Near field communication, or NFC, allow for simplified transactions, data exchange, and connections with a touch. Formed in 2004, the Near Field Communication Forum (NFC Forum) promotes sharing, pairing, and transactions between NFC devices and develops and certifies device compliance with NFC standards. A smartphone or tablet with an NFC chip could make a credit card payment or serve as keycard or ID card. NFC devices can read NFC tags on a museum or retail display to get more information or an audio or video presentation. NFC can share a contact, photo, song, application, or video or pair Bluetooth devices. The 140 NFC Forum members include LG, Nokia, Huawei, HTC, Motorola, NEC, RIM, Samsung, Sony Ericsson, Toshiba, AT&T,Sprint, Rogers, SK, Google, Microsoft, PayPal, Visa, Mastercard, American Express, Intel, TI, Qualcomm, and NXP.
Essential specifications
NFC is a set of short-range wireless technologies, typically requiring a distance of 4 cm or less. NFC operates at 13.56 MHz on ISO/IEC 18000-3 air interface and at rates ranging from 106 kbit/s to 848 kbit/s. NFC always involves an initiator and a target; the initiator actively generates an RF field that can power a passive target. This enables NFC targets to take very simple form factors such as tags, stickers, key fobs, or cards that do not require batteries. NFC peer-to-peer communication is of course possible, where both devices are powered. A patent licensing program for NFC is currently under development by Via Licensing Corporation, an independent subsidiary of Dolby Laboratories. A public, platform-independent NFC library is released under the free GNU Lesser General Public License by the name libnfc.
Uses
Emerging NFC standards allow customers to quickly purchase products and transfer secure information by touching devices. NFC allows companies to reduce staffing, printing, and point of sale costs. Globally, 100 million people use mobile payment outside the U.S., but only 3.5 million use the technology in the U.S.
Social networking
NFC simplifies and expands Social networking options:
- File Sharing: Tap one NFC device to another to instantly share a contact, photo, song, application, video, or website link.
- Electronic business card: Tap one NFC device to another to instantly share electronic business cards or resumes.
- Electronic money: To pay a friend, you could tap the devices and enter the amount of the payment.
- Mobile gaming: Tap one NFC device to another to enter a multiplayer game.
- Friend-to-friend: You could touch NFC devices together to befriend each other or share a resume or to "check-in" at a location.
Bluetooth and WiFi Connections
NFC can be used to initiate higher speed wireless connections for expanded content sharing.
- Bluetooth: Instant Bluetooth Pairing can save searching, waiting, and entering codes. Touch the NFC devices together for instant pairing.
- WiFi: Instant WiFi Configuration can configure a device to a WiFi network automatically. Tap an NFC device to an NFC enabled router.
eCommerce
NFC expands eCommerce opportunities, increases transaction speed and accuracy, while reducing staffing requirements. A Personal identification number (PIN) is requried for payments.
- Mobile payment: An NFC device may make a payment like a credit card by touching a payment terminal at checkout or a vending machine when a PIN is entered.
- PayPal: PayPal may start a commercial NFC service in the second half of 2011.
- Google Wallet is an Android app that stores virtual versions of your credit cards for use at checkout when a PIN is used.
- Ticketing: Tap an NFC device to purchase rail, metro, airline, movie, concert, or event tickets. A PIN is required.
- Boarding pass: A NFC device may act as a boarding pass, reducing check-in delays and staffing requirements.
- Point of Sale: Tap an SmartPoster tag to see information, listen to an audio clip, watch a video, or see a movie trailer.
- Coupons: Tapping an NFC tag on a retail display or SmartPoster may give the user a coupon for the product.
- Tour guide: Tap a passive NFC tag for information or an audio or video presentation at a museum, monument, or retail display (much like a QR Code).
Identity documents
NFC's short range helps keep encrypted identity documents private.
- ID card: An NFC enabled device can also act as an encrypted student, employee, or personal ID card or medical ID card.
- Keycard: A NFC enabled device may serve as car, house, and office keys.
- Rental Car and hotel keys: NFC rental car or hotel room keys may allow fast VIP check-in and reduce staffing requirements.
History
NFC traces its roots back to Radio-frequency identification, or RFID. RFID allows a reader to send radio waves to a passive electronic tag for identification and tracking.
- 1983 The first patent to be associated with the abbreviation RFID was granted to Charles Walton.
- 2004 Nokia, Philips And Sony Establish The Near Field Communication (NFC) Forum
- 2006 Initial Specifications for NFC Tags
- 2006 Specification For "SmartPoster" Records
- 2006 Nokia 6131 is the first NFC phone
- 2009 In January, NFC releases Peer-to-Peer Standards to transfer contact, URL, initiate Bluetooth, etc.
- 2010 Samsung Nexus S - First Android NFC Phone shown
- 2011 Google I/O "How to NFC" demonstrates NFC to initiate a game and to share a contact, URL, app, video, etc.
Comparison with Bluetooth
| NFC | Bluetooth | Bluetooth Low Energy | |
|---|---|---|---|
| RFID compatible | ISO 18000-3 | active | active |
| Standardisation body | ISO/IEC | Bluetooth SIG | Bluetooth SIG |
| Network Standard | ISO 13157 etc. | IEEE 802.15.1 | IEEE 802.15.1 |
| Network Type | Point-to-point | WPAN | WPAN |
| Cryptography | not with RFID | available | available |
| Range | < 0.2 m | ~10 m (class 2) | ~1 m (class 3) |
| Frequency | 13.56 MHz | 2.4-2.5 GHz | 2.4-2.5 GHz |
| Bit rate | 424 kbit/s | 2.1 Mbit/s | ~1.0 Mbit/s |
| Set-up time | < 0.1 s | < 6 s | < 1 s |
| Power consumption | < 15mA (read) | varies with class | < 15 mA (transmit) |
NFC and Bluetooth are both short-range communication technologies which are integrated into mobile phones. As described in technical detail below, NFC operates at slower speeds than Bluetooth, but consumes far less power and doesn’t require pairing.
