Friday, July 20, 2012

NFC (Near Field Communication) From Wikipedia


Near field communication

From Wikipedia, the free encyclopedia
*
This article's citation style may be unclear. The references used may be made clearer with a different or consistent style of citation, footnoting, orexternal linking. (September 2011)
*
An NFC-enabled mobile phone interacting with a SmartPoster
Near field communication, or NFC, allows for simplified transactions, data exchange, and wireless connections between two devices in proximity to each other, usually by no more than a few centimeters.[1] It is expected to become a widely used system for making payments by smartphone in the United States. Many smartphones currently on the market already contain embedded NFC chips that can send encrypted data a short distance ("near field") to a reader located, for instance, next to a retail cash register. Shoppers who have their credit card information stored in their NFC smartphones can pay for purchases by waving their smartphones near or tapping them on the reader, rather than using the actual credit card. Co-invented by NXP Semiconductors and Sony in 2002, NFC technology is being added to a growing number of mobile handsets to enable mobile payments, as well as many other applications.[2]
Though contactless or proximity cards are in use, their market penetration is limited, and bringing NFC to mobiles and other similar platforms may increase usage. NFC cannot be labeled a ‘new’ technology, as Nokia has been active in this line since 2004. Along with Philips and Sony, it has founded the NFC Forum. Participation of 130 countries in this forum clearly signals that NFC is set to become a way of life in the years to come.
The Near Field Communication Forum (NFC Forum) formed in 2004 promotes sharing, pairing, and transactions between NFC devices[3] and develops and certifies device compliance with NFC standards.[4] A smartphone or tablet with an NFC chip could make a credit card payment or serve as keycard or ID card. NFC devices can also read unpowered NFC tags,[5] for example on a museum or retail display. NFC can share a contact, photo, song, application, or video, or pair Bluetooth devices.
The 140 NFC Forum members include Samsung, Nokia, Huawei, HTC, Motorola, NEC, RIM, LG, Sony Ericsson, Toshiba, AT&T, Sprint, Rogers, SK, Google, Microsoft, PayPal, Visa, Mastercard, American Express, Intel, TI, Qualcomm, and NXP.[6]

[edit]Uses

N-Mark Logo for certified devices
Emerging NFC standards allow users to transfer information by touching devices.[7]

[edit]Social networking

NFC simplifies and expands social networking options:
  • File Sharing: Tap one NFC device to another to instantly share a contact, photo, song, application, video, or website link.[8]
  • Electronic business card: Tap one NFC device to another to instantly share electronic business cards or resumes.[9][10]
  • Electronic money: To pay a friend, you could tap the devices and enter the amount of the payment.
  • Mobile gaming: Tap one NFC device to another to enter a multiplayer game.[8][11]
  • Friend-to-friend: You could touch NFC devices together to Facebook friend each other or share a resume or to "check-in" at a location.[12]

[edit]Bluetooth and WiFi Connections

NFC can be used to initiate higher speed wireless connections for expanded content sharing.[13]
  • Bluetooth: Instant Bluetooth Pairing can save searching, waiting, and entering codes. Touch the NFC devices together for instant pairing.[8][13]
  • WiFi: Instant WiFi Configuration can configure a device to a WiFi network automatically. Tap an NFC device to an NFC enabled router.[13]

[edit]eCommerce

NFC expands eCommerce opportunities, increases transaction speed and accuracy, while reducing staffing requirements. A Personal identification number (PIN) is usually only required for payments over $100 (in Australia) and £15 (in UK).[9]
  • Mobile payment: An NFC device may make a payment like a credit card by touching a payment terminal at checkout or a vending machine when a PIN is entered.[9][8][14]
  • PayPal: PayPal may start a commercial NFC service in the second half of 2011.[15][16]
  • Google Wallet is an Android app that stores virtual versions of your credit cards for use at checkout when a PIN is used.[14]
  • Ticketing: Tap an NFC device to purchase rail, metro, airline, movie, concert, or event tickets. A PIN is required.[9][17][18]
  • Boarding pass: A NFC device may act as a boarding pass, reducing check-in delays and staffing requirements.[9]
  • Point of Sale: Tap an SmartPoster tag to see information, listen to an audio clip, watch a video, or see a movie trailer.[12][13]
  • Coupons: Tapping an NFC tag on a retail display or SmartPoster may give the user a coupon for the product.[12][13]
  • Tour guide: Tap a passive NFC tag for information or an audio or video presentation at a museum, monument, or retail display (much like a QR Code).[8][12]

