Applications of NFC
NFC can be used in a number of ways. Some of the most compelling applications are outlined below.
Ticketing and Payment
Many major cities around the world use contactless payment systems within the transport infrastructure. These systems rely on Radio Frequency Iden-tification (RFID) smart cards to provide access to transport services and tenable quick and convenient payment.
Typically, a user purchases a plastic card with a certain monetary value embedded on a chip within the card. As the user accesses the public transport system, the cost of the ticket is taken from the card, leaving a new card balance. Once the card has no value, the user can either discard it or “top up” the balance by adding more money to the card to enable further journeys.
This approach has great benefits in terms of ease of use and speed of access to transport systems. There is no need for users to purchase a card every day. Access to online top ups and monthly access fees also ensure less queuing at ticketing booths and the need for less staff. Ticket machines do not need to be emptied and single use tickets are not discarded.
Whilst the service works well, the “smart” cards used within the system are not actually that smart. This is where NFC can add value to this existing application.
By replacing a smart card with a NFC enabled mobile device, users can access all of the services they have with a smart card, with the added functionality of a user interface providing additional information (for example their current balance or the number of journeys left), as well as access via the mobile network to online top up facilities at the touch of a button. The phone could also use current mobile network technology to access the latest traffic information (such as when trains are delayed or cancelled) or mapping information.
Users of an NFC enabled mobile device are not necessarily limited to topping up a card. It is possible to add a credit card element to an NFC device, enabling the user to “wave to pay” at any compatible station or retail outlet.
It is also possible to add multiple separate credit or debit cards to an NFC mobile device. In this scenario, the mobile device becomes a “virtual wallet”, carrying a number of different cards, some credit, some debit, some loyalty, within the device. Ultimately, the NFC mobile device could replace the need for a user to carry a wallet at all – providing a central facility for former cash transactions, debit card purchases and credit card facilities – all from one mobile device.
Because of the ubiquity of the mobile phone – no one leaves home without it – the user does not have to remember another card, or a wallet or a loyalty card. All of this information could be contained within the mobile device.
Touch to Pair/Touch to Share
A further application for NFC takes advantage of the data sharing capability to enable the simple and seamless transfer of data from one device to another, simply by touching the devices together.
A number of activities associated with the transfer of data between devices require some degree of user interaction to set up. For example, many Bluetooth devices require a “pairing” process to take place before the devices can be used together. Whilst this is relatively straight forward, the functionality may not be immediately accessible within the menu system and the pairing process can be an inhibitor to using the technology.
The most up to date core specification for the Bluetooth standard includes the capability to pair devices via NFC. Simply put, the whole process of activating Bluetooth on both sides, searching, waiting, pairing and authorization on both sides can be replaced by touching the two devices together. This provides the user with a simple and engaging way to link Bluetooth enabled devices.
In a similar manner, users of NFC could “touch to access” a wireless LAN hotspot. Instead of the lengthy process of searching for a hotspot, accessing it and paying for use, a user could simply touch an NFC compatible wireless LAN point and the whole process could be automated, including the payment of any cost from the “virtual wallet” on the device.
As the mobile device increasingly becomes the home for digital content, so the ability to easily share this content will become more compelling.
NFC can enable an environment where people can touch devices to share business cards, touch to download their photographs to a printer, or touch to share their music with a friend.
Furthermore, the NFC enabled mobile device could be used to receive information or a promotion from an advertisement. By embedding an NFC chip within a billboard advertisement or beside a product on the shelf of a retail store, users could touch to receive additional information. For example, an advertisement for a new record could allow users to touch to receive the track listings, download a free ringtone, or access the artist’s mobile internet site. The NFC technology has the potential to significantly impact the marketing and promotions industry, since by touching to receive information the user is proactively taking an interest in a product or service. By sharing information both ways, the marketer can offer users an incentive in exchange for information or interest in a product or service.
Identity Management/Business Processes
Almost every office or factory based worker is required to carry an identity tag to access working premises. As businesses become more complex and global in nature, many workers require access to multiple premises.
Managing this process can be complicated, even more so in environments where there are different levels of security for different workers. NFC can allow identity management to be added to a mobile device, providing one single integrated solution for identity management. The mobile device can be used to provide access to certain premises and, of course, deny access to others. Importantly, access can be upgraded over the mobile or wireless network, meaning workers are not required to physically visit a site to change their user profile.
