The connectivity trivia goes all the way from the pigeons to Wi-Fi, and presently, the Near Field Communication. Is your latest smartphone or Payment Cards is NFC (Near Field Communication) enabled, we know its exciting but before you completely amaze by its usage have a look at its security and privacy concerns. Here are top 5 security concerns and solutions for it.
The BANE of giving as much power to a chip:
- When the air you breathe is the same as the air the hacker also does
One of the reasoning given by the theorists is that- the NFC is an extremely short range of communication- 15-20 cm. The antenna is extremely sensitive and directional. Hence, the hacker needs to be uncomfortably close, or a close acquaintance to procure the credentials. However, hackers have found themselves in the frenzy of snatching information, despite the satisfying range. The antenna, used is a loop antenna. The pattern of the loop antenna is not directional. As a result, the rays can propagate, over a range more than intended, and can effectively be “caught in the air”.
The range that hackers are claiming is nearly 5m away from the phone. The eavesdropper is technically placed at the same location as the person who is transacting. That sounds even more threatening. Data can also be manipulated by a middleman before sending it to the receiver.
Solution: Looking at the abundance of the NFC tags, though the cash transactions, seem the one everyone is worried the most about, it is better to use a shield, at the place of transaction. This isolator/ shield can effectively confine the rays from the antenna to the receiver- like a wall. The stray rays themselves will be attenuated.
- The insecure Wi-Fi
The Wi-Fi giving a wide ocean for hacking and tutorials present on the internet provides a good source for hacking into the phone and getting the information from it. This encompasses the NFC. Thus the phones which use NFC needs to have a better-suited Wi-Fi source, which they can connect to. Open networks pose the greatest threat. Moreover, the NFC devices also can connect directly to the Wi-Fi networks without the need for the authentication. As a result, if the hacker sets up the Wi-Fi, he can lurk in the corner and lure into the phone.
- The lack of authenticity to the connection
Unlike the Bluetooth, which requires a secure password for connection with the devices, the NFC does not require any form of authority to connect with another phone. When the NFC turns on, it checks around for other NFC enabled devices in its vicinity set up the connection. As a result, if the NFC has connected with a virulent phone, there is a potential chance of addition and deletion of information from the user’s phone. All the hacker has to do is, make sure he is close to the person’s mobile. Once he has established connection, the coffers have been opened effortlessly to the thief.
One of the solutions could be to switch to the NFC, when not in use.
- Tags here, tags there, tags everywhere
Every direction you turn is emblazoned with numerous NFC tags, increasing the skepticism by the cynics. The NFC tags themselves could be tampered with, giving the hackers an easy road towards the phone. Hence, it is always better to not tap the phone across the unauthorized tags, which can easily upload malware, to the phone. If the phones are in active mode, hidden tags can intentionally be used to add maleficent data into the phones.
- The case of a cashless transaction
Though there is some level of encryption provided by the pay apps nowadays, there is always some kind of leak somewhere. When there is data transfer, the information is being used by the receiver. If the devices are in active mode, the hacker can potentially pick the bank details from the receiver itself. Moreover, the receiver may prompt the user with new pop-ups and recommendations that may require forwarding the sensitive information. Background apps can also have access to the same. It is better to clear the RAM and close the apps, before switching on NFC. Sometimes data is tunneled through them.
Other forms of sordidness include interception, theft of the mobile phone.
It is often better to be precautious rather than repent after the disaster. Updating the apps often can improve the encryption security. It is advised to enable passwords (like face recognition) and general security to phones, which can avoid the snatchers from opening the phone (this is also may seem trivial). Usage of apps that are perfectly authorized, is recommended. There is an inbuilt security encryption block as a part of the NFC communication architecture.
A kind request to the manufacturers– please try to enhance its quality and capability. Authentication looks like a better option, with the tags also having secure connection abilities.
Though NFC is seen as the latest trend, it is high time we put on our thinking caps, to decide its veracity for ourselves. Potential threat and privacy issues keep cropping up now and then. So users, operate it with conviction and discretion.