Near Field Communication

from Wikipedia, the free encyclopedia
N-Mark logo as identification of NFC-certified devices
An ÖBB ticket validator that can also be used to buy a mobile phone ticket with NFC technology

The Near Field Communication (dt. Near-Field , abbreviated NFC ) is a on the RFID -based technology international transmission standard for the contactless exchange of data by electromagnetic induction by means of loose coupled coil over short distances of a few centimeters and a data transfer rate of up to 424 kbit / s.

So far, this technology has mainly been used in the field of micropayment - contactless payments of small amounts. In Germany, for example, the technology is offered by the savings banks under the name Girogo for payment of sums of up to 25 euros. Many universities use NFC chips in student ID cards to pay small amounts. Some credit cards have a contactless payment function that enables payments of up to 50 euros, in Switzerland up to 40 francs, without entering a PIN. Each bank and card provider sets this limit itself, so some credit cards require a PIN for payment of less than 25 euros. Many devices for paying by card have also been equipped with NFC readers since spring 2015, allowing payments in all kinds of shops, from petrol stations to discounters. Other applications are, for example, the transmission of Bluetooth or WLAN authentication data to establish communication, or the calling up of web links if a URL in the appropriate format has been stored in the NFC chip. New application possibilities are also being opened up in the smart home and the Internet of Things .

features

The transmission is either connectionless (with passive HF RFID tags according to ISO / IEC 14443 or ISO / IEC 15693 ) or with connection (between equivalent active transmitters). According to the usual definition (for example in ISO / IEC 15408, the “ Common Criteria ”), connectionless use is not secure against attacks by third parties. The connection-based solution should be secure for payment transactions. The minimum security functions to be taken into account are also integrated into the hardware of the mobile devices. Qualifications of implemented devices according to ISO / IEC 15408 have not yet been published.

Passive RFID transponder (13.56 MHz)

State of standardization

The first drafts were published jointly by NXP Semiconductors (formerly Philips ) and Sony in 2002 . The development of several international standards (several documents ISO / IEC 13157, -16353, -22536, -28361, finally adopted or in the process of being voted on) is ongoing. The processing status is published by ISO .

Status of introduction

A solution with the name ERGOSUM has been worked on in France since 2008. There, the mobile communications providers Bouygues Telecom , Orange and SFR are cooperating with banks such as Cofidis and Banque Accord as well as retail chains such as Auchan , Carrefour and Fnac to introduce mobile payment based on NFC on a large scale. In Asia and Poland, NFC is already widely used for payment services. A report on this procedure that is no longer up to date comes from October 2009.

Organizational and technical boundary conditions

NFC is intended to enable the exchange of various data, such as telephone numbers, pictures, MP3 files or digital authorizations, between two devices paired for a short time without special registration, which are kept close to each other without errors in the alternating assignment of the pairs.

NFC is intended to support requirements where

  • the paired devices are assigned by the user or users anyway,
  • the personalization of the registered mobile phone provides the first authentication ,
  • the re-authentication of the user can be integrated depending on the criticality of the transaction,
  • both devices involved or the mobile device can actively send (connection can be established),
  • certain complex security features of the transmission should prevent unwanted reading,
  • uninvolved third parties cannot skim off information by simply listening in and
  • the mobile phone is to be used as a reader as an already existing device.

history

The technology behind NFC is based on radio-frequency identification (RFID). RFIDs enable a reader based on radio waves to read a passive electronic transponder (transmitter / receiver) for identification, authentication and tracking.

  • 1983: The first patent with the abbreviation "RFID" is issued to Charles Walton.
  • 2002: Sony and Philips agree on a technical specification on March 25, 2002.
  • 2004: Nokia, Philips and Sony establish the Near Field Communication (NFC) forum
  • In 2006 the first specification for NFC tags is published
  • In 2006, the specification for “SmartPoster” entries was adopted
  • Nokia 6131 in 2006 is the first NFC-enabled mobile phone
  • In December 2008, the BMBF- funded research project Mobile Hybricare started with the aim of developing solutions for the intelligent interlinking of product (RFID and NFC-supported nutrition management) and service elements (medical, nursing, medical technology; model application in outpatient nutrition management).
  • In January 2009, the NFC forum publishes peer-to-peer standards for transferring contacts, URLs , Bluetooth connections, etc.
  • In 2011, at the “Google I / O” conference, a lecture entitled “How to NFC” will demonstrate how to use NFC to start a game or to pass on contacts, URLs, apps, videos etc. (“share”).