A further related application would be relevant anywhere that people are required to perform multiple tasks within a busy organization. For example, a care worker that makes a number of home visits during a working day may “touch to inform” that a particular visit has been completed. The worker can then be assigned a new task based on what is most urgent or where the professional is located at that time.
A security guard could touch on entering and exiting a room, providing a digital footpath of his movements during a patrol. A courier could touch on delivery of a parcel to receive local traffic information and directions to the next collection point.
Many applications of NFC are clearly extensions to current solutions. Contactless payment and ticketing solutions are widely available across the world and, crucially, are compatible with NFC. Extending these applications to a suitably equipped mobile device will be the first steps on the road to NFC.
However, to limit the technology to current scenarios is both unrealistic and unimaginative. More likely is that a number of applications will develop as the technology is rolled out. As more people use NFC and it becomes more ubiquitous, so further applications will be generated. To achieve this, an environment needs to be created within which NFC can succeed.
Set up of Communication for Other Protocols
Imagine that you would like to transfer a large amount of information between two computers – a desktop and a laptop. Let’s say you want to transfer a presentation file. Using NFC may be slow and we want to use something with more bandwidth. Let’s say for this example we use Bluetooth. Now, to set up Bluetooth communication between two computers we would need to set it up manually with a password to protect the communication. Using NFC we can set up this communication by simply touching the two computers:
The same procedure can be used to establish a wireless (Bluetooth, WiFi etc.) link between two pieces of computer or consumer electronics equipment like TVs, laptop computers, PDAs, mobile phones and so on.
NFC technology is currently mainly aimed at being used with mobile phones. There are three main use cases for NFC:
• card emulation: the NFC device behaves like an existing contactless card
• reader mode: the NFC device is active and read a passive RFID tag, for example for interactive advertising
• P2P mode: two NFC devices are communicating together and exchanging information.
Plenty of applications are possible, such as:
• Mobile ticketing in public transport — an extension of the existing contactless infrastructure.
• Mobile payment — the device acts as a debit/ credit payment card.
• Smart poster — the mobile phone is used to read RFID tags on outdoor billboards in order to get info on the move.
• Bluetooth pairing — in the future pairing of Bluetooth 2.1 devices with NFC support will be as easy as bringing them close together and accepting the pairing.
The process of activating Bluetooth on both sides, searching, waiting, pairing and authorization will be replaced by a simple "touch" of the mobile phones.
Other applications in the future could include:
- Electronic ticketing — airline tickets, concert/event tickets, and others
- Electronic money
- Travel cards
- Identity documents
- Mobile commerce
- Electronic keys — car keys, house/office keys, hotel room keys, etc.
- NFC can be used to configure and initiate other wireless network connections such as Bluetooth, Wi-Fi or Ultra-wideband.
A patent licensing program for NFC is currently under development by Via Licensing Corporation, an independent subsidiary of Dolby Laboratories.
What is required for NFC to succeed ?
Key Factors for the success of NFC
The success of NFC depends upon the creation of a complex yet interoperable environment, supported by a number of different parties. First, there needs to be mobile devices that support the system. This relies on mobile handset manufacturers producing NFC-compatible devices. These will also need to come from different vendors, offering the market choice and differentiation. The first NFC compatible mobile devices are now available on the market.
Mobile network operators will also need to support NFC. Access to additional data services, and the potential revenues that these could bring through the mobile network, is a critical value add of NFC and the support of the mobile operator community is required to facilitate this.
Banks and credit card companies, along with transport operators will also need to engage with NFC. Delivering a required high level of perceived and real security will be essential to the success of NFC and the banks and credit companies have a critical role to play, ensuring the roll out of payment services to NFC devices.
Retailers, from shops to restaurants, and from newsagents to coffee shops will need to support and enhance their current offerings with an NFC element.
In much the same way as the development of chip and PIN solutions led to the roll out of new hardware in retail, so the development of NFC will facilitate new retail hardware. Retailers will require “touch pads” to facilitate “wave to pay/touch to pay” solutions.
Whilst this may seem like a significant investment for retailers, many are already rolling out NFC compatible technology to support payment through transportation cards or the new generation of “wave to pay” credit and debit cards. NFC is an extension of this technology, compatible with the current standards and offering customers further choices as to how to pay.
Of course, the roll out of NFC technology within retail is likely to take place over time. Retailers near public transport stations may be early adopters of the technology to provide a service to their customers that are already using contactless solutions for transport. As mass adoption takes place, with increasing numbers of devices commercially available, the roll out of NFC to retail outlets will become ubiquitous.
