COMMUNICATION; JAMMING OF COMMUNICATION
    • H04K3/00Jamming of communication; Counter-measures
    • H04K3/40Jamming having variable characteristics
    • H04K3/42Jamming having variable characteristics characterized by the control of the jamming frequency or wavelength

Definitions

  • the present disclosure relates to preventing a communication with a contactless credential. This is achieved by a method, protection device and computer program transmitting two types of protective signals.
  • Payment models have evolved greatly from the exchange of physical cash and cheques.
  • Payment cards such as credit cards and debit cards, increasingly replace the use of cash and cheques.
  • One object is to provide an improved way of protection from an attacker attempting to read credential details from a contactless credential.
  • a method for preventing a communication with a contactless credential comprising the steps of: detecting presence of an interrogation signal; transmitting a first protective signal during a first time period wherein the first protective signal is configured to block the interrogation signal when this is of a first modulation type; and transmitting a second protective signal during a second time period that follows the first time period, wherein the second protective signal is configured to block the interrogation signal when this is of a second modulation type, wherein the second modulation type is slower than the first modulation type.
  • the interrogation signal may power the protection device.
  • the second modulation type may be slower than the first modulation type in terms of lower modulation frequency.
  • the first time period may be less than 20 ms.
  • a modulation frequency of the first modulation type may be at least ten times the modulation frequency of the second modulation type.
  • the second protective signal may be unable to block the interrogation signal when this is of the first modulation type.
  • the interrogation signal may comply with ISO/IEC, International Organization for Standardization/ International Electrotechnical Commission, 14443. [0016] In one embodiment, neither the first protective signal nor the second protective signal contains any data.
  • a protection device for preventing a communication with a contactless credential.
  • the protection device comprises: a processor; and a memory storing instructions that, when executed by the processor, cause the protection device to: detect presence of an interrogation signal; transmit a first protective signal during a first time period, wherein the first protective signal is configured to block the interrogation signal when this is of a first modulation type; and transmit a second protective signal during a second time period that follows the first time period, wherein the second protective signal is configured to block the interrogation signal when this is of a second modulation type, wherein the second modulation type is slower than the first modulation type.
  • the protection device may be in the shape of a credit card.
  • a computer program for preventing a communication with a contactless credential.
  • the computer program comprises computer program code which, when run on a protection device causes the protection device to: detect presence of an interrogation signal; transmit a first protective signal during a first time period, wherein the first protective signal is configured to block the interrogation signal when this is of a first modulation type; and transmit a second protective signal during a second time period that follows the first time period, wherein the second protective signal is configured to block the interrogation signal when this is of a second modulation type, wherein the second modulation type is slower than the first modulation type.
  • a computer program product comprising a computer program according to the third aspect and a computer readable means on which the computer program is stored.
  • FIG 1 is a schematic diagram illustrating an environment in which embodiments presented herein can be applied;
  • FIG 2 is a schematic diagram illustrating a protection device according to embodiments presented herein;
  • FIG. 3 is a schematic diagram illustrating a variation of protective signals over time by the protection device of Fig 2 according to one embodiment
  • Fig 4 is a flow chart illustrating embodiments of methods for preventing a communication with a contactless credential
  • Fig 5 is a schematic diagram illustrating components of the protection device of Fig 2 according to one embodiment.
  • FIG. 6 shows one example of a computer program product comprising computer readable means.
  • a protection device is provided to protect a contactless credential when several different potential modulation types can be used in the communication between reader and credential. This is achieved by transmitting a first protective signal of faster modulation followed by transmitting a second protective signal of slower modulation.
  • the faster modulation interrogation signal is blocked quickly by the first protective signal, which is sufficient to block communication establishment with the protected credential using the faster modulation.
