Relay attacks on NFC in cars, credit cards, and office badges: Three research papers to learn about NFC relay attacks. 💳📱🛰️😉

There’s no need to hack into something if you can bypass it, right? A relay attack is one way to do so on a budget. Below are three papers to learn about how to perform relay attacks on NFC.

[1] This paper, from an anonymous author, presents the concept of relay attacks that steal credit card details. The paper is from 2015, but I included it because this attack was recently found in Android malware in the wild.

[2] This white paper illustrates the same NFC attack for office badges and contactless cards such as MIFARE.

[3] This is the research by Josep Pi Rodriguez on the Tesla Model Y NFC key relay, where he demonstrates a practical way to unlock the Tesla.

Enjoy the read, and please use this knowledge wisely and for good. Thank you! 🙏

More details:

[1] Practical Experiences on NFC Relay Attacks with Android: Virtual Pickpocketing Revisited [PDF, 2015]: https://archive.conference.hitb.org/hitbsecconf2015ams/wp-content/uploads/2014/12/WHITEPAPER-Relay-Attacks-in-EMV-Contactless-Cards.pdf

[2] The danger of relay attack within the physical security domain [PDF, 2020]: https://www.nedapsecurity.com/wp-content/uploads/2020/03/Nedap-Whitepaper-Relay-Attack-EN.pdf

[3] Tesla ModelY NFC relay attack from 1000’s of km away.[PDF, 2023]: https://www.ioactive.com/wp-content/uploads/2025/06/NFC_Relay_attack.pdf