Use cases with stationary devices

Girogo card
(X-ray view of the card)
Back of a Mastercard with visible EMV chip and NFC antenna

NFC can be used with active devices as an access key at terminals to content and services, such as

However, the technical features specified in the standards mentioned are hardly sufficient for problem-free use. Nothing has yet been published about suggestions for organizational embedding.

Back of a modern smartphone with invisible NFC with a built-in antenna in the battery cover

Spread in mobile devices

Two of the first cell phones with NFC functionality

Samsung and Nokia (Nokia 6210 and Nokia C7) have been offering NFC-enabled devices since 2008. In 2013 there were over 100 NFC-enabled cell phone models worldwide. Other manufacturers, in particular of Android devices, have since followed suit. In September 2014, Apple presented the iPhone 6 and the Apple Watch , which are equipped with an NFC module.

The general advantage of NFC for mobile devices is that communication via NFC is possible even with devices that are switched off or those with an empty battery.

Cellular service offerings

Integrating a payment function with a mobile phone into existing SIM card infrastructures is an uneconomical model for providers, as these SIM cards are usually managed by network operators, but the payment application is issued by a bank. In addition, the bank may place additional security requirements on the hardware and software. In October 2012, O2 was the first of the network operators to start the mobile payment service mpass based on NFC. Mastercard , Visa and PayPal presented various other solutions at MWC 2013.

Banking services certification

A complex requirement is the provision of the necessary software with different mobile phones. From the point of view of the state of the art in 2009 (with adoption of the Common Criteria ISO / IEC 15408), the software must be available for every mobile device model coming onto the market in the future and in the respective operating system ( Apple iOS , Android , Symbian , Bada etc.). Each of these customizations must be certified by the supporting banks or an institute for the combination of mobile device, customization and bank.

Mobile device as a car key

In the meantime, with the help of the smartphone and its NFC functionality, various manufacturers (BMW, Hyundai, Mercedes) can unlock the car doors and personalize the comfort options in the car (seat and mirror positions, station selection). Extended personalization is achieved through Bluetooth or WiFi pairing using NFC. Your own smartphone can establish a Bluetooth or WLAN connection with the vehicle, for example via an NFC touchpoint in the center console of a car.

Smart poster

In the context of NFC, smart posters refer to display boards in which NFC transmitters / receivers (“tags”) are physically integrated. Users can z. B. interact with the poster using an NFC-enabled smartphone, d. H. Read out information by approaching such a "tag". As a rule, only the hash value of the tag is read out, and the logic of which information is exchanged lies in the application on the mobile device. In the health sector, this interaction scheme is particularly suitable for documenting health conditions on the patient side.

Authentication

Universal additional factors for two-factor authentication can communicate with operating systems or web browsers via NFC , such as security tokens for the open U2F standard. Disadvantages are the low data transmission rate for NFC tags and the resulting weak transaction binding (without galvanic coupling as with FIDO ) under various attack scenarios.

Technical details

The technical approach offers a multitude of possibilities that are not recommended for the previously known mobile phone without an extension. There are basically two types of application:

Communication with immediate mating

The NFC technology is based on a combination of smart card and contactless connection technologies. It works at a frequency of 13.56 MHz and offers a maximum data transfer rate of 424 kBit / s with a range of just ten centimeters. This is desired so that the contact can be interpreted as consent to a transaction. NFC is standardized by ISO 14443, 18092, 21481 ECMA 340, 352, 356, 362 or ETSI TS 102 190.

Communication between NFC-capable devices can be active-passive as well as active-active (peer-to-peer), in contrast to conventional contactless technology in this frequency range (only active-passive). Therefore, NFC represents a connection to the RFID world. NFC is largely compatible with widely used smart card infrastructure, based on ISO / IEC 14443- A (e.g. NXP's Mifare technology) or ISO / IEC 14443-B (before especially in francophone countries) as well as with Sony's FeliCa card (e.g. Octopus card in Hong Kong), which are used for electronic tickets in local public transport and for payment applications. Since October 2015 there has also been an NFC specification based on ISO 15693 technology, which usually offers a slightly larger range than the ISO 14443 standard.