  • the first protective signal of faster modulation is relative energy intense, whereby the protection device then switches to transmitting the second (slow modulation) protective signal to reduce energy use. In this way, the protection device can protect against communication with the contactless credential for interrogation signals of both fast modulation and slow modulation, and this is performed with great energy efficiency.
  • FIG 1 is a schematic diagram illustrating an environment in which embodiments presented herein can be applied.
  • a user 5 carries a contactless credential 3, e.g. a contactless card.
  • the contactless credential is in a wallet 2.
  • the contactless credential 3 can e.g. comply with ISO/IEC (International Organization for Standardization/International Electrotechnical Commission) 14443, based on communication over 13.56 MHz.
  • a thief 10 uses a skimming device 11 that can query a contactless card without the card owner knowing about it.
  • the skimming device 11 sends out a wireless interrogation signal 4 to attempt to connect to the contactless credential 3 to thereby gain credential (e.g. card) details from the contactless credential which can be used for illegitimate purchases.
  • credential e.g. card
  • the wallet 2 also comprises a protection device which transmits protective signals to prevent communication between the skimming device 11 and the contactless credential 3. This prevents the thief 10 to get hold of card details of the protected contactless credential 3.
  • Fig 2 is a schematic diagram illustrating a protection device according to embodiments presented herein.
  • a wallet 2 contains three contactless credentials 3a-c. Additionally, the wallet
  • the protection device 1 can be in the shape of a credit card, for convenient storage in the wallet 2 next to the contactless credentials 3a-c, often in the form of contactless cards of credit card dimensions.
  • Fig 3 is a schematic diagram illustrating a variation of protective signals over time by the protection device of Fig 2 according to one embodiment.
  • the horizontal axis represents time and the vertical axis represents signal amplitude. In the diagram, it is shown protective signals over time.
  • the protection device 1 detects an interrogation signal.
  • the interrogation signal can power the protection device.
  • the protection device can be in an inactive state prior to time t 0 , and transitions to an active state when the interrogation signal powers the protection device.
  • a first protective signal 20 is transmitted first after detecting the interrogation signal.
  • the first protective signal 10 is configured to block the interrogation signal when this is of a first modulation type.
  • the first protective signal 20 is transmitted during a first time period 14, from time t 0 to time h.
  • the protection device 1 After the time period 14, the protection device 1 starts to transmit a second protective signal 21 during a second time period 15 from time t to time t 2 .
  • the second time period 15 follows the first time period 14.
  • the second protective signal 21 is configured to block the interrogation signal when this is of a second modulation type, wherein the second modulation type is slower than the first modulation type.
  • Fig 4 is a flow chart illustrating embodiments of methods for preventing a communication with a contactless credential. The method is performed in the interrogation device 1.
  • a detect interrogation signal step 40 the protection device 1 detects presence of an interrogation signal.
  • the interrogation signal powers the protection device 1.
  • the interrogation signal can be the only power source of the protection device 1. In this way, the protection device 1 does not need a battery or any other power source.
  • the interrogation signal can comply with ISO/IEC 14443.
  • a transmit 1 st protective signal step 42 the protection device 1 transmits a first protective signal 20 during a first time period 14.
  • the first protective signal 20 is configured to block the interrogation signal when this is of a first modulation type.
  • the first time period 14 can be less than 20 ms. In one embodiment, the first time period is 10 ms or less. The first time period 14 needs to be sufficiently long to prevent the interrogation signal (when being of the first modulation type) to establish a connection with the contactless credential. On the other hand, the shorter the first time period 14 is, the less power is used for the protection.
  • a transmit 2 nd protective signal step 44 the protection device 1 transmits a second protective signal 21 during a second time period 15 that follows the first time period 14.
  • the second protective signal 21 is configured to block the interrogation signal when this is of a second modulation type, wherein the second modulation type is slower than the first modulation type.
  • the first protective signal is configured to block the interrogation signal is of the second modulation type.
  • the second modulation type blocks signals with slower symbol rate. This can be achieved with a higher modulation frequency if the first modulation type than the modulation frequency of the second modulation type.
