SECURE MOBILE TRANSACTIONS USING NEAR FIELD COMMUNICATION

DEEPAK K.LSree Chitra Thirunal College of Engineering

NFC – What is it ???

NFC or Near Field Communication is a short range high

frequency wireless communication technology.

A radio communication is established by touching the two

phones or keeping them in a proximity of a few centimeters.

NFC is mainly aimed for mobile or handheld devices.

NFC is an extension of Radio frequency identification.

It is a form of contactless communication between devices.

WHY NFC?Can replace your wallets

NFC tags for task launcher

Can transfer electric charge from one device to another

device

Can work along with Bluetooth

Pairing Bluetooth devices in quick time

Operating RangesDistance: 10 cm or less

Operates at rates ranging from 106kBit/s to 424 Kbit/s

Lower power consumption

WORKING OF NFC

NFC is based on inductive-coupling.

NFC works using magnetic induction between two loop

antennas.

A reader emits a small electric current, which creates a

magnetic field .

That field is received by a similar coil in the client

device, where it is turned back into electrical impulses to

communicate data.

So, NFC use an initiator and a target.

General Architecture of NFC Enabled

Mobile Phones

Host Controller(HC)

•Heart of the NFC enabled mobile phone

•Also called as baseband controller

•HC interface Creates a bridge between the NFC Controller and the

Host Controller

•Sets the operating modes of the NFC controller through the HC

Interface

NFC Controller

•Secure proximity transactions with external NFC devices

•Secure Element is directly connected to NFC Controller

SECURE ELEMENT(SE)

•Users and service providers assured that transaction takes place

in protected environment

•Combination of h/w, s/w, interfaces, and protocols embedded in a

mobile handset

•Enables secure storage

•More secure for storing credential data than storing in removable

storage locations

Non secure vs. secure NFC

SE option for an NFC enabled mobile phone are;

1)Embedded hardware in a mobile device as an integral, non-

removable part of the device.

2) Secure Memory Card (SMC) as a secure storage area in a

removable smart card.

3)UICC as a physical smart card and may be the most popular

one.

Secure element alternatives

Embedded hardware

A smart card soldered onto the mobile phone that cannot be

removed

Level of security is high

Embedded into the mobile phone during the manufacturing stage

i.e. soldered

Can be personalized but cannot be transferred to another device

Secure Memory Card

It is a combination of a memory card and a smart card

Large storage space

More credential information can be stored

Can be inserted into a new device easily

UICC

Universal Integrated Circuit Card

It is commonly known as a SIM

Ensures the integrity and security of all kinds of personal

data

Can host as non-telecom applications such as payment,

loyalty, ticketing, e-passport, and so on

The cardholders can be reassured that transactions are

executed with their personal information protected

Communication Modes

Active mode-

In this mode, both devices with NFC chip can generate an

electromagnetic field and exchange information with each other.

Two NFC enabled devices transferring data in active mode

Inducing magnetic field

Passive mode-

A passive device, such as an

NFC tag, contains information

that other devices can read but

does not read any information

itself, so there is only one

active user.

A NFC-enabled mobile phone is paired

with a RFID-tagged "smart poster"

Operating Modes

•Reader/Writer Operating Mode

•Peer-to-Peer Operating Mode

•Card Emulation Operating Mode

Reader/Writer Operating

Mode

Read data and alter stored in NFC tags

Can take appropriate actions on what stored in NFC

tags

Does not require a secure area

The process only reads data stored inside the passive

tag and writing data to the passive tag.

Protocol Stack Architecture of Reader/Writer

Mode

•Analog is related to RF characteristics of NFC devices

and determines the operating range of devices.

•Digital protocols refer to the digital aspects of standards,

and define building blocks of the communication.

•Tag operations indicate the commands and instructions

used by NFC devices to operate NFC .

•NDEF applications are based on NDEF specifications

such as smart poster and reading product information from

NFC enabled smart shopping fliers.

•Non NDEF applications are vendor specific applications

such as an electronic purse balance reader and contactless

ticket reader which are not based on NDEF specifications.