Finally, the developer community is also critically important to the development of NFC. An active developer community with the right tools in place to quickly and effectively bring new solutions to market can add impetus to the technology and offer easily accessible NFC applications to end users.
Security is a critical requirement for NFC payment and ticketing and as such, it is important to understand the security within an NFC enabled environment. 2007 © Nokia Page 6 Mobile phones tend to come equipped with pass code that can be activated by the user. Whilst many users activate these to secure their phone, an NFC enabled mobile device, especially one that could incorporate a number of credit and debit cards, needs to have a higher level of security to reassure the user against misuse.
Inherently, NFC technology is built with a high level of security. Users can activate several options in order to store their data in a secure environment. A user can set a financial limit beyond which a pass code is required to authorize payment, or a user can also arrange for the mobile wallet element of the phone to be switched on for only, say two minutes at a time. This allows the user to make a purchase and then be sure the device is deactivated shortly afterwards. By transferring cash from one element of the device to another (i.e. from a credit card application to a “cash in wallet” type application), a user would also be able to limit the amount of risk associated with losing a phone to a relatively small amount. Further credit card and/or debit card applications could be activated only with a user pass code.
Beyond user created and user defined security measures, there is an extremely high level of security built into an NFC wallet or payment application.
An NFC enabled credit/debit card or ticketing application is held within a secure element of the mobile device. Using the same technology as chip and PIN cards, this secure element is certified and supported by the payment industry, providing as high a level of assurance to the end user as a traditional credit card.
The secure element can either be held on a chip within the mobile phone, or on the SIM card or a memory card device. Potentially, there could even be a secure element on both the SIM card and the phone. This would ensure that the right phone and SIM card were used for any transaction, adding a further level of security.
Finally, unlike a lost wallet, a mobile phone regularly communicates with the mobile network to enable it to function. At any given point, the mobile network will know where a phone is with a degree of accuracy. What is more, a phone can be disabled over the air within moments, moving the whole credit card to a new device.
Added together, these measures provide a far more comprehensive level of security than is available with most credit or debit cards (including the current generation of contactless payment and transport cards) that might sit in a wallet or home. The measure of confidence provided by these security elements is evident by the interest and involvement of industry standards like VISA and MasterCard in NFC.
Standardization Bodies and Industry Projects
It was approved as an ISO/IEC standard on December 8, 2003 and as an ECMA standard later on. NFC is an open platform technology standardized in ECMA-340 and ISO/IEC 18092. These standards specify the modulation schemes, coding, transfer speeds and frame format of the RF interface of NFC devices, as well as initialization schemes and conditions required for data collision-control during initialization-for both passive and active NFC modes. Furthermore, they also define the transport protocol, including protocol activation and data-exchange methods. Air interface for NFC is standardized in: ISO/IEC 18092 / ECMA-340 : Near Field Communication Interface and Protocol-1 (NFCIP-1)  ISO/IEC 21481 / ECMA-352 : Near Field Communication Interface and Protocol-2 (NFCIP-2)
NFC incorporates a variety of pre-existing standards including ISO 14443 both A (normal) and B (banking/short range), ISO 15693, and FeliCa. NFC enabled phones thus show basic interoperability with the preexisting reader infrastructure. Especially in "card emulation mode" a NFC device should at least transmit a unique ID number to a pre-existing reader.
NFC Forum has in addition defined a common data format called NDEF, which can be used to store and transport different kinds of items, ranging from any MIME-typed object to ultra-short RTD-documents, such as URLs.
NDEF is conceptually very similar to MIME. It is a dense binary format of so-called "records", in which each record can hold a different type of object. By convention, the type of the first record defines the context of the entire message.
The NFC Forum is a non-profit industry association founded on March 18, 2004 by NXP Semiconductors, Sony and Nokia to advance the use of NFC short-range wireless interaction in consumer electronics, mobile devices and PCs. The NFC Forum will promote implementation and standardization of NFC technology to ensure interoperability between devices and services. In September 2007, there were over 130 members of the NFC Forum.
The GSM Association (GSMA) is the global trade association representing 700 mobile phone operators across 218 countries of the world.
They have launched two initiatives:
• The Mobile NFC initiative: fourteen mobile network operators, who together represent 40% of the global mobile market back NFC and are working together to develop NFC applications. They are Bouygues Télécom, China Mobile, AT&T, KPN, Mobilkom Austria, Orange, SFR, SK Telecom, Telefonica Móviles España, Telenor, TeliaSonera, Telecom Italia Mobile (TIM), Vodafone and 3
On 13 February 2007, they published a white paper on NFC to give the point of view of mobile operators on the NFC ecosystem.