Because of its extremely short range, NFC is no competition to Bluetooth or wireless LAN . However, it can be used as a replacement for barcodes in the above-mentioned areas (electronic purchase of travel or entrance tickets, etc.) in which the capacities of barcodes are no longer sufficient for the required amounts of data. (The data matrix is limited, for example, to 1558 bytes per bar code.) The connection between smartphone and NFC tag make applications such as NFC tag info, NFC reader or trigger ago.

Above all, however, NFC is used where two devices communicate with each other in a cryptographically secured manner (e.g. in payment applications).

Close communication

In addition, Bluetooth is taken into account for access control and control because this new radio standard (version 4.0) is being used worldwide. The previously used Bluetooth standard (version 2.1) is relatively slow in the protocol structure (longer than a second) and energy-consuming (battery cycle less than two days). The corresponding chips ( Bluetooth low energy ) were not used in mass production until early 2011. Ranges of one to three meters are achieved (Bluetooth class 3), which clearly leaves the definition of the NFC concept (+ 0.1 m).

The NFC forum

The companies NXP Semiconductors, Sony and Nokia jointly founded the NFC Forum in 2004, which aims to promote the implementation and standardization of NFC technology and ensure compatibility between devices and services. Other companies also support the NFC forum, such as American Express , Mastercard , Panasonic , Microsoft , Motorola , NEC , Samsung , Texas Instruments , Infineon Technologies , Hewlett-Packard , VISA International Service Association , Vodafone , Sprint , Postbank , Telefónica and France Telecom .

Preparations by the device manufacturer

For a long time only one NFC-enabled mobile phone was commercially available, the 6131 NFC from Nokia. The Finnish manufacturer brought further devices onto the market in the third quarter of 2008 with the Nokia 6212 and in early 2011 with the Nokia C7-00 . Other manufacturers have developed prototypes or NFC cell phones in limited numbers for field tests. In 2009 and 2010 around 25 NFC field tests were started worldwide in a wide variety of application areas to investigate how this new technology can be used.

The Eluga smartphone from Panasonic , like the Nexus 5 , was one of the first smartphones to be equipped with NFC technology. In the medium and high-priced segment, almost all smartphones are equipped with NFC today.

Field trials

In April 2006, NFC technology from the Rhein-Main-Verkehrsverbund (RMV), Nokia and Vodafone in Hanau near Frankfurt was taken over into regular operation ( "NFC mobile phone ticketing" ) after a successful ten-month field test . The tickets for the Hessian city's bus network could be paid for, saved and canceled electronically by holding NFC-enabled cell phones at the respective terminal. In addition, a newly introduced regional leisure card, the “RMV-ErlebnisCard Hanau”, has been integrated into the cell phones . It grants the owner favorable conditions in local retail establishments and at events.

In July 2007, RMV started another NFC pilot test in Frankfurt am Main together with its system partner T-Systems and Nokia. Here passive NFC radio chips (so-called “ConTag”) were used to automatically start the mobile phone ticketing solution that has been in use in Frankfurt for a long time.

At CeBit 2007, Vodafone presented the “ Touch & Travel ” project in cooperation with Deutsche Bahn , which is now in operation nationwide in long-distance transport. Initially, a variant of the Motorola SLVR  V7 with NFC attachment was used, which was later replaced by the Samsung GT-S5230N . From January 1, 2010, the pilot area was expanded to include the routes from Hanover via the Ruhr area to Cologne. In the meantime, the wireless service providers T-Mobile and O2 are also project partners. The system can currently be used in all major German mobile networks.

At the WIMA conference in Monaco in 2009, Nokia presented its new NFC mobile phone 6216 classic. This mobile phone uses the latest NFC chipset from NXP and is the first in the world to implement the new SWP communication standard. SWP is characterized by the fact that it enables communication between the "Secure Element" (the SIM card) and the NFC chipset.

Results from mobile EDC-based systems in the healthcare sector were presented at the ECIS conference in Barcelona in 2012. Patients suffering from amyotrophic lateral sclerosis (ALS) and who have impaired fine motor skills were able to document their state of health in a twelve-week test. For this purpose, the patients received an NFC-enabled mobile phone and a poster with NFC tags stuck on the back. On the front of the poster there were questions about the state of health that the patients could touch with the mobile phone and then evaluate.