[edit]Identity documents

NFC's short range helps keep encrypted identity documents private.[13]
  • ID card: An NFC enabled device can also act as an encrypted student, employee, or personal ID card or medical ID card.[13]
  • Keycard: An NFC enabled device may serve as car, house, and office keys.[13]
  • Rental Car and hotel keys: NFC rental car or hotel room keys may allow fast VIP check-in and reduce staffing requirements.[8][19]

[edit]History

NFC traces its roots back to Radio-frequency identification, or RFID. RFID allows a reader to send radio waves to a passive electronic tag for identification and tracking.
  • 1983 The first patent to be associated with the abbreviation RFID was granted to Charles Walton.[20]
  • 2004 Nokia, Philips and Sony established the Near Field Communication (NFC) Forum[21]
  • 2006 Initial specifications for NFC Tags[22]
  • 2006 Specification for "SmartPoster" records[23]
  • 2006 Nokia 6131 was the first NFC phone[24]
  • 2009 In January, NFC Forum released Peer-to-Peer standards to transfer contact, URL, initiate Bluetooth, etc.[25]
  • 2010 Samsung Nexus S: First Android NFC phone shown[26][27]
  • 2011 Google I/O "How to NFC" demonstrates NFC to initiate a game and to share a contact, URL, app, video, etc.[8]
  • 2011 NFC support becomes part of the Symbian mobile operating system with the release of Symbian Anna version. [28]
  • 2011 RIM 2011 is the first company for its devices is certified by MasterCard Worldwide, the functionality of PayPass[29]

[edit]Essential specifications

NFC is a set of short-range wireless technologies, typically requiring a distance of 4 cm or less. NFC operates at 13.56 MHz on ISO/IEC 18000-3 air interface and at rates ranging from 106 kbit/s to 424 kbit/s. NFC always involves an initiator and a target; the initiator actively generates an RF field that can power a passive target. This enables NFC targets to take very simple form factors such as tags, stickers, key fobs, or cards that do not require batteries. NFC peer-to-peer communication is possible, provided both devices are powered.[3] A patent licensing program for NFC is currently under development by Via Licensing Corporation, an independent subsidiary of Dolby Laboratories. A public, platform-independent NFC library is released under the free GNU Lesser General Public License by the name libnfc.[30]
NFC tags contain data and are typically read-only but may be rewriteable. They can be custom-encoded by their manufacturers or use the specifications provided by the NFC Forum, an industry association charged with promoting the technology and setting key standards. The tags can securely store personal data such as debit and credit card information, loyalty program data, PINs and networking contacts, among other information. The NFC Forum defines four types of tags which provide different communication speeds and capabilities in terms of configurability, memory, security, data retention and write endurance. Tags currently offer between 96 and 4,096 bytes of memory.
  • As with proximity card technology, near-field communication uses magnetic induction between two loop antennas located within each other's near field, effectively forming an air-core transformer. It operates within the globally available and unlicensed radio frequency ISM band of 13.56 MHz. Most of the RF energy is concentrated in the allowed 14 kHz bandwidth range, but the full spectral envelope may be as wide as 1.8 MHz when using ASK modulation.[31]
  • Theoretical working distance with compact standard antennas: up to 20 cm (practical working distance of about 4 centimetres)
  • Supported data rates: 106, 212 or 424 kbit/s (the bit rate 848 kbit/s is not compliant with the standard ISO/IEC 18092)
  • There are two modes:
    • Passive communication mode: The initiator device provides a carrier fields and the target device answers by modulating the existing field. In this mode, the target device may draw its operating power from the initiator-provided electromagnetic field, thus making the target device a transponder.
    • Active communication mode: Both initiator and target device communicate by alternately generating their own fields. A device deactivates its RF field while it is waiting for data. In this mode, both devices typically have power supplies.
      kbit/s
      Active device
      passive device
      424 kbit/s
      Manchester, 10% ASK
      Manchester, 10% ASK
      212 kbit/s
      Manchester, 10% ASK
      Manchester, 10% ASK
      106 kbit/s
      Modified Miller, 100% ASK
      Manchester, 10% ASK

      • NFC employs two different codings to transfer data. If an active device transfers data at 106 kbit/s, a modified Miller coding with 100%modulation is used. In all other cases Manchester coding is used with a modulation ratio of 10%.
      • NFC devices are able to receive and transmit data at the same time. Thus, they can check for potential collisions if the received signal frequency does not match with the transmitted signal’s frequency.

      [edit]Comparison with Bluetooth

      NFC
      Bluetooth
      Bluetooth Low Energy
      RFID compatible
      ISO 18000-3
      active
      active
      Standardisation body
      ISO/IEC
      Bluetooth SIG
      Bluetooth SIG
      Network Standard
      ISO 13157 etc.
      IEEE 802.15.1
      IEEE 802.15.1
      Network Type
      Point-to-point
      WPAN
      WPAN
      Cryptography
      not with RFID
      available
      available
      Range
      < 0.2 m
      ~10 m (class 2)
      ~100 m
      Frequency
      13.56 MHz
      2.4–2.5 GHz
      2.4–2.5 GHz
      Bit rate
      424 kbit/s
      2.1 Mbit/s
      ~1.0 Mbit/s
      Set-up time
      < 0.1 s
      < 6 s
      < 0.006 s
      Power consumption
      < 15mA (read)
      varies with class
      < 15 mA (transmit or receive)

      NFC and Bluetooth are both short-range communication technologies which are integrated into mobile phones. As described in technical detail below, NFC operates at slower speeds than Bluetooth, but consumes far less power and doesn’t require pairing.
      NFC sets up faster than standard Bluetooth, but is not faster than Bluetooth low energy. With NFC, instead of performing manual configurations to identify devices, the connection between two NFC devices is automatically established quickly: in less than a tenth of a second. The maximum data transfer rate of NFC (424 kbit/s) is slower than that of Bluetooth V2.1 (2.1 Mbit/s). With a maximum working distance of less than 20 cm, NFC has a shorter range, which reduces the likelihood of unwanted interception. That makes NFC particularly suitable for crowded areas where correlating a signal with its transmitting physical device (and by extension, its user) becomes difficult.
      In contrast to Bluetooth, NFC is compatible with existing passive RFID (13.56 MHz ISO/IEC 18000-3) infrastructures. NFC requires comparatively low power, similar to the Bluetooth V4.0 low energy protocol. However, when NFC works with an unpowered device (e.g. on a phone that may be turned off, a contactless smart credit card, a smart poster, etc.), the NFC power consumption is greater than that of Bluetooth V4.0 Low Energy, this is because illuminating the passive tag needs extra power.

      [edit]Standardization bodies and industry projects

      [edit]Standards

      NFC was approved as an ISO/IEC standard on December 8, 2003 and later as an ECMA standard.
      NFC is an open platform technology standardized in ECMA-340 and ISO/IEC 18092. These standards specify the modulation schemes, coding, transfer speeds and frame format of the RF interface of NFC devices, as well as initialization schemes and conditions required for data collision-control during initialization for both passive and active NFC modes. Furthermore, they also define the transport protocol, including protocol activation and data-exchange methods. The air interface for NFC is standardized in:
      ISO/IEC 18092 / ECMA-340
      Near Field Communication Interface and Protocol-1 (NFCIP-1)[32]
      ISO/IEC 21481 / ECMA-352
      Near Field Communication Interface and Protocol-2 (NFCIP-2)[33]
      NFC incorporates a variety of existing standards including ISO/IEC 14443 both Type A and Type B, and FeliCa. NFC enabled phones work basically, at least, with existing readers. Especially in "card emulation mode" a NFC device should transmit, at a minimum, a unique ID number to an existing reader.
      In addition, the NFC Forum has defined a common data format called NFC Data Exchange Format (NDEF), which can store and transport various kinds of items, ranging from any MIME-typed object to ultra-short RTD-documents,[34] such as URLs.
      The NFC Forum added the Simple NDEF Exchange Protocol to the spec which allows sending and receiving messages between two NFC-enabled devices.[35]

      [edit]GSMA

      The GSM Association (GSMA) is the global trade association representing nearly 800 mobile phone operators and more than 200 product and service companies across 219 countries. Many of its members have led NFC trials around the world and are now preparing services for commercial launch.[36]
      GSM is involved with several initiatives:
      • Standard setting: GSMA is developing certification and testing standards to ensure the global interoperability of NFC services.[36]
      • The Pay-Buy-Mobile initiative seeks to define a common global approach to using Near Field Communications (NFC) technology to link mobile devices with payment and contactless systems.[37][38]
      • On November 17, 2010, after two years of discussions, AT&T, Verizon and T-Mobile launched a joint venture intended to develop a single platform on which technology based on the Near Field Communication (NFC) specifications can be used by their customers to make mobile payments. The new venture, known as ISIS, is designed to usher in the broad deployment of NFC technology, allowing NFC-enabled cell phones to function similarly to credit cards for the 200 million customers using cell phone service provided by any of the three carriers throughout the United States.

      [edit]StoLPaN

      StoLPaN (‘Store Logistics and Payment with NFC’) is a pan-European consortium supported by the European Commission’s Information Society Technologies program. StoLPaN will examine the as yet untapped potential for the new kind of local wireless interface, NFC and mobile communication.

      [edit]NFC Forum

      The NFC Forum is a non-profit industry association formed on March 18, 2004, by NXP Semiconductors, Sony and Nokia to advance the use of NFC short-range wireless interaction in consumer electronics, mobile devices and PCs. The NFC Forum promotes implementation and standardization of NFC technology to ensure interoperability between devices and services. As of March 2011, the NFC Forum had 135 member companies.[39]

      [edit]Alternative Form Factors

      To realize the benefits of NFC in cellphones not yet equipped with built in NFC chips a new line of complementary devices were created. MicroSD and UICC SIM cards were developed to incorporate industry standard contactless smartcard chips with ISO14443 interface, with or without built-in antenna. The microSD and SIM form factors with built-in antenna have the great potential as bridge devices to shorten the time to market of contactless payment and couponing applications, while the built in NFC contollers gain enough market share.

      [edit]Other standardization bodies

      Other standardization bodies that are involved in NFC include:
      • ETSI / SCP (Smart Card Platform) to specify the interface between the SIM card and the NFC chipset.
      • GlobalPlatform to specify a multi-application architecture of the secure element.
      • EMVCo for the impacts on the EMV payment applications

      [edit]Security aspects

      Although the communication range of NFC is limited to a few centimeters, NFC alone does not ensure secure communications. In 2006, Ernst Haselsteiner and Klemens Breitfuß described different possible types of attacks, and detail how to leverage NFC's resistance to Man-in-the-middle attacks to establish a specific key.[40] Unfortunately, as this technique is not part of the ISO standard, NFC offers no protection against eavesdropping and can be vulnerable to data modifications. Applications may use higher-layer cryptographic protocols (e.g., SSL) to establish a secure channel. Ensuring security for NFC data will require the cooperation of multiple parties: device providers, who will need to safeguard NFC-enabled phones with strong cryptography and authentication protocols; customers, who will need to protect their personal devices and data with passwords, keypad locks, and anti-virus software; and application providers and transaction parties, who will need to use anti-virus and other security solutions to prevent spyware and malware from infecting systems.[41]

      [edit]Eavesdropping

      The RF signal for the wireless data transfer can be picked up with antennas. The distance from which an attacker is able to eavesdrop the RF signal depends on numerous parameters, but is typically a small number of metres.[42] Also, eavesdropping is highly affected by the communication mode. A passive device that doesn't generate its own RF field is much harder to eavesdrop on than an active device. Oneopen source device that is able to eavesdrop on passive and active NFC communications is the Proxmark instrument[43].

      [edit]Data modification

      It is relatively easy to destroy data by using an RFID jammer. There is no way currently to prevent such an attack. However, if NFC devices check the RF field while they are sending, it is possible to detect attacks.
      It is much more difficult to modify data in such a way that it appears to be valid to users. To modify transmitted data, an intruder has to deal with the single bits of the RF signal. The feasibility of this attack, (i.e., if it is possible to change the value of a bit from 0 to 1 or the other way around), is amongst others subject to the strength of the amplitude modulation. If data is transferred with the modified Miller coding and a modulation of 100%, only certain bits can be modified. A modulation ratio of 100% makes it possible to eliminate a pause of the RF signal, but not to generate a pause where no pause has been. Thus, only a 1which is followed by another 1 might be changed. Transmitting Manchester-encoded data with a modulation ratio of 10% permits a modification attack on all bits.

      [edit]Relay attack

      Because NFC devices usually include ISO/IEC 14443 protocols, the relay attacks described are also feasible on NFC.[44][45] For this attack the adversary has to forward the request of the reader to the victim and relay back its answer to the reader in real time, in order to carry out a task pretending to be the owner of the victim’s smart card. One of libnfc code examples demonstrates a relay attack using only two stock commercial NFC devices.

      [edit]Lost property

      Losing the NFC RFID card or the mobile phone will open access to any finder and act as a single-factor authenticating entity. Mobile phones protected by a PIN code acts as a single authenticating factor. A way to defeat the lost-property threat requires an extended security concept that includes more than one physically independent authentication factor.

      [edit]Walk-off

      Lawfully opened access to a secure NFC function or data is protected by time-out closing after a period of inactivity.[citation needed][original research?] Attacks may happen despite provisions to shutdown access NFC after the bearer has become inactive. The known concepts described primarily do not address the geometric distance of a fraudulent attacker using a lost communication entity against lawful access from the actual location of the registered bearer. Additional feature to cover such attack scenario dynamically shall make use of a second wireless authentication factor that remains with the bearer in case of lost NFC communicator. Relevant approaches are described as an electronic leash or its equivalent, a wireless key.

No comments:

Post a Comment