Technology Explained

Using NFC? 3 Security Risks To Be Aware Of

Joel Lee 08-08-2013

NFC is the newest explosion in the wireless technology scene. At one point, wireless phone usage was a huge deal. Then the years passed by and we saw cool advancements in wireless Internet, then Bluetooth, and more. NFC, which stands for near-field communication, is the next evolution and is already a core feature in some of the newer smartphone models like the Nexus 4 Google Nexus 4 Review and Giveaway Even though I am an iPhone user and have been since the first generation iPhone was announced by the late Steve Jobs back in 2007, I've tried to keep an open mind about viable alternatives.... Read More and Samsung Galaxy S4 Samsung Galaxy S4 Review and Giveaway Samsung's current flagship device, the Galaxy S4 marries no-compromises hardware with Google's mobile operating system, slathered with a thick layer of Samsung's own software overlays and customizations. That doesn't mean the outcome is perfect. How... Read More . But as with all technologies, NFC comes with its own set of risks.


If you want to take advantage of NFC, don’t be alarmed. Every piece of technology has inherent risks, especially if that technology is related to networking. However, just because your email can be hacked does not mean you should avoid using email. In the same way, just because NFC isn’t entirely secure doesn’t mean you should shun it. It does mean that you need to be more careful. Here are some security risks you should be looking out for.

How Does NFC Work?


The first thing you need to understand is how NFC works. NFC is a powerful wireless connection between multiple devices that requires an extremely short distance between the devices – in fact, NFC will not work if the devices are farther than a few centimeters apart. Devices must be NFC-compatible, meaning they must be equipped with an NFC chip and antenna.

The extremely short distance might seem useless, but it turns out to have some surprisingly useful functions. In essence, the technology allows you to “bump” your smartphone with other NFC devices – such as parking meters, cash registers, or even other smartphones – for a quick exchange of information in scenarios that require the physical presence of your device. Indeed, there are plenty of useful ways to make use of NFC technology Feel Like a Billionaire With the Latest Uses for Android NFC Technology Did you know Near Field Communication technology powers Bill Gates's techno-utopian Xanadu 2.0 mansion? Visitors to the Gates' estate receive a wearable NFC tag, which comes programmed with the visitors' climatic and aural preferences. Upon... Read More , such as in the form of a digital wallet Leaving Cash Behind: Using a Digital Wallet For a Week It’s been just under two years since Google came out with Google Wallet, a revolutionary way to use your Android smartphone or tablet’s NFC capabilities to pay for stuff that you regularly buy. Since the... Read More .

It might seem like it would be impossible for a malicious third-party to interfere with such a close-ranged interaction, but you’d be surprised. If you’d like a deeper explanation of NFC, check out James’s article on NFC and whether or not you should want it What Is NFC & Should You Buy a Phone That Has It? [MakeUseOf Explains] If you’re in the market for a new phone in 2013, you’re probably going to hear about something called NFC, and how it’s apparently changing the world. Don’t be fooled by the sales talk though.... Read More .


NFC Risk #1: Data Tampering


A malicious user can tamper with the data being transmitted between two NFC devices if they are within range. The most common form of data tampering is data corruption, also known as data disruption or data destruction.

Data corruption occurs when a third-party attempts to corrupt the data being transmitted between devices. This works by flooding the communication channel with abnormal or invalid information, ultimately blocking the channel and making the original message impossible to read properly. Unfortunately, there is no way to prevent an attempt at destroying NFC data, though it can be detected.

NFC Risk #2: Data Interception



Data interception occurs when a malicious user intercepts the data between two NFC devices. Once the data has been intercepted, the malicious user can either: 1) passively record the data and pass it onto the receiver untampered; 2) relay the information to an unintended receiver; or 3) modify the information so the actual receiver receives incorrect data. The former is also known as “eavesdropping”.

These data interception occurrences are known as man-in-the-middle attacks because there’s an interfering device between two legitimate devices. These types of attacks are frightening because malicious users can steal sensitive data, but man-in-the-middle attacks are difficult to execute due to the short distance requirements for NFC. Encryption and a secure communication channel can help towards mitigating data interception attempts.

NFC Risk #3: Mobile Malware


NFC devices suffer from a risk of downloading malware or otherwise unwanted applications without the device owners knowing. If the NFC device gets close enough to another NFC device, a connection could be made and malware downloaded. This malware could then sniff your device for sensitive data – such as credit card numbers, bank numbers, passwords, etc. – and send them to the attacker over the web or back through the NFC channel if the devices are still within range.


Along similar lines, Android Beam (which, to be clear, is not malware in and of itself) can be used to perform these malware transfers. With Android Beam, devices are not required to confirm transfers. Furthermore, devices will run downloaded applications automatically. This may be changed in the future, but for now, it poses a serious risk for accidental NFC bumps.


As time goes on, NFC technology will continue to evolve. Perhaps some of these risks may be dealt away with completely, or maybe other vulnerabilities will surface as the technology achieves widespread usage. But one thing remains certain: NFC is not free from risk and the best way to protect yourself is to know what those risks are.

Do you use NFC? Have you had an experience with bad NFC security? Please share your thoughts with us in the comments!

Image Credit: How NFC Works Via Shutterstock, NFC Communication Via Shutterstock, NFC Reader Via Shutterstock, NFC Scanner Via Shutterstock, NFC Bump


Related topics: NFC, Smartphone Security.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Geoff
    February 12, 2018 at 12:34 pm

    I recently went into a reputable mobile supplier for advice about my memory card. NFC was switched off. At one point the assistant went to a dark corner of the room and placed my phone for a few seconds on what appeared to be a printer. She then came back and continued the conversation. When I came away I found that NFC was turned on. She did not explain why and it was done surreptitiously . What are the risks?. What could she have copied?

  2. john
    February 10, 2017 at 10:40 am

    I believe I have been hacked through nfc bump by being intentionally followed after buying a new phone after several have been hacked. The. Person intentionally approched my car than instantly my new phone acted infected, I'm on my 4 th phone and 2nd computer, I am very scarred and threatened by this act of intrusion, I know the source and am seeking legal prosecution but I believe my phone is still hacked and want advise how to disable nfc permanently and more in depth advise on the subject
    Any info is appreciated thank you

  3. dragonmouth
    August 9, 2013 at 12:13 am

    "In essence, the technology allows you to “bump” your smartphone with other NFC devices"
    That "bump" can allow the nogoodnik to perform his dastardly deeds.