Projekt Ingeborg  is a cultural project from Klagenfurt, Austria. The project, which started in July 2012, regularly introduces regional artists. By scanning smart labels that were distributed in public space, digital content about the presented artist can be called up on the smartphone, whereby the project was started with NFC, but then due to the known limitations of NFC with certain operating systems on QR Code has been expanded.

Real use

In 2005 the VDV eTicket service started in Germany. With this you can buy tickets cashless and manage subscriptions. Special readers are used in trains and buses to check tickets. Today more than 400 local transport companies use these eTickets.

Mobilkom Austria started contactless payment with ÖBB and Wiener Linien in September 2007 . NFC tags are also used as tickets in Helsinki , on the Moscow metro and on public transport in London .

The new ID card of the Federal Republic of Germany has also been NFC-compatible since 2011. Many offices do not yet have the necessary radio electronic reading devices.

On November 1, 2011, Deutsche Bahn introduced touchpoints with NFC local radio technology at all long-distance train stations.

Since August 2012, all new EC cards ( giro cards ) from the savings bank association and the cooperatives have been equipped with NFC-enabled chips. They should be used to pay small amounts of up to 20.00 euros (Girogo). The amount of money is first loaded onto the card at the ATM, by dumping or PIN authorization at the PoS . This NFC standard is another interface to the chip. It is intended to replace the contact-based insertion of the card (e.g. also for age verification at the cigarette machine).

Gradually, Mastercard (PayPass), Visa (PayWave) and other payment card organizations are introducing new cards with an NFC chip to speed up and simplify the payment process in shops.

Sony uses a completely different application to enable high-quality photography with standard smartphones. Special attachment lenses equipped with basic technology (DSC-QX series) use NFC technology when docked directly to the smartphone for fast communication between the smartphone and the camera lenses proven from professional devices as an alternative to the slower and occasionally interference-prone WLAN, the in turn, the possibility of using it for distances of up to 15 m between the lens and the device has been expanded.

retail trade

According to a survey by the EHI Retail Institute from 2014, 28% of those questioned offer contactless payment via card and 24% via mobile payment. Visa and Mastercard announced in the same year that by 2020 they would convert all of the POS terminals they support in Europe to accept contactless payment by card and mobile contactless payment with a smartphone.

Arts and Culture

In Austria, the Ingeborg project was a network culture project that introduces artists in public spaces on smart labels and uses NFC tags for this.

logistics

Austrian Post has been using NFC for receiving boxes installed in larger residential buildings since the beginning of 2016. The notifications sent in the post box contain an NFC tag that opens the receiving box.

criticism

This article or the following section is not adequately provided with supporting documents ( e.g. individual evidence ). Information without sufficient evidence could be removed soon. Please help Wikipedia by researching the information and including good evidence.

NFC is basically dependent on the settings of the handheld devices. Privacy protection is only given if the function is generally deactivated. However, NFC only works from a very short distance, which significantly limits the possibility of misuse. With 1.5 m antennas (as they are common at entrances and exits of department stores) it is possible to bridge a distance of approx. 1 m.

Loss and security risks

The simple situation applies: mobile phone gone - money gone - keys gone.

  • The recovery of keys is less of a problem. The key function is no longer effective when the mobile phone is switched off if it is linked to the SIM PIN function. Misuse is possible up to this point in time.
  • The current local money supply will not be restored after the cell phone is lost. According to various concepts, the current amount of money on the mobile phone is not tied to the SIM PIN function and is then not protected in the event of loss.
  • The authentication with the mobile phone is linked to this one device or medium, with or without the SIM PIN function, and thus generally cannot be implemented completely independently in two security features.
  • Without a transaction link, all implementations remain comparatively insecure.

Evidence for completed transactions

As far as the mobile phone does not generate receipts on paper or store transaction data, the user is dependent on the support of the service provider. Complaints are usually not possible without their participation.

Protection of the money supply in the event of loss

So far it is completely unclear which mechanism apart from a time-related maximum limit protects the account holder from unwanted debits if the switched-on mobile device falls into the wrong hands. It is also unclear which security has the key function if access is not even tied to the SIM card.

