Advancing mobile interoperability and security through controlled magnetic fields

Abstract

As integrated circuit technology continues to advance, the capabilities of mobile devices expand correspondingly, bringing increased security challenges and a greater need for innovative applications. Magnetic inductive coupling, which enables energy transfer between circuits via a controlled magnetic field, has emerged as a key technology, enhancing the versatility and functionality of mobile systems. However, current research primarily focuses on optimizing applications such as wireless charging and near-field communication, as exemplified by protocols like Qi and NFC respectively. There is limited investigation into the security threats posed by magnetic inductive coupling. Additionally, the application of magnetic inductive coupling is constrained, with few efforts made to extend its use to new scenarios or higher frequency bands. Consequently, the potential of magnetic inductive coupling in mobile computing has not been fully tapped, which has restricted its widespread adoption and practical deployment across various mobile platforms. To bridge these gaps, our work includes assessing security threats and unveiling a range of interoperable applications through controllable magnetic inductive coupling fields, extending from low frequency to ultra-high frequency range. First, we analyze a physical side-channel attack strategy enabled by controlled magnetic inductive coupling in the Low Frequency (LF) band. Specifically, a novel type of inaudible voice command attack initiated through controllable magnetic interference from a wireless charger is investigated. We demonstrate that smart device microphones experience significant magnetic interference during wireless charging, primarily due to inadequate protection against electromagnetic interference at frequencies around 100kHz or below. Exploiting this vulnerability, we developed two types of inaudible voice attacks designed to inject malicious voice commands into devices while they are being wirelessly charged. These attacks use either compromised wireless chargers or attached accessory devices to manipulate the magnetic leakage and deliver the commands. Extensive experiments were conducted across various devices and voice assistants. The evaluations confirm the effectiveness of these attacks in typical commercial charging settings, and appropriate countermeasures have been suggested to mitigate the threats. Second, we introduce a novel physical side-channel communication scheme enabled by controlled magnetic inductive coupling in the High Frequency (HF) band. This system, called MagCode, enhances mobile payment security by utilizing controllable benign magnetic interference from an NFC reader. This interference produces barcode-like stripes on images captured by a smartphone's CMOS sensor positioned near the NFC reader. This method enables simplex communication between an NFC reader and smartphones that either lack NFC capabilities or have them disabled, by precisely modulating the magnetic-induced stripes with information bits. We design and implement a stack of protocols from the physical to the transport layer and test the proof-of-concept prototype across multiple smart devices to guarantee robust performance. The evaluation results indicate that data throughput is satisfactory, achieving speeds up to 2.58 kbps, with transactions typically completed within 1.8 seconds. Third, we investigate an effective RFID inventory mechanism enabled by controlled magnetic inductive coupling at the Ultra-High Frequency (UHF) band. The system, named RFID+, employs spatially controllable magnetic inductive coupling to enhance the distance and precision of near-field RFID inventory within logistical networks. RFID+ optimizes energy harvesting from tailored magnetic fields through the matching loops of standard UHF RFID tags, achieving spatial accuracy akin to HF NFC systems and significantly lowering miss-reading and cross-reading rates. Key innovations include a specialized multi-turn, capacitor-segmented coil antenna and a rapid inventory algorithm that combines traditional radiative coupling with magnetic coupling to enhance the overall performance and efficiency of RFID inventory systems. Pilot studies in real-world warehouse and logistics settings demonstrate that RFID+ substantially reduces the misreading rate from 22.9% to a remarkable 1.06%, while effectively eliminating cross-reading issues. In conclusion, this thesis explores the dual aspects of controlled magnetic fields in mobile intelligence, addressing both its potential threats and opportunities. Specifically, it delves into and mitigates vulnerabilities to inaudible voice injection attacks resulting from controlled magnetic interference in the LF band. Concurrently, it explores two innovative mobile applications, including a novel contactless payment system powered by controlled HF band magnetic coupling interference and a highly accurate RFID near-field inventory system utilizing spatially controllable magnetic fields in the UHF band.