• The Pay buy mobile initiative seeks to define a common global approach to using Near Field Communications (NFC) technology to link mobile devices with payment and contactless systems. To date, 30 mobile operators have joined this initiative.
StoLPaN (‘Store Logistics and Payment with NFC’) is a pan-European consortium supported by the European Commission’s Information Society Technologies program. StoLPaN will examine the as yet untapped potential for bringing together the new kind of local wireless interface, NFC and mobile communication.
Other Standardization Bodies
- ETSI / SCP (Smart Card Platform) to specify the interface between the SIM card and the NFC chipset.
- Global Platform to specify a multi-application architecture of the secure element.
- EMVCo for the impacts on the EMV payment applications.
Nokia´s role in NFC
Nokia has a key role to play in the development of NFC for a number of reasons.
- Nokia is the world’s largest mobile handset manufacturer. As such, it has a critical role to play in the development of NFC. For the technology to become mainstream, the number of devices supporting NFC will need to be measured in the hundreds of millions. Because of Nokia’s position in the global mobile handset market, it is uniquely positioned to play a significant part in enabling this.
- Many of the key players in creating an NFC environment are companies that Nokia has a relationship with through its current businesses. For example, Nokia has a close relationship with mobile network operators across the world and this partner-ship will be critical to ensure the success of NFC. Furthermore, Nokia regularly partners with SIM card providers, chip manufacturers, applications developers and industry bodies such as the GSM Association, all of whom have an important role to play in the development of NFC.
- Where Nokia believes that additional support and resource is required to enable NFC, it has been prepared to launch new partnerships and investments. In June 2006, Nokia partnered with Giesecke and Devrient to establish Venyon. This new company operates a secure and versatile service platform to deliver consumer applications such as credit and debit cards or transport tickets over the air. Recognising the need to provide this solution, Nokia moved quickly to launch Venyon with another key partner in the NFC Forum.
- Nokia has a strong and active developer community via its Forum Nokia. This community is provided with key software tools with which to develop new and compelling applications for Nokia devices. Having launched the Nokia 6131 NFC phone in 2007, Nokia has provided the developer community with a Software Development Kit to enable the rapid creation of new NFC applications or to extend existing applications to benefit from NFC. Furthermore, value-added services are available within the community including NFC discussion forums and wiki sites.
- In 2004, Nokia was one of the founding members of the NFC Forum, an industry association that support the use of NFC wireless solutions. The NFC Forum now has more than 140 member’s world wide.
Although the communication range of NFC is limited to a few centimeters, NFC alone does not ensure secure communications. In 2006, Ernst Haselsteiner and Klemens Breitfuß described different possible types of attacks.
NFC offers no protection against eavesdropping and is also vulnerable to data modifications. Applications have to use higher-layer cryptographic protocols (e.g., SSL) to establish a secure channel.
The RF signal for the wireless data transfer can be picked up with antennas. The distance from which an attacker is able to eavesdrop the RF signal depends on numerous parameters, but is typically a small number of meters. Also, eavesdropping is extremely affected by the communication mode. A passive device, which does not generate its own RF field, is much harder to eavesdrop on than an active device.
Data destruction is relatively easy to realize. One possibility to perturb the signal is the usage of an RFID jammer. There is no way to prevent such an attack, but if the NFC devices check the RF field while they are sending, it is possible to detect it.
Unauthorized modification of data, which results in valid messages, is much more complicated and demands a thorough understanding. In order to modify the transmitted data an intruder has to deal with the single bits of the RF signal. The feasibility of this attack, i.e., if it is possible to change the value of a bit from 0 to 1 or the other way around, is amongst others subject to the strength of the amplitude modulation. If data is transferred with the modified Miller coding and a modulation of 100%, only certain bits can be modified. A modulation ratio of 100% makes it possible to eliminate a pause of the RF signal, but not to generate a pause where no pause has been. Thus, only a 1 which is followed by another 1 might be changed. Transmitting Manchester encoded data with a modulation ratio of 10% permits a modification attack on all bits.
Because NFC devices are usually also implementing ISO 14443 functionality, the relay attack described are also feasible on NFC. For this attack the adversary has to forward the request of the reader to the victim and relay back its answer to the reader in real time, in order to carry out a task pretending to be the owner of the victim’s smart card.
Related Online Articles:
No comment yet. Be the first to post a comment.