I love it when I can steal two different titles from my money site like that. I have written a few articles about Near Field Communication (NFC) and also Is It Safe. I am happy just with the title of this post about Near Field Communication.
First let us point to where you can read more about Near Field Communication and how it is being implemented in the financial world. Your phone allows you to “tap” to pay for lower cost things, the way you do with some of your chip credit cards (an over simplified explanation, but effective). It allegedly is only for short range, but I am of the “tin foil hat crowd” who believe range can be extended easily (i.e. I don’t really trust the statement someone needs to be near you to try to hack your phone).
What Attacks are Possible?
What might the bad guys be trying to do? Luckily the NFC folks are kind enough to outline the attacks possible:
- Eavesdropping where an attempt is made to figure out what is being said between systems, but in theory the data transfer is encrypted.
- Corruption of the transaction or communication, just to be a pain the arse. The secure channel should prevent that.
- Interception or man-in-the-middle attacks, where something in between you and the end point attempts to have info transit through it, and stealing data (or better still altering information as it passes through). They say this shouldn’t happen?
- Theft of the end device (i.e. your phone), and the only way to make that safe is the end user being safe with their phone, putting a password on it, and have an ability to wipe the system if it is stolen.
Is your phone “secure”, is the big question, we shall see where this all might lead.
An interesting video from TMT about this subject and whether it will be highly adopted soon: