An NFC relay attack forwards a legitimate contactless exchange through one or more proxy devices, so a reader and a card or phone can communicate even when they are not actually close together. The attacker places one device near the victim’s NFC source and another near the terminal, then relays the data in real time. Because the protocol itself may still be valid, the attack exploits the short-range trust model rather than breaking NFC cryptography.
This matters in payments, access control, and transit systems, where proximity is often treated as proof of legitimacy. In real attacks, relay tools can be built from ordinary phones or custom hardware, making the technique practical and stealthy. Defenses include transaction timing checks, distance-sensitive protocols, stronger server-side anomaly detection, and user interfaces that do not rely on proximity alone. On Android, kiosk-style confinement or card-emulation abuse can make relay fraud easier to hide, so security teams should review both NFC behavior and app-level control of the device.