  • a modulation frequency of the first modulation type can be at least ten times the modulation frequency of the second modulation type.
  • the second protective signal can be unable to block the interrogation signal when this is of the first modulation type. The reason for this is that a protective signal which is capable of blocking the interrogation signal of the first modulation type can require more energy per unit of time. Hence, the second protective signal can in this way be configured to use less power per unit of time than the first protective signal.
  • the second protective signal and the first protective signal can be transmitted on the same carrier frequency, even if the modulation differs between the second protective signal and the first protective signal.
  • the first protective signal and the second protective signal can refrain from containing any data. Since the purpose of the protection device is to block signals and disrupt communication, no energy needs to be spent on transmitting payload data.
  • the protective signals can be provided either as distinct protective signals, or as part of a (linear or non-linear) sweep in modulation frequency from a high modulation frequency to a low frequency.
  • the sweep is non-linear, this can be configured such that sufficient time is spent to generate the first protective signal, after which the sweep proceeds with a sweep to the second protective signal.
  • attempted communication e.g. by a skimming device
  • a contactless credential is disrupted for communication based on either fast modulation or slow modulation.
  • this connection attempt is disrupted if based on fast modulation.
  • the second protective signal is transmitted, which prevents contact with the contactless credential based on slow modulation.
  • the second protective signal consumes less energy for the protection device, allowing the protection device to be powered by the interrogation signal and still prevent fast modulation communication with the protected contactless credential.
  • the protection device does not need to know in advance which modulation type (of interrogation signals) to protect against; the protection device inherently protects against both fast and slow modulation (of interrogation signal), e.g. from a skimming device.
  • Fig 5 is a schematic diagram illustrating components of the protection device 1 of Fig 2.
  • a processor 60 is provided using any combination of one or more of a suitable central processing unit (CPU), multiprocessor, microcontroller, digital signal processor (DSP), etc., capable of executing software instructions 67 stored in a memory 64, which can thus be a computer program product.
  • the processor 60 could alternatively be implemented using an application specific integrated circuit (ASIC), field programmable gate array (FPGA), etc.
  • the processor 60 can be configured to execute the method described with reference to Fig 4 above.
  • the memory 64 can be any combination of random-access memory (RAM) and/or read-only memory (ROM).
  • the memory 64 also comprises persistent storage, which, for example, can be any single one or combination of magnetic memory, optical memory, or solid-state memory.
  • a data memory 66 is also provided for reading and/ or storing data during execution of software instructions in the processor 60.
  • the data memory 66 can be any combination of RAM and/or ROM.
  • the protection device 1 further comprises an I/O interface 62 for communicating with external and/or internal entities.
  • the I/O interface 62 can e.g. include the physical switch 11 of Fig 3A.
  • a transceiver 61 comprises suitable analogue and digital components to allow signal transmission and signal reception using one or more antennas.
  • the transceiver 61 and antenna are configured to detect interrogation signals destined for a contactless credential and to transmit protective signals.
  • One or more of the components of the protection device 1 can be combined in a single microcontroller unit (MCU).
  • MCU microcontroller unit
  • the protection device 1 can be completely powered by the interrogation signal received over the transceiver. [0060] Other components of the protection device 1 are omitted in order not to obscure the concepts presented herein.
  • Fig 6 shows one example of a computer program product 90 comprising computer readable means.
  • a computer program 91 can be stored, which computer program can cause a processor to execute a method according to embodiments described herein.
  • the computer program product is in the form of a removable solid-state memory, e.g. a Universal Serial Bus (USB) drive.
  • USB Universal Serial Bus
  • the computer program product could also be embodied in a memory of a device, such as the computer program product 64 of Fig 5.
  • While the computer program 91 is here schematically shown as a section of the removable solid- state memory, the computer program can be stored in any way which is suitable for the computer program product, such as another type of removable solid-state memory, or an optical disc, such as a CD (compact disc), a DVD (digital versatile disc) or a Blu-Ray disc.
  • an optical disc such as a CD (compact disc), a DVD (digital versatile disc) or a Blu-Ray disc.

