If you’ve purchased a smartphone in the past few years, it almost certainly came with NFC capability.
The technology allows users to effortlessly transfer money, share files, and eliminate a growing list of other tasks. But this data transfer can create vulnerabilities. BBB has advice on what NFC can do and how to stay safe while using it. But first….
What exactly is NFC?
NFC means Near field communication. It is a data transfer that only works in a very short physical range. We’re talking inches, not feet. Some forms of this technology require you to tap one device against another or wave them back and forth in close proximity.
NFC is based on RFID (radio frequency identification) technology, a process that uses radio frequencies to identify objects. Near field communication is high frequency RFID that allows one device to easily communicate with another.
What does it do?
Near Field Communication uses a series of protocols to make transactions easier and faster. People use them to make contactless payments, share digital content, connect one device to another, and a growing list of other tasks every day.
How do they work?
NFC relies on proximity. So when users approach a device they want to interact with, they usually get a prompt asking for permission. They follow the on-screen prompts from there. It’s convenient because it doesn’t involve downloading an app or signing up to get started.
When you activate certain NFC technologies, they activate Bluetooth and use it to perform your data transfer. This means you don’t have to fumble with your phone to find the Bluetooth settings, choose the device you want to pair, enter the key or code, etc.
Other NFC technologies enable Wi-Fi between two devices so they can “talk” back and forth. The big advantage here is that Wi-Fi direct has a lot more bandwidth, so large files transfer faster.
Which smartphones are equipped with NFC?
New portable devices are available all the time, so the list of compatible devices is constantly changing. NFCWorld maintains an extensive list of phones and tablets available now and in the future. But for most people, their mobile is already capable. Android devices running version 4.0 or later offer the ability to use NFC for financial transactions. Phones with Android 4.4 or later allow users to exchange files and messages via NFC. iPhone was a bit later to jump on the bandwagon. However, if you have an iPhone 6 or later, it supports near field communications.
Are they only intended for financial transactions?
The possibilities and uses of near field communications are, for the most part, just limited by the imagination. Here are a few things people can already do with it:
- Open car doors
- Share contact details
- Share any link you program to have
- Make wireless payments using smartphones and tablets
- Create an automatic Wi-Fi/Bluetooth pairing between phone and vehicle for hands-free driving
- Pay and receive access to public parking and transport
- Send photos or videos between digital cameras, cell phones and media players
- Allow shoppers to receive and use coupons
- Prevent heavy sleepers from turning off their alarm until they are actually awake
- Enable healthcare workers to monitor medications and track physical symptoms
- Create interactive toys and games
The streamlined connectivity is great and being able to exchange funds without having to dig into our wallets was becoming popular before social distancing was even a thing. Now it’s even more useful because it means we don’t have to touch cash or transaction terminals. But whenever a technology is widely adopted, hackers begin to focus on how they can exploit it for unfair gain.
Near field communications and cybersecurity
Convenience is great, but if you’re like most people, you might recognize that when data just floats there’s a security risk, especially when the technology is tied to your credit card or your bank account. So, how risky is NFC technology?
The good thing is that if you bump your phone with a friend’s to share music or check with a trusted provider, the security risk is quite low due to the proximity requirement. The devices should be four centimeters or less apart, and for the split second it takes to transfer data, it would be difficult for a hacker to break into them without you noticing.
It takes more than just a shock for a transaction to happen; the sending and receiving devices must be ready to accept the data transfer. It would be difficult for a hacker to brush past you in a crowd and wirelessly withdraw from your bank account. You won’t run into a stranger in the grocery store and accidentally send all your personal information to their phone. But that doesn’t mean NFC is risk-free.
A problem arises when people lose their phones or have their devices stolen. If a thief can unlock your device, or if you don’t secure it with a strong password, there’s nothing stopping them from waving it past a payment terminal or ATM to get your money.
NFC tags are also vulnerable to tampering. For example, users tapped on smart tags thinking they were about to access movie trailers or visit a provider’s website, but instead their personal information was been sent to a bad actor.
7 NFC Security Tips
Protect your data by taking these precautions:
- Password protect your mobile device
- Enable two-factor authentication for all monetary transactions
- Read data usage policies before downloading apps to make sure they protect your privacy
- Update installed apps regularly
- Turn off your NFC when not in use (with Android devices, this is in settings. With iPhone, NFC is disabled in individual apps)
- Update your device as needed to receive security patches and firmware updates
- Only use near-field communications with vendors and people you know you trust
Source: BBB.org and BBB serving East Central Texas
Have you heard of or been the victim of an NFC-related scheme or fraud? You can help raise awareness and protect others when you report it to BBB Scam Tracker. To find reputable companies, go to bbb.org.
Suggest a fix