NFC Assessments and Risk Assessments

Because NFC is a wireless communication interface it is obvious that eavesdropping is an important issue. An attacker can of course use an antenna to also receive the transmitted signals.

Also the equipment required to receive the RF signal as well as the equipment to decode the RF signal must be assumed to be available to an attacker as there is no special equipment necessary.

A standards-based connectivity technology, NFC harmonizes today's diverse contactless technologies, enabling current and future solutions in areas such as:

• Access control
• Consumer electronics
• Healthcare
• Information collection and exchange
• Loyalty and coupons
• Payments
• Transport

• ISO/IEC 14443
• ISO/IEC 18092
• JIS X 6319-4 – FeliCa
•  ISO/IEC 15693

• Eavesdropping-establish a secure channel

• Data Corruption-detect the attack
• Data Modification-Protection against data modification
• Data Insertion-secure channels
• Man-in-the-Middle-Attack - active-passive communica- tion mode assessment
• Secure Channel for NFC-Establishing a secure channel between two NFC devices
• NFC Specific Key Agreement-cryptography
• Physical Security-securing the visible and accessible