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Electromagnetism (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Business, Economics & Management (AREA)
  • General Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Lock And Its Accessories (AREA)

Abstract

It is provided a method for preventing a communication with a contactless credential. The method is performed in a protection device and comprises the steps of: detecting presence of an interrogation signal; transmitting a first protective signal during a first time period wherein the first protective signal is configured to block the interrogation signal when this is of a first modulation type; and transmitting a second protective signal during a second time period that follows the first time period, wherein the second protective signal is configured to block the interrogation signal when this is of a second modulation type, wherein the second modulation type is slower than the first modulation type.

Description

PREVENTING A COMMUNICATION WITH A CONTACTLESS CREDENTIAL TECHNICAL FIELD
[0001] The present disclosure relates to preventing a communication with a contactless credential. This is achieved by a method, protection device and computer program transmitting two types of protective signals.
BACKGROUND
[0002] Payment models have evolved greatly from the exchange of physical cash and cheques. Payment cards, such as credit cards and debit cards, increasingly replace the use of cash and cheques.
[0003] Payment cards were originally provided with embossed numbers, to allow a merchant to easily imprint the card details to simplify the payment process. In the 1970s, a magnetic stripe was added which further simplified the processing by the merchant. In order to read the card details from the magnetic stripe, the merchant uses a reader device which is capable of reading the card details encoded in the magnetic stripe.
[0004] Small computer chips have been added to payment cards for decades, implementing so called smartcards. The chips allow a more secure communication between reader and card, based on secure element storage and encryption. Initially, the communication between reader and card was based on galvanic contact between the reader and metal terminals of the card.
[0005] Recently, payment cards based on smartcard technology also support contactless payment, making payment even more convenient. Such a card is often called a contactless card. The reader and the contactless card communicate wirelessly, e.g. based on NFC (Near-field communication). Some simpler types of contactless cards are based on RFID (Radio-frequency identification), which is a related predecessor to NFC.
[0006] While contactless payment certainly is convenient, there is a risk that a thief uses a skimming device that can query a contactless card without the card owner knowing about it. In this way, a thief could potentially gain card details from the contactless card which can be used for illegitimate purchases. [0007] One known way to reduce the risk for such an attack is to enclose the contactless card in metal, e.g. in a wallet made of metal, effectively creating a Faraday’s cage around the contactless card. However, everyone may not want to use a metallic wallet and there is a risk that openings still allow an attacker to read the card details when being sufficiently close.
SUMMARY
[0008] One object is to provide an improved way of protection from an attacker attempting to read credential details from a contactless credential.
[0009] According to a first aspect, it is provided a method for preventing a communication with a contactless credential. The method is performed in a protection device and comprises the steps of: detecting presence of an interrogation signal; transmitting a first protective signal during a first time period wherein the first protective signal is configured to block the interrogation signal when this is of a first modulation type; and transmitting a second protective signal during a second time period that follows the first time period, wherein the second protective signal is configured to block the interrogation signal when this is of a second modulation type, wherein the second modulation type is slower than the first modulation type.
[0010] The interrogation signal may power the protection device.
[0011] The second modulation type may be slower than the first modulation type in terms of lower modulation frequency.
[0012] The first time period may be less than 20 ms.
[0013] A modulation frequency of the first modulation type may be at least ten times the modulation frequency of the second modulation type.
[0014] The second protective signal may be unable to block the interrogation signal when this is of the first modulation type.
[0015] The interrogation signal may comply with ISO/IEC, International Organization for Standardization/ International Electrotechnical Commission, 14443. [0016] In one embodiment, neither the first protective signal nor the second protective signal contains any data.
[0017] According to a second aspect, it is provided a protection device for preventing a communication with a contactless credential. The protection device comprises: a processor; and a memory storing instructions that, when executed by the processor, cause the protection device to: detect presence of an interrogation signal; transmit a first protective signal during a first time period, wherein the first protective signal is configured to block the interrogation signal when this is of a first modulation type; and transmit a second protective signal during a second time period that follows the first time period, wherein the second protective signal is configured to block the interrogation signal when this is of a second modulation type, wherein the second modulation type is slower than the first modulation type.
[0018] The protection device may be in the shape of a credit card.
[0019] According to a third aspect, it is provided a computer program for preventing a communication with a contactless credential. The computer program comprises computer program code which, when run on a protection device causes the protection device to: detect presence of an interrogation signal; transmit a first protective signal during a first time period, wherein the first protective signal is configured to block the interrogation signal when this is of a first modulation type; and transmit a second protective signal during a second time period that follows the first time period, wherein the second protective signal is configured to block the interrogation signal when this is of a second modulation type, wherein the second modulation type is slower than the first modulation type.
[0020] According to a fourth aspect, it is provided a computer program product comprising a computer program according to the third aspect and a computer readable means on which the computer program is stored.
[0021] Generally, all terms used in the claims are to be interpreted according to their ordinary meaning in the technical field, unless explicitly defined otherwise herein. All references to "a/an/the element, apparatus, component, means, step, etc." are to be interpreted openly as referring to at least one instance of the element, apparatus, component, means, step, etc., unless explicitly stated otherwise. The steps of any method disclosed herein do not have to be performed in the exact order disclosed, unless explicitly stated.
