NFC is a short range two-way wireless communication technology that enables simple and secure communication between electronic devices embedded with NFC microchip. NFC technology operates in 13.56 megahertz and supports 106, 212, or 424 Kbps throughput. There are three available modes of NFC communication:

  • Read/write (e.g. for reading tags in NFC posters)
  • Card emulation (e.g. for making payments)
  • Peer-to-peer (e.g. for file transfers)

There is no need for pairing code between devices, because once in range they instantly start communication and prompt the user. NFC technology is power efficient – much more than other wireless technologies. The communication range of NFC is approximately 10 centimeters and it could be doubled with specific antennas. The short range makes this technology secure. Only allowing near field communications makes this communication technology optimal for secure transactions, such as contactless payments. Some examples of NFC applicability include:

  • Ticket confirmation for sports events, concerts, at theaters, cinemas;
  • Welfare performances improvement – syncing workout data from a fitness machines with personal user device;
  • Personalized content sharing – viewing special offers on your phone in museums, shopping malls and stores;
  • Loaders of translated content in different services, like menus in the restaurants;
  • Check-in and check-out in hotels, airports, etc.;
  • Security systems – unlocking an NFC-enabled door locks, etc.

NFC technology provides further support for smart home and smart building evolution. In the bedroom an NFC tag can be used for monitoring TV, wireless system, alarm, lighting or other devices via the smartphone. In the kitchen NFC tags could be placed on refrigerator and oven making them smart as presented in Figure 3., or they could be used to modify the ambient according to your needs (turning on and off some lights, music, etc.)

NFC support for smart kitchen
Figure 1: NFC support for smart kitchen

NFC tags can transform a smartphone or other personal digital device embedded with NFC chipset, into a universal remote capable of performing any action. Compared to RFID technology, every NFC device has embedded NFC reader and NFC tag capabilities. The potential for NFC technology applicability in smart homes and buildings is endless.

NFC advantages for smart homes and buildings applicability are simplicity, security, capability to connect unconnected devices via NFC tags or bridge other incompatible wireless technologies, low power consumption, widespread technology in almost all electronic devices, etc.

The main limitations that have to be considered for NFC applicability in smart home and smart building use cases are: very short distance, lower throughput compared to other wireless technologies, it is not completely risk-free technology – due to the fact that mobile based hacking tools are evolving and became common today.

NFC Security

NFC wireless technology enables all objects to connect to the Internet. Its applicability in the IoT domain, to smart home and smart building use cases is crucial, especially if taken into account the fact that all modern personal devices (cellphones, tablets and notebooks) are embedded with NFC chips and their mutual compatibility is achieved.

One of the security mechanisms implemented in NFC is Digital Signature (defined in the NFC Forum Signature RTD 2.0) with asymmetric key exchange. The Digital Signature is a part of the NFC Data Exchange Format (NDEF) message, which includes also a Certificate Chain and a Root Certificate. Each NFC device has a private and a public key.

Developed by HID – NFC tag manufacturer, another security mechanism is a Trusted Tag. It fully complies with NFC Forum Tag Type 4 and works with any NFC Forum compatible devices. The Trusted tag is protected from cloning and embedded with cryptographic code generated by every “tap” or click on NFC button. This cryptographic code protects the content of the transmitted information.

NFC technology operates in limited range includes additional protection like PIN or biometric locks that enable secure data exchange. Similar to other wireless technologies, NFC is susceptible to some security challenges. Some illustrative examples are:

  • General Theft of property or losing a device is hard to avoid. The best defense from this threat is to ensure phones, tablets and other personal devices from unauthorized logging and usage.
  • Eavesdropping and interception attacks apply to NFC technology.
  • Man in the middle attack is possible if there is a malicious device positioned between two NFC devices or in their short range that receives and alters the exchanged information. They can be prevented by remaining aware of unusual devices that are attached or positioned nearby to transactions premises. It is important to ensure that NFC transactions are realized only in official and authorized places.
marin@5g.security | Website | Other articles

Marin Ivezic is a Cybersecurity & Privacy Partner in PwC Canada focused on risks of emerging technologies. He leads PwC’s global 5G cybersecurity efforts as well as industrial, IoT and critical infrastructure cybersecurity services in the region. All these focus areas are being transformed with the emergence of 5G, massive IoT (mIoT) and critical IoT (cIoT). Marin worked with critical infrastructure protection organizations in a dozen countries, 20+ of the top 100 telecom companies, and a number of technology companies on understanding the geopolitics of 5G; uncovering as-yet-unknown security and privacy risks of 5G, AI and IoT; and defining novel security and privacy approaches to address emerging technology risks.

NFC Cybersecurity