NFC sets up faster than standard Bluetooth, but is not much faster than Bluetooth low energy. With NFC, instead of performing manual configurations to identify devices, the connection between two NFC devices is automatically established quickly — in less than a tenth of a second. The maximum data transfer rate of NFC (424 kbit/s) is slower than that of Bluetooth V2.1 (2.1 Mbit/s). With a maximum working distance of less than 20 cm, NFC has a shorter range, which reduces the likelihood of unwanted interception. That makes NFC particularly suitable for crowded areas where correlating a signal with its transmitting physical device (and by extension, its user) becomes difficult.
In contrast to Bluetooth, NFC is compatible with existing passive RFID (13.56 MHz ISO/IEC 18000-3) infrastructures. NFC requires comparatively low power, similar to the Bluetooth V4.0 low energy protocol. However, when NFC works with an unpowered device (e.g. on a phone that may be turned off, a contactless smart credit card, a smart poster, etc.), the NFC power consumption is greater than that of Bluetooth V4.0 Low Energy. Illumination of the passive tag needs extra power.
Security aspects
Although the communication range of NFC is limited to a few centimeters, NFC alone does not ensure secure communications. In 2006, Ernst Haselsteiner and Klemens Breitfuß described different possible types of attacks, and detail how to leverage NFC's resistance to Man-in-the-middle attacks to establish a specific key. Unfortunately, as this technique is not part of the ISO standard, NFC offers no protection against eavesdropping and can be vulnerable to data modifications. Applications may use higher-layer cryptographic protocols (e.g., SSL) to establish a secure channel. Ensuring security for NFC data will require the cooperation of multiple parties: device providers, who will need to safeguard NFC-enabled phones with strong cryptography and authentication protocols; customers, who will need to protect their personal devices and data with passwords, keypad locks, and anti-virus software; and application providers and transaction parties, who will need to use anti-virus and other security solutions to prevent spyware and malware from infecting systems.
Eavesdropping
The RF signal for the wireless data transfer can be picked up with antennas. The distance from which an attacker is able to eavesdrop the RF signal depends on numerous parameters, but is typically a small number of metres.[37] Also, eavesdropping is extremely affected by the communication mode. A passive device that doesn't generate its own RF field is much harder to eavesdrop on than an active device. One Open source device that is able to eavesdrop on passive and active NFC communications is the Proxmark instrument.
Data modification
It is relatively easy to destroy data by using an RFID jammer. There is no way currently to prevent such an attack. However, if NFC devices check the RF field while they are sending, it is possible to detect attacks.
It is much more difficult to modify data in such a way that it appears to be valid to users. To modify transmitted data, an intruder has to deal with the single bits of the RF signal. The feasibility of this attack, (i.e., if it is possible to change the value of a bit from 0 to 1 or the other way around), is amongst others subject to the strength of the amplitude modulation. If data is transferred with the modified Miller coding and a modulation of 100%, only certain bits can be modified. A modulation ratio of 100% makes it possible to eliminate a pause of the RF signal, but not to generate a pause where no pause has been. Thus, only a 1 which is followed by another 1 might be changed. Transmitting Manchester-encoded data with a modulation ratio of 10% permits a modification attack on all bits.
Relay attack
Because NFC devices usually include ISO/IEC 14443 protocols, the relay attacks described are also feasible on NFC. For this attack the adversary has to forward the request of the reader to the victim and relay back its answer to the reader in real time, in order to carry out a task pretending to be the owner of the victim’s smart card. One of libnfc code examples demonstrates a relay attack using only two stock commercial NFC devices.
Lost property
Losing the NFC RFID card or the mobile phone will open access to any finder and act as a single-factor authenticating entity. Mobile phones protected by a PIN code acts as a single authenticating factor. A way to defeat the lost-property threat requires an extended security concept that includes more than one physically independent authentication factor.
Walk-off
Lawfully opened access to a secure NFC function or data is protected by time-out closing after a period of inactivity. Attacks may happen despite provisions to shutdown access NFC after the bearer has become inactive. The known concepts described primarily do not address the geometric distance of a fraudulent attacker using a lost communication entity against lawful access from the actual location of the registered bearer. Additional feature to cover such attack scenario dynamically shall make use of a second wireless authentication factor that remains with the bearer in case of lost NFC communicator. Relevant approaches are described as an electronic leash or its equivalent, a wireless key.
NFC-enabled handsets
- Nokia C7-00
- Nokia 6216 Classic (Nokia has confirmed the cancellation of this phone in February 2010)[42]
- Nokia 6212 Classic
- Nokia 6131 NFC
- Nokia 3220 + NFC Shell
- Nokia 5140(i) + NFC Shell
- Samsung S5230 Tocco Lite/Star/Player One/Avila
- Samsung SGH-X700 NFC
- Samsung D500E
- SAGEM my700X Contactless
- LG 600V contactless
- Motorola L7 (SLVR)
- Benq T80
- Sagem Cosyphone
- Google Nexus S
- Google Nexus S 4G
- Samsung Galaxy S II (Some versions but not all)
- Samsung Wave 578
- BlackBerry Bold 9900/9930
- Nokia N9