BRIEF DESCRIPTION OF THE DRAWINGS
[0022] Aspects and embodiments are now described, by way of example, with refer ence to the accompanying drawings, in which:
[0023] Fig 1 is a schematic diagram illustrating an environment in which embodiments presented herein can be applied;
[0024] Fig 2 is a schematic diagram illustrating a protection device according to embodiments presented herein;
[0025] Fig 3 is a schematic diagram illustrating a variation of protective signals over time by the protection device of Fig 2 according to one embodiment;
[0026] Fig 4 is a flow chart illustrating embodiments of methods for preventing a communication with a contactless credential;
[0027] Fig 5 is a schematic diagram illustrating components of the protection device of Fig 2 according to one embodiment; and
[0028] Fig 6 shows one example of a computer program product comprising computer readable means.
DETAILED DESCRIPTION
[0029] The aspects of the present disclosure will now be described more fully hereinafter with reference to the accompanying drawings, in which certain embodiments of the invention are shown. These aspects may, however, be embodied in many different forms and should not be construed as limiting; rather, these embodiments are provided by way of example so that this disclosure will be thorough and complete, and to fully convey the scope of all aspects of invention to those skilled in the art. Like numbers refer to like elements throughout the description. [0030] According to embodiments presented herein, a protection device is provided to protect a contactless credential when several different potential modulation types can be used in the communication between reader and credential. This is achieved by transmitting a first protective signal of faster modulation followed by transmitting a second protective signal of slower modulation. In this way, the faster modulation interrogation signal is blocked quickly by the first protective signal, which is sufficient to block communication establishment with the protected credential using the faster modulation. However, the first protective signal of faster modulation is relative energy intense, whereby the protection device then switches to transmitting the second (slow modulation) protective signal to reduce energy use. In this way, the protection device can protect against communication with the contactless credential for interrogation signals of both fast modulation and slow modulation, and this is performed with great energy efficiency.
[0031] Fig 1 is a schematic diagram illustrating an environment in which embodiments presented herein can be applied.
[0032] A user 5 carries a contactless credential 3, e.g. a contactless card. In this example, the contactless credential is in a wallet 2. The contactless credential 3 can e.g. comply with ISO/IEC (International Organization for Standardization/International Electrotechnical Commission) 14443, based on communication over 13.56 MHz.
[0033] A thief 10 uses a skimming device 11 that can query a contactless card without the card owner knowing about it. The skimming device 11 sends out a wireless interrogation signal 4 to attempt to connect to the contactless credential 3 to thereby gain credential (e.g. card) details from the contactless credential which can be used for illegitimate purchases.
[0034] According to embodiments presented herein, as described in more detail below, the wallet 2 also comprises a protection device which transmits protective signals to prevent communication between the skimming device 11 and the contactless credential 3. This prevents the thief 10 to get hold of card details of the protected contactless credential 3. [0035] Fig 2 is a schematic diagram illustrating a protection device according to embodiments presented herein.
[0036] A wallet 2 contains three contactless credentials 3a-c. Additionally, the wallet
2 contains a protection device 1 that prevents communication with the contactless credentials 3a-c by transmitting protective signals. In this example, there are three contactless credentials 3a-c, but the protection device 1 can be used with fewer or more contactless credentials. When the user wants to legitimately use one of the contactless credentials 3a-c, the user simply removes the contactless credential from the wallet, outside of the range of the protective signals of the protection device 1. The protection device 1 can be in the shape of a credit card, for convenient storage in the wallet 2 next to the contactless credentials 3a-c, often in the form of contactless cards of credit card dimensions.
[0037] Fig 3 is a schematic diagram illustrating a variation of protective signals over time by the protection device of Fig 2 according to one embodiment. The horizontal axis represents time and the vertical axis represents signal amplitude. In the diagram, it is shown protective signals over time.
[0038] At time t0, the protection device 1 detects an interrogation signal. The interrogation signal can power the protection device. In other words, the protection device can be in an inactive state prior to time t0, and transitions to an active state when the interrogation signal powers the protection device.
[0039] A first protective signal 20 is transmitted first after detecting the interrogation signal. The first protective signal 10 is configured to block the interrogation signal when this is of a first modulation type. The first protective signal 20 is transmitted during a first time period 14, from time t0 to time h.
[0040] After the time period 14, the protection device 1 starts to transmit a second protective signal 21 during a second time period 15 from time t to time t2. In other words, the second time period 15 follows the first time period 14. The second protective signal 21 is configured to block the interrogation signal when this is of a second modulation type, wherein the second modulation type is slower than the first modulation type. [0041] Fig 4 is a flow chart illustrating embodiments of methods for preventing a communication with a contactless credential. The method is performed in the interrogation device 1.
[0042] In a detect interrogation signal step 40, the protection device 1 detects presence of an interrogation signal. The interrogation signal powers the protection device 1. In fact, the interrogation signal can be the only power source of the protection device 1. In this way, the protection device 1 does not need a battery or any other power source. As mentioned above, the interrogation signal can comply with ISO/IEC 14443.
[0043] In a transmit 1st protective signal step 42, the protection device 1 transmits a first protective signal 20 during a first time period 14. The first protective signal 20 is configured to block the interrogation signal when this is of a first modulation type.
[0044] The first time period 14 can be less than 20 ms. In one embodiment, the first time period is 10 ms or less. The first time period 14 needs to be sufficiently long to prevent the interrogation signal (when being of the first modulation type) to establish a connection with the contactless credential. On the other hand, the shorter the first time period 14 is, the less power is used for the protection.
[0045] In a transmit 2nd protective signal step 44, the protection device 1 transmits a second protective signal 21 during a second time period 15 that follows the first time period 14. The second protective signal 21 is configured to block the interrogation signal when this is of a second modulation type, wherein the second modulation type is slower than the first modulation type. Optionally, also the first protective signal is configured to block the interrogation signal is of the second modulation type.
[0046] Slower in this context can imply slower in term of lower modulation frequency. In this way, the second modulation type blocks signals with slower symbol rate. This can be achieved with a higher modulation frequency if the first modulation type than the modulation frequency of the second modulation type.
[0047] A modulation frequency of the first modulation type can be at least ten times the modulation frequency of the second modulation type. [0048] The second protective signal can be unable to block the interrogation signal when this is of the first modulation type. The reason for this is that a protective signal which is capable of blocking the interrogation signal of the first modulation type can require more energy per unit of time. Hence, the second protective signal can in this way be configured to use less power per unit of time than the first protective signal.
[0049] The second protective signal and the first protective signal can be transmitted on the same carrier frequency, even if the modulation differs between the second protective signal and the first protective signal.
[0050] The first protective signal and the second protective signal can refrain from containing any data. Since the purpose of the protection device is to block signals and disrupt communication, no energy needs to be spent on transmitting payload data.
[0051] It is to be noted that there can more than two protective signals (as explicitly described above) as long as at least two protective signals are provided. The protective signals can be provided either as distinct protective signals, or as part of a (linear or non-linear) sweep in modulation frequency from a high modulation frequency to a low frequency. When the sweep is non-linear, this can be configured such that sufficient time is spent to generate the first protective signal, after which the sweep proceeds with a sweep to the second protective signal.
[0052] Using embodiments presented herein, attempted communication, e.g. by a skimming device, with a contactless credential is disrupted for communication based on either fast modulation or slow modulation. By first transmitting the first protective signal, that prevents contact with the contactless credential based on fast modulation communication, this connection attempt is disrupted if based on fast modulation. In order to save energy, after the period of blocking the fast modulation communication, the second protective signal is transmitted, which prevents contact with the contactless credential based on slow modulation. The second protective signal consumes less energy for the protection device, allowing the protection device to be powered by the interrogation signal and still prevent fast modulation communication with the protected contactless credential. The protection device does not need to know in advance which modulation type (of interrogation signals) to protect against; the protection device inherently protects against both fast and slow modulation (of interrogation signal), e.g. from a skimming device.
[0053] Fig 5 is a schematic diagram illustrating components of the protection device 1 of Fig 2. A processor 60 is provided using any combination of one or more of a suitable central processing unit (CPU), multiprocessor, microcontroller, digital signal processor (DSP), etc., capable of executing software instructions 67 stored in a memory 64, which can thus be a computer program product. The processor 60 could alternatively be implemented using an application specific integrated circuit (ASIC), field programmable gate array (FPGA), etc. The processor 60 can be configured to execute the method described with reference to Fig 4 above.
[0054] The memory 64 can be any combination of random-access memory (RAM) and/or read-only memory (ROM). The memory 64 also comprises persistent storage, which, for example, can be any single one or combination of magnetic memory, optical memory, or solid-state memory.
[0055] A data memory 66 is also provided for reading and/ or storing data during execution of software instructions in the processor 60. The data memory 66 can be any combination of RAM and/or ROM.
[0056] The protection device 1 further comprises an I/O interface 62 for communicating with external and/or internal entities. The I/O interface 62 can e.g. include the physical switch 11 of Fig 3A.
[0057] A transceiver 61 comprises suitable analogue and digital components to allow signal transmission and signal reception using one or more antennas. The transceiver 61 and antenna are configured to detect interrogation signals destined for a contactless credential and to transmit protective signals.
[0058] One or more of the components of the protection device 1 can be combined in a single microcontroller unit (MCU).
[0059] Using the power efficient protective signals presented herein, the protection device 1 can be completely powered by the interrogation signal received over the transceiver. [0060] Other components of the protection device 1 are omitted in order not to obscure the concepts presented herein.
[0061] Fig 6 shows one example of a computer program product 90 comprising computer readable means. On this computer readable means, a computer program 91 can be stored, which computer program can cause a processor to execute a method according to embodiments described herein. In this example, the computer program product is in the form of a removable solid-state memory, e.g. a Universal Serial Bus (USB) drive. As explained above, the computer program product could also be embodied in a memory of a device, such as the computer program product 64 of Fig 5. While the computer program 91 is here schematically shown as a section of the removable solid- state memory, the computer program can be stored in any way which is suitable for the computer program product, such as another type of removable solid-state memory, or an optical disc, such as a CD (compact disc), a DVD (digital versatile disc) or a Blu-Ray disc.
[0062] The aspects of the present disclosure have mainly been described above with reference to a few embodiments. However, as is readily appreciated by a person skilled in the art, other embodiments than the ones disclosed above are equally possible within the scope of the invention, as defined by the appended patent claims. Thus, while various aspects and embodiments have been disclosed herein, other aspects and embodiments will be apparent to those skilled in the art. The various aspects and embodiments disclosed herein are for purposes of illustration and are not intended to be limiting, with the true scope and spirit being indicated by the following claims.