Complex solutions to this problem have only been proposed sporadically and require either an operator action for a security feature or a second component as an independent security factor.

Security risk with credit cards with an NFC chip

Radio transmission of information can generally be spied on by attacks by unauthorized third parties. Also, man-in-the-middle attacks are possible. In particular, the payment process with radio transmission is therefore at risk.

A technically effective improvement is achieved through the combined use of several authentication factors . Such combinations can also be overcome by combined attacks.

A necessary safeguard on the part of the user is the limitation of the payment processes for the individual process and for the sum of the processes per period (day, month).

reporting

According to Report Munich , this technology is neither mature nor certified and susceptible to attacks by third parties. For example, a simple application and an NFC-enabled device can be used to read the credit card data by briefly swiping over it from a distance of a maximum of 4 cm, for example over the wallet. With this information, in the pre-agreed credit limit are purchased on the Internet, as long as the payee is not the three-digit optical Card Validation Code required (CVC) from the back of the card, because this is not transferred during reading.

The CVC can, however, be determined at some banks using the brute force method , which Report Munich documented in a follow-up article. Without entering the CVC, according to the statement of the credit card companies, liability in the event of fraud lies with the payee. Credit cards that are additionally secured via 3-D Secure (additional password entry or mTAN ) were not taken into account in the report .

