Bake privacy into NFC chips now, Privacy commissioner says

Tap ‘n go technology, also known as near field communications (NFC) is well on its way to ubiquity within the next five years. However, the convenience and benefits promised by applications such as e-wallets, peer-to-peer data transfer and location-based service initiation come with serious privacy implications.

Ann Cavoukian, Ontario’s Information and Privacy Commissioner (IPC), believes it is during this early stage that privacy safeguards should be baked into the technology so that future users of the technology will have ample protection by the time NFC becomes mainstream feature of mobile devices. Earlier this week, Cavoukian released a white paper entitled Mobile Near Field Communication Tap ‘n Go – Keep it Secure and Private. Mobile phone maker Nokia Corp. was also involved in developing the whitepaper.

NFC is a short-range wireless technology that allows mobile devices such as smartphones to interact with passive tags and other mobile gadgets. The technology builds on Radio Frequency Identification (RFID) and contactless smartcard technologies that enable data stored in one device to be actively read from a distance by another device. Some of its popular applications include mobile payment and e-wallets, as well as data exchanges that facilitate e-dating.

“User privacy does not have to be sacrificed for the sake of NFC…” Cavoukian says. “Now is the time to embed additional security and privacy into the design of applications that use NFC capabilities.”

Small and medium sized businesses that hope to tap into NFC either to improve their business process or to offer customers new services will have to consider carefully whether or not they are providing clients adequate privacy protection, according to Ken Anderson, assistant commissioner of privacy at the IPC.

Anderson said SMBs need to think about how they will play into the various NFC scenarios because there are numerous ways in which personal information can be placed at risk.

“As businesses embrace Near Field Communications, they need to embed privacy as a core design element. This Privacy by Design approach is a great way to strengthen a company’s brand and reputation,” he said.

Although the Personal Information Protection and Electronic Documents Act (PIPEDA), provides for the protection of private information, Anderson said he is not aware of any legislation directly addressing privacy issues associated with NFC. He said the IPC whitepaper hopes to bring attention to the need for building privacy into the design before NFC becomes a prevalent technology.

NFC on the rise

Research firm Gartner Inc. says the growth of NFC will ride on the growth of mobile device penetration and the public’s appetite for downloading mobile applications, particularly mobile payment apps.

Gartner said mobile device sales totalled 428.7 million units for the second quarter of 2011, showing a 17 per cent increase over the same quarter last year. By 2014, the research firm estimates that there will be more than 70 billion mobile applications downloaded from app stores every year.

By 2015, 40 per cent of the world’s smartphone users will opt-in to context service providers that track their activities. Already, there are smart phones that figure out where users are and push information about sales and purchasing opportunities based on the user’s location and preferences.

Communications chip manufacturer Broadcom has estimated that about 15 per cent of all smart phones will have NFC capabilities by 2012. Stores will need to have NFC tags embedded into their credit card processors in order for your Google Wallet to work.

NFC scenarios and dangers

The IPC identified the following four scenarios where NFC can be used by businesses:

The Smart Poster – Street posters could offer discount vouchers and coupons for movies or events that can be acquired by people by simply tapping their NFC-enabled phones on the poster. The tapping leads the user to a Web site where the voucher can be downloaded onto the phone. At the event venue, the user presents the voucher at the ticket stand by having her phone scanned by an NFC reader.

Risks

  • Posters are located in public places. The legitimate tag may be overwritten or superimposed with a bogus URL that leads to a malicious site
  • Users may not have full understanding of what type of personal information is being collected from their device when they download the vouchers. The act of downloading the voucher may be used as a ruse to trigger mechanisms that steal data
  • Users might not be even aware that they are in close proximity to a smart poster and that their NFC-enabled phone may be interacting with the poster without their knowledge
  •  

    Device Pairing

    • NFC can be used to pair various devices such as home multimedia gadgets, in-car audio systems and Bluetooth headsets, cameras and digital frames.
    • Original passive NFC tags can be modified or replaced with malicious tags that relay or divert Bluetooth connections to nearby malicious devices that can steal user’s data

    Peer-to-peer data transfer – Two NFC-enabled devices exchange data through an alternative communications carrier. Content which can be exchanged include videos, links, business cards, personal contact information or people can carry out financial transactions or play games with paired devices.

    • Although difficult it is possible that malicious users with NFC-enabled devices may be able to “eavesdrop” on the ongoing legitimate transactions
    • One of the parties involved in the data exchange may be sending malicious content to their other party
    • Data sender does not have any control over how the receiver will use or forward the data
    • User may not be aware which mobile app is the default handler for receiving shared content. The user may have no control over the storage and processing of the content

    Secure NFC cards and loyalty points – This system allows the use of contactless cards or on-device hardware to facilitate access, payment or loyalty programs. For example NFC cards or devices can be presented to authenticate identity and gain access to a certain location or to collect loyalty points and later use them to obtain an item.

    • Even with close proximity systems, eavesdropping without the knowledge of the device user might still be possible
    • Loyalty programs might be used to create unauthorized profiles of users. The profile can be used to targeted advertising, spam or shared with third parties
    • Databases of the loyalty program may become targets of a data breach which places the user’s personal information at risk
    • Anderson of the IPC said manufacturers as well as SMBs thinking of diving into near field communications should adopt a proactive rather than reactive approach to risk mitigation.

    For example, NFC app developers can working on smart posters could use “tag filtering” mechanisms which that is designed to only support mobile browser access to online information which filters out out-of-scope tag types such as an SMS messaging URL or a file URL tag type.

    This will prevent users from inadvertently opening malicious SMS messaging URLs or malicious FILE URLs that invoke a Trojan file.

    NFC services can also use default settings that turn of NFC capabilities and Bluetooth connection once a transaction is completed or when the devices screen or keyboard is disabled or locked. This will prevent NFC features from being activated without the user’s knowledge.

    Alternatively, there should be a way for users to turn on and turn off NFC and other connectivity functions of their device.

    Users should also be made aware of the type of transactions taking place when they use the NFC functions of their devices. This can be achieved, Cavoukian said, by providing prompts that provide feedback on the type, name or size of data that the device is receiving or sending out.

    “Keep your practices open and transparent to your users. Provide full and complete disclosure of what personal information will be collected, processed, stored and transferred,” said Cavoukian.

    Nestor ArellanoNestor Arellano is a Senior Writer at ITBusiness.ca. Follow him on Twitter, read his blog, and join the IT Business Facebook Page.

    (With filed from Michael Cooney -Network World US)

    Share on LinkedIn Share with Google+