Claims

1. A method for preventing a communication with a contactless credential (6), the method being performed in a protection device (l) and comprising the steps of: detecting (40) presence of an interrogation signal; transmitting (44) a first protective signal (20) during a first time period (14) wherein the first protective signal (20) is configured to block the interrogation signal when this is of a first modulation type; and transmitting (44) a second protective signal (21) during a second time period (15) that follows the first time period (14), wherein the second protective signal (21) is configured to block the interrogation signal when this is of a second modulation type, wherein the second modulation type is slower than the first modulation type.
2. The method according to claim 1, wherein the interrogation signal powers the protection device (1).
3. The method according to claim 1 or 2, wherein the second modulation type is slower than the first modulation type in terms of lower modulation frequency.
4. The method according to any one of the preceding claims, wherein the first time period is less than 20 ms.
5. The method according to any one of the preceding claims, wherein a modulation frequency of the first modulation type is at least ten times the modulation frequency of the second modulation type.
6. The method according to any one of the preceding claims, wherein the second protective signal is unable to block the interrogation signal when this is of the first modulation type.
7. The method according to any one of the preceding claims, wherein the interrogation signal complies with ISO/IEC, International Organization for Standardization/ International Electrotechnical Commission, 14443.
8. The method according to any one of the preceding claims, wherein neither the first protective signal nor the second protective signal contains any data.
9. A protection device (1) for preventing a communication with a contactless credential (6), the protection device comprising: a processor (60); and a memory (64) storing instructions (67) that, when executed by the processor, cause the protection device (1) to: detect presence of an interrogation signal; transmit a first protective signal (20) during a first time period (14), wherein the first protective signal (20) is configured to block the interrogation signal when this is of a first modulation type; and transmit a second protective signal (21) during a second time period (15) that follows the first time period (14), wherein the second protective signal (21) is configured to block the interrogation signal when this is of a second modulation type, wherein the second modulation type is slower than the first modulation type.
10. The protection device (1) according to claim 9, wherein the protection device is in the shape of a credit card.
11. A computer program (67, 91) for preventing a communication with a contactless credential (6), the computer program comprising computer program code which, when run on a protection device (1) causes the protection device (1) to: detect presence of an interrogation signal; transmit a first protective signal (20) during a first time period (14), wherein the first protective signal (20) is configured to block the interrogation signal when this is of a first modulation type; and transmit a second protective signal (21) during a second time period (15) that follows the first time period (14), wherein the second protective signal (21) is configured to block the interrogation signal when this is of a second modulation type, wherein the second modulation type is slower than the first modulation type.
12. A computer program product (64, 90) comprising a computer program according to claim 11 and a computer readable means on which the computer program is stored.
PCT/EP2021/057543 2020-03-26 2021-03-24 Preventing a communication with a contactless credential WO2021191261A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
SE2050335-5 2020-03-26
SE2050335 2020-03-26

Publications (1)

Publication Number Publication Date
WO2021191261A1 true WO2021191261A1 (en) 2021-09-30

Family

ID=75339710

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2021/057543 WO2021191261A1 (en) 2020-03-26 2021-03-24 Preventing a communication with a contactless credential

Country Status (1)

Country Link
WO (1) WO2021191261A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1918859A1 (en) * 2006-11-03 2008-05-07 Xiring SA Device for protection against fraud in contactless communication objects
US20130130614A1 (en) * 2009-01-29 2013-05-23 Cubic Corporation Protection of near-field communication exchanges
WO2014085862A1 (en) * 2012-12-05 2014-06-12 Harris Teece Pty Ltd Inhibiting unauthorised contactless reading of a contactless readable object
EP2833659A2 (en) * 2013-08-01 2015-02-04 BlackBerry Limited Method and apparatus for anti-eavesdropping in vulnerable nfc applications
US20170201018A1 (en) * 2015-12-31 2017-07-13 Intermec, Inc. Self-reconfigurable antenna

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1918859A1 (en) * 2006-11-03 2008-05-07 Xiring SA Device for protection against fraud in contactless communication objects
US20130130614A1 (en) * 2009-01-29 2013-05-23 Cubic Corporation Protection of near-field communication exchanges
WO2014085862A1 (en) * 2012-12-05 2014-06-12 Harris Teece Pty Ltd Inhibiting unauthorised contactless reading of a contactless readable object
EP2833659A2 (en) * 2013-08-01 2015-02-04 BlackBerry Limited Method and apparatus for anti-eavesdropping in vulnerable nfc applications
US20170201018A1 (en) * 2015-12-31 2017-07-13 Intermec, Inc. Self-reconfigurable antenna

Similar Documents

Publication Publication Date Title
US10650201B1 (en) RFID tags with port-dependent functionality
US7839276B2 (en) Secure self scan
CN103856245B (en) Control the method and system of the operation being capable of in the mobile communication equipment of near-field communication
CN102916957B (en) Safe, reliable and low-cost RFID mutual authentication method
US8665074B1 (en) RFID tag chips and tags with alternative behaviors and methods
EP2120188A1 (en) Memory medium, communication system and control device
US20080230615A1 (en) Near-field communication card for communication of contact information
CN103929526A (en) Mobile phone, method and system for radio frequency identification
US8115590B1 (en) RFID readers limiting theft of confidential information
US20090141896A1 (en) Processing module operating methods, processing modules, and communications systems
WO2008002965A2 (en) Read locking of an rfid tag
CA3190706A1 (en) Using the nfc field from a phone to power card to phone bluetooth communications
CN102289688B (en) Method and device for label processing and access
CA2541364C (en) Controlling connectivity of a wireless smart card reader
US20100013631A1 (en) Alarm recognition
KR101081944B1 (en) Data communication method of mobile phone-smart card
Korak et al. On the power of active relay attacks using custom-made proxies
CN101950348B (en) Radio-frequency card reader
EP2893487B1 (en) Read/write device and transponder for exchanging data via an electromagnetic field
WO2021191261A1 (en) Preventing a communication with a contactless credential
US20100201534A1 (en) Smartcard protection device
JP2006350541A (en) Non-contact communication carrier
US10628722B2 (en) Method and apparatus to enhance the security of contact-less cards
CN104766030B (en) IC card anti-theft brushing device and method
EP2452300B1 (en) Method and system of contactless authentication, and carrier of pin code

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21715825

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21715825

Country of ref document: EP

Kind code of ref document: A1