With NFC, the promise is that transactions with parking meters, snack machines, or anything else that requires payment or simple information transfer can be completed quickly and easily using nothing more than a mobile phone. In other words, the technology is likely to become a juicy target for hackers.
In front of a capacity crowd at the Black Hat security conference here in Las Vegas, security researcher Charlie Miller detailed and demonstrated new vulnerabilities in NFC. Currently, NFC is available on about 50 smart phones.
Miller explained that NFC is based on RFID and uses similar standards to that technology. The primary difference is that NFC is designed for close proximity with an operating range of about 4 centimeters.
“So lots of people think that no encryption is needed since no one will get that close,” Miller said, as the audience laughed.
Miller then proceeded to show a number of videos of his own research in which he attempted to read an NFC card through a wallet that was sitting in another person’s pocket. He referred to his actions as the wireless equivalent of credit card skimming.
Read the full story at eSecurityPlanet:
Black Hat: NFC-Equipped Smartphones Vulnerable to Attack