If you have a smartphone purchased in the last few years, it almost certainly came with NFC capability. The technology allows you to make contactless payments, share digital content, connect one device with another and a list of other options that gets longer every day. But that data transfer can create vulnerabilities.
What exactly is NFC? NFC stands for Near Field Communication. It’s a data transfer that only works within a very short physical range — inches, not feet. Some forms of this technology require you to tap one device against another or wave them in close proximity.
NFCs are based on RFID (radio frequency identification) technology, a process that uses radio frequencies to identify objects. NFC is high-frequency RFID that makes it easy for one device to communicate with another and uses a series of protocols to make transactions easier and faster.
How do they work? An NFC relies on proximity, so when users get close to a device they want to interact with they typically receive a prompt asking for permission and then follow on-screen prompts from there. It’s convenient because it doesn’t involve downloading an app or signing up to get started.
When you activate some NFC technologies, they enable Bluetooth and use that to make your data transfer. That means you don’t have to fumble around with your phone to find Bluetooth settings, choose the device you want to pair, enter the key or code and so on. Some NFC technologies enable Wi-Fi between two devices so they can “talk” back and forth which allows big files to transfer faster.
What smartphones come with NFC? NFCWorld maintains a long list of phones and tablets with compatibility or those that will have it soon, and the list grows as new devices continue to become available. Most people have mobile devices that are already compatible.
Android devices running 4.0 or later come with the ability to use NFTs for financial transactions. Phones with Android 4.4 or later allow users to exchange files and messages via NFC. If you have iPhone 6 or later, it supports Near Field Communications.
Are they just for financial transactions? The possibilities and uses for near field communications keep growing. It’s already used for opening car doors, sharing contact information and program links, making wireless payments through smartphones and tablets, paying for public parking and transportation, sending photos between digital cameras, phones & media players, receiving and redeeming coupons, creating interactive toys and games, and creating an automatic Wi-Fi/Bluetooth pairing between phone and vehicle for hands-free driving.
NFCs and cyber security
Simplified connectivity is great, but every time a technology is widely adopted, hackers start focusing on how they can exploit it for unfair gain. When data is moving, there’s a security risk, especially when technology is linked to your credit card or bank account. So how risky is NFC technology?
The good news is it takes more than just a bump for a transaction to occur; both sending and receiving devices must be ready to accept the data transfer. If you’re bumping your phone with a friend’s to share music or checking out with a trusted vendor, the security risk is fairly low because of the proximity requirement. Devices must be 4 centimeters or less apart, and during the split seconds the data transfer actually takes to occur, it would be hard for a hacker to get in there without you noticing.
It would also be difficult for a hacker to brush against you in a crowd and wirelessly withdraw from your bank account. You’re not likely to collide with a stranger in the grocery store and accidentally send their phone all your personal information.
But that doesn’t mean NFCs are without risk. One problem happens when people lose their phones or have their devices stolen. If a thief can unlock your device, or if you don’t secure it with a strong password, there’s nothing to stop them from waving it over a payment terminal or ATM to get your money.
NFC tags are also vulnerable to tampering. For example, users have tapped smart tags thinking they were about to access movie trailers or visit a vendor website, but instead had their personal information sent to a bad site.
7 NFC security tips:
Keep your data safe by taking these precautions:
* Password protect your mobile device.
* Enable two-factor authentication for all monetary transactions.
* Read data usage policies before you download apps to make sure they protect your privacy.
* Update installed apps regularly.
* Turn your NFC off when not in use. With Android devices this is under settings. With iPhone NFC is disabled within individual apps.
* Update your device as required so you receive security patches and firmware updates.
* Only use NFCs with vendors and individuals you know are trustworthy.
Michele Mason is president of the Better Business Bureau for Southeast Tennessee and Northwest Georgia