literature

Web links

Commons : Near Field Communication  - Collection of Images

Individual evidence

  1. Urszula Hulboj: This is how contactless payment works in Germany , Focus Online, August 8, 2017
  2. Deutsche Kreditbank AG: Contactless payments in seconds | DKB AG. Retrieved December 5, 2017 .
  3. Kassensturz: contactless payments: what customers need to know | SRF. Retrieved December 5, 2017 .
  4. Hanno Bender: Card payments: Aral relies on contactless payment , Der Handel, June 7, 2011
  5. Contactless payment at ALDI Nord , press release from ALDI Nord, June 9, 2015
  6. Fraunhofer FOKUS Competence Center Public IT: The ÖFIT trend sonar in IT security - Near Field Communication (NFC). April 2016, accessed on 19 May 2016 .
  7. ↑ Update status of NFC standards 2011
  8. ERGOSUM: towards simple and contactless mobile services at the point of sale ( English ) France Telecom. December 2, 2008. Retrieved May 4, 2009.
  9. French retailers, financial services providers and mobile operators publish NFC adoption plans
  10. Patent US4384288 : Portable radio frequency emitting identifier. Published May 17, 1983 , inventor: Charles A. Walton.
  11. ^ Philips and Sony Announce Strategic Cooperation to Define Next Generation Near Field Radio-Frequency Communications . Sony Global. September 5, 2002. Retrieved September 17, 2013.
  12. ^ Nokia, Philips and Sony established the Near Field Communication (NFC) Forum . NFC forum. March 18, 2004. Archived from the original on June 28, 2011. Retrieved June 14, 2011.
  13. NFC Forum Unveils Technology Architecture And Announces Initial Specifications And Mandatory Tag Format Support . June 5, 2006. Archived from the original on September 27, 2011. Retrieved June 14, 2011. 
  14. ^ NFC Forum Publishes Specification For "SmartPoster" Records . October 5, 2006. Archived from the original on September 27, 2011. Retrieved June 14, 2011.
  15. Nokia 6131 NFC . January 7, 2007. Retrieved June 14, 2011. 
  16. Use of mobile services in the integration of hybrid personal services in the healthcare industry. In: mobilehybricare.de , accessed on January 31, 2019.
  17. ^ NFC Forum Announces Two New Specifications to Foster Device Interoperability and Peer-to-Peer Device Communication . May 19, 2009. Archived from the original on September 27, 2011. Retrieved on June 14, 2011. 
  18. NFC-TAN: smartphone meets giro card. ( Memento from November 25, 2013 in the Internet Archive ) Press release GFT Technologies, CeBIT 2013.
  19. Prinz, Andreas: Interaction Design Patterns for NFC-based Electronic Data Capture Applications. (PDF) Prinz Publishing, Dieburg 2014, ISBN 978-3-9816875-0-7 , p. 46.
  20. Arno Kuss: NFC - data transmission technology for the mobile close range. Apfelmagazine.de, December 16, 2012, accessed on November 13, 2014 .
  21. Alexander Kuch: o2 relies on NFC and Mastercard for contactless payment. Report to Teltarif from September 27, 2012.
  22. Rita Deutschbein: Paying with the mobile phone: Providers show NFC systems. Mastercard, Visa, PayPal etc. present new solutions at the MWC. Report to Teltarif from February 25, 2013.
  23. ^ Sarah Clark: Hyundai shows off NFC car key concept. NFCworld.com, Jan. 8, 2013.
  24. Rian Boden: Mercedes E-Class to get secure NFC keys. NFCworld.com, July 8, 2015.
  25. Mike Clark: NXP unveils secure NFC solution for connected cars. NFCworld.com, Nov. 4, 2014.
  26. ^ Prinz, A. and J. Leimeister, Mobile Systems in Health Care. HMD Praxis der Wirtschaftsinformatik, 2012. 49 (4): p. 73-82.
  27. ISO-7816: Smartcard communication
  28. NFC: unknown and underestimated technology with great potential
  29. NFC Forum Homepage ( Memento of the original from January 9, 2011 in the Internet Archive ) Info: The archive link was inserted automatically and has not yet been checked. Please check the original and archive link according to the instructions and then remove this notice. @1@ 2Template: Webachiv / IABot / www.nfc-forum.org
  30. Tried: NFC Lite / Open NFC with the Nokia C7-00 - activated with Symbian Anna. ( Memento from January 18, 2012 in the Internet Archive ) Message in the Symbian Lounge from June 6, 2011.
  31. Eluga on the Panasonic website
  32. www.nfc-handy.eu
  33. Touch & Travel website: Scope ( German ) Archived from the original on February 2, 2014. Retrieved on January 29, 2014.
  34. touchandtravel.de ( Memento from October 22, 2009 in the Internet Archive )
  35. NFC technology takes its next step with the Nokia 6216 classic ( English ) Retrieved on May 4, 2009.
  36. John Walko: NXP sampling standards compliant NFC chip to tier 1 handset makers ( English ) EE Times . Archived from the original on July 16, 2009. Retrieved May 11, 2009.
  37. Prinz, A .; Menschner, P .; Leimeister, JM (2012): NFC-based Electronic Data Capture Systems - The Case of a Quality of Life Questionnaire. 20th European Conference on Information Systems (ECIS), Barcelona, ​​Spain 2012.
  38. Prinz, A., Interaction Design Patterns for NFC-Based Electronic Data Capture Applications. 2014, Prinz Publishing, Dieburg, ISBN 978-3-9816875-0-7 .
  39. MVV joins e-Ticket Germany. In: Eisenbahnjournal Zughalt.de. Accessed December 14, 2019 (German).
  40. Mobilkom starts with short-range cell phones: Contactless payment at ÖBB and Wiener Linien - cell phone becomes a “Swiss knife” . derStandard.at. October 22, 2007. Retrieved May 4, 2009.
  41. Helsinki gets NFC tram stops , accessed January 30, 2014.
  42. JSC Mikron Contactless Troyka Tickets for Moscow Metro , accessed July 1, 2014.
  43. TfL reports rapid adoption of contactless payments on London transport , accessed on June 23, 2015.
  44. EHI Retail Institude - Results from various retailer surveys on mobile payment. ( Memento from June 24, 2015 in the Internet Archive ) (PDF), accessed on June 23, 2015.
  45. Payment with Visa: Pay by mobile , accessed on October 9, 2017.
  46. MasterCard: In 2020, all of Europe should be able to make contactless payments , accessed on October 9, 2017.
  47. Post receiving box at post.at, accessed on April 7, 2016.
  48. Nokia confirms cancellation of planned 6216 SWP NFC phone (February 18, 2010)
  49. Release device
  50. Visa and MasterCard with NFC chip can be read out. Report to FinanceScout24 from June 8, 2012.
  51. EC-card security: Pay conveniently and insecurely , accessed on January 30, 2014.
  52. Near Field Communication (NFC) and RFID , accessed January 30, 2014.
  53. Credit card fraud made easy thanks to NFC technology , article from June 21, 2012.
  54. Cracked credit cards: The industry and its insecure security codes ( Memento from August 13, 2012 in the Internet Archive ), contribution from August 7, 2012.