NDEF message and NDEF

record

Eg): new NdefRecord(NdefRecord.TNF_MIME_MEDIA, "text/plain".getBytes(), new byte[0], "Hello, NFC World!".getBytes())

Permissions and

preparationIn order for an application to be able to use NFC hardware and software of a device, it must have the NFC permission, so add the following line to your AndroidManifest.xml:

<uses-permission android:name="android.permission.NFC" />

Since NFC is a fairly new technology, it will not work with older versions of Android - according to developer.android.com, minimum API level 10 is recommended:

<uses-sdk android:minSdkVersion="10" android:targetSdkVersion="17" />

If your application can’t do its work on non NFC-enabled devices, you can make sure that only compatible devices will see your app in the store:

<uses-feature android:name="android.hardware.nfc" android:required="true" />

A simple write to a tagprivate boolean writeTag(final NdefMessage pMessage, final Tag pTag) { Ndef ndef = Ndef.get(pTag);try { if (ndef != null) { ndef.connect(); if (messageSize > ndef.getMaxSize()){ logAndToast("Write failed - message size exceeds tag size"); return false;}

if (!ndef.isWritable()) {logAndToast("Write failed - tag is not writable"); return false;

}ndef.writeNdefMessage(pMessage); logAndToast("Write completed"); return true; }

Peer-to-Peer Operating Mode

Protocol Stack Architecture of Peer-to-Peer

Mode

Analog and digital protocols are lower layer protocols .

LLCP allows the transfer of upper layer information units

between two NFC devices .

Protocol bindings provide standard bindings to NFC Forum

protocols and allow interoperable use of registered

protocols.

Simple NDEF exchange protocol allows exchange of NDEF

messages. It is also possible to run other protocols over the

data link layer provided by LLCP.

Applications may run over the simple NDEF exchange

protocol, other protocols, or NFC Forum protocols. Example

applications are printing from a camera, business card

exchange, and so on.

Card Emulation Operating

Mode

Here NFC enabled mobile phone acts as a smart card.

User touches the mobile phone to an NFC reader.

The NFC reader initiates the communication.

NFC mobile behaves like a standard smart card.

NFC reader interacts with the payment applications on the

Secure Element.

Only card emulation mode uses SE efficiently and securely

to perform functions that require high security.

APPLICATIONS OF NFC1) Touch and go

Applications such as access control, where the user needs only to

bring the device storing the ticket or access code close to the reader.

A person gathering info about a movie using his NFC enabled Mobile Phone

2) Touch and Confirm

Applications such as mobile payment where the

user has to confirm the interaction by entering a

password or just accepting the transaction.

3) Touch and ConnectLinking two NFC-enabled devices to

enable peer to peer transfer of data.

4) A latest development is that NFC can

be used to configure Wi-Fi networks

through mobile devices.

Security Concerns with NFC Technology

Eavesdropping

Data Corruption and Manipulation

Interception Attacks

Theft

COUNTER MEASURES

Use secure channel (only the authorized device could

decode the encrypted information).

Some NFC devices “listen” for data corruption attacks and

prevent them before they have a chance to get up and

running.

Use Active – Passive modes with encrypted keys

Keeping phone’s password protected.

ADVANTAGES OF NFCHigh convenience to the user.

Reduces cost of electronic issuance .

Secure communication.

No manual configuration and settings.

No search and pair procedure.

NFC can be used together with existing technologies

like Bluetooth and thus act for longer range also.

NFC uses are practically limitless.

DISADVANTAGES OF NFC

The system has the limitation that it can be operated only with devices

under a short range i.e. around 10 cm.

The data transfer rate is very less at about 106kbps, 212 kbps and

424kbps.

Eavesdropping

Data Corruption and Manipulation

Theft

SOME DEVICES USING NFC TECHNOLOGY

Future AspectsVehicle Ignition

A NFC enabled vehicle can be unlocked and started just by tapping the User’s

NFC device onto the vehicle, thus removing the need of keys.

Can find the health of vehicle by using specific apps

Unlocking Door Smart keyless doors can be made by implementing NFC technology into doors,

where a single tap of the device onto the door would unlock it

ConclusionNFC is implemented in most handheld devices now a days.

The advancements in mobile wireless technology and

communication standards have enabled usage of contactless

and NFC based payment models.

The mobile wallet based payment model is gaining

considerable momentum and is currently being seen as one of

the key payment model.

The mobile wallet technology enables the end-users to make

payments with their mobile wallet accounts, without having to

use credit or debit cards.

REFERENCES

http://www.nfc-forum.org

http://en.wikipedia.org/wiki/Near_field_communication

http://www.nfccommunication.org

http://apcmag.com/inside-nfc-how-near-field-communication-works.html

http://www.mobilecommercepress.com

Google. "Google Wallet: How it Works." (Jan. 28, 2012)

http://www.google.com/wallet/how-it-works.html#in-store

Kessler, Sarah. "NFC Technology: 6 Ways it Could Change Our Daily Lives

" Mash able “ . May 6, 2010. (Feb. 6, 2012)

http://mashable.com/2010/05/06/near-field-communication/

THANK YOU!!!

QUERIES?