NFC
So, what exactly is NFC? At its core, NFC is a set of short-range wireless technologies that allows devices to communicate over very short distances, typically about 4 centimetres or one and half inches. That might not sound like much, but NFC powers some everyday conveniences like contactless payments, security passes and pairing.
NFC uses no authentication. Essentially security is achieved by proximity. The two devices need to be near each other in order to communicate. Some devices may include additional security features like fingerprint scanners, but it’s important to note that these are not part of the core NFC protocol. In essence, these features act like a control switch for NFC, enabling or disabling the connection based on user authentication. While they enhance security, they operate independently of NFC’s core functionality.
The main take away with NFC is that it is simple to use, requiring no manual pairing or additional steps in order to use it. This makes it ideal for quickly paying for your morning coffee with just a tap of your credit card.
Data Rate Low
NFC is designed for low-speed communication, making it well-suited for transferring small amounts of data. It is not practical for large transfers or high-bandwidth applications. A common example is contactless payments, where only a small amount of information needs to be exchanged quickly. However, NFC lacks built-in authentication and encryption, leaving it vulnerable to eavesdropping. This raises an important question: how secure is it?
NFC Security (Does Not Have Any)
NFC is not secure so essentially an attacker could eavesdrop on an NFC communication. Since NFC has a very short range, you would probably notice someone or a device trying to intercept NFC communication.
While an attacker could conceptually intercept NFC communication, keep in mind that even though NFC is not secure, the applications that use it are. Let’s consider an example.
For a contactless payment system, it is kept secure by using one-use tokens. Essentially a one-use token is useless after it has been used. If an attacker were to intercept the token, since the token was used in the transaction, it is already useless by the time the attacker gets it. You can see using a method like this does not require the communication to be secure.
When NFC is used for tasks like pairing Bluetooth devices or configuring Wi-Fi, basic information such as device IDs and connection instructions are exchanged via NFC. However, sensitive data, like encryption keys, are not transmitted over NFC. Instead, these keys are exchanged using the device’s native protocols, which are secured through encryption and other protective measures, ensuring the safety of the connection. Thus, you don’t need to worry about NFC not being secure.
End Screen
That concludes this video on NFC from ITFreeTraining. Until the next video from us, I would like to thank you for watching.
References
“The Official CompTIA A+ Core Study Guide (Exam 220-1101)” pages 155, 257
“License CC BY 4.0” https://creativecommons.org/licenses/by/4.0/
“Video: How do Europeans pay? On channel European Central Bank licensed under CC BY 3.0 ” https://www.youtube.com/watch?v=qThOKeZtbb8
“Picture: NFC logo” https://en.wikipedia.org/wiki/Near-field_communication#/media/File:NFC_Forum_N_mark.svg
Credits
Trainer: Austin Mason https://ITFreeTraining.com
Voice Talent: HP Lewis http://hplewis.com
Quality Assurance: Brett Batson https://www.pbb-proofreading.uk
