An apparatus in a wireless vehicle-access system, that includes a vehicle and a fob, includes: a vehicle-authorization parameter module configured to obtain a value of a vehicle-authorization parameter wherein the vehicle-authorization parameter comprises at least one of movement of the fob, a received directional signal, or a received audible signal; and a vehicle function compatibility module configured to: determine whether the value of the vehicle-authorization parameter is consistent or inconsistent with a desired function of the vehicle; inhibit the desired function of the vehicle in response to the value of the vehicle-authorization parameter being determined to be inconsistent with the desired function of the vehicle; and permit the desired function of the vehicle in response to the value of the vehicle-authorization parameter being determined to be consistent with the desired function of the vehicle.

A smart key storage case includes a storage case main body that can shield a signal, a transmission path through which a call signal from an in-vehicle device is radiated into the storage case main body, a switch that conducts/cuts off the transmission path, a radio communication unit that performs data communication with a radio communication terminal, a controller that controls the switch, and a response signal relay section that radiates a response signal from the smart key inside the storage case main body to the outside. When the radio communication terminal is present outside the vehicle, the controller controls the switch so that the call signal transmitted from the in-vehicle device to the inside of the cabin is cut off and the call signal transmitted to the outside of the vehicle is transmitted.

A reader device of an access control system comprises physical layer circuitry and processing circuitry. The processing circuitry is operatively coupled to the physical layer circuitry and is configured to initiate transmission of a command to a credential device; determine a time duration from sending the command to the credential device to receiving a response to the command from the credential device; and generate an indication when the time duration exceeds a relay attack detection threshold time duration.

The disclosed computer-implemented method for defeating relay attacks may include (1) buffering, in a memory buffer, an encoded signal that has been sent to a remote device, (2) detecting, within a time interval of the encoded signal being sent, a second signal that corresponds to the encoded signal, (3) determining that a strength of the second signal is above a predetermined threshold, (4) determining, based on the strength of the second signal being above the predetermined threshold, that the second signal represents a relay attack, and (5) initiating a security action to defeat the relay attack. Various other methods, systems, and computer-readable media are also disclosed.

A physical access control system enables acceptable portal entry codes upon receiving each physical access request by operating on the elapsed time from a previous physical access request to generate a temporal credential. The controller receives a plurality of physical access requests from a plurality of mobile application devices. Upon authenticating the first access request, the controller eliminates repetition from the space of acceptable successor requests from each mobile application device. Monotonic nonces advance the range of temporal code matches. Entry code generation is decentralized to distributed application devices and is inherently unknowable until a successor access request is initiated by the same application device.

A method for passive access control including a mobile device serving as key and an interaction unit, the mobile device and the interaction unit having in each case at least one data communication facility for exchanging authorization information. Operations are provided for carrying out an electronic distance measurement between the mobile device and the interaction unit and for permitting an access and/or an interaction only if the distance of the mobile device from the interaction unit is within a permitted distance.

Controlled access to a vehicle is provided. Whether time of flight (ToF) between an access device and a controller of the vehicle indicates a relay attack is identified. Whether a radio frequency (RF) fingerprint of the access device indicates a relay attack is identified. Responsive to the RF fingerprint but not the ToF indicating a relay attack, the ToF determination is retried. Passive access is allowed to the vehicle responsive to the retried ToF again indicating no relay attack.

Systems, devices, and methods for magnetic fingerprinting for proximity-based systems are described herein. One device includes instructions stored thereon executable by a processor to receive location information associated with a mobile device in a facility, determine that the mobile device is within a particular distance of an area of the facility based on the location information, determine magnetic field information associated with the mobile device, and allow access to the area via a relay associated with the area responsive to a determination that the user is allowed access based on the magnetic field information.

A system includes a processor configured to wirelessly receive a vehicle system command from a remote source over a first communication channel. The processor is also configured to open a second communication channel with an apparent command-originating source, responsive to receiving the command. The processor is further configured to request, over the second communication channel, verification that the command originated from the apparent command-originating source and execute the command responsive to command-origin verification.

Disclosed is a method of wireless communication between a vehicle base station and a transponder, the method comprising: i) driving first and second antennae on the vehicle by the vehicle base station using first driving currents, the first antenna being separated from the transponder by a portion of a vehicle in which the vehicle base station resides; ii) detecting three separate mutually orthogonal vector components of the respective fields emitted by the first and second antennae and received at the transponder; iii) calculating superposition factors for the first and second antennae based upon the separate vector components; iv) concurrently driving the first and second antennae using the same phase, respectively using the first driving currents multiplied by the calculated superposition factors; v) detecting three mutually orthogonal vector components of a superposed signal including signals from both antennae received at the transponder; vi) determining whether two of the three detected vector components are above a threshold noise level; vii) if fewer than two of the three detected vector components are above the threshold noise level, repeating step iv) with one of the first and second antennae being driven by the first driving current multiplied by the calculated superposition factors and by an adjustment factor; and viii) if two of the three detected vector components are above the threshold noise level, authenticating the transponder in response to the detected superposed vector components being within an error-based range of the sum of the separate vector components for each of the first and second antennae as multiplied respectively by the superposition factors for the first and second antennae.