Embedded Systems Conference
Breaking News
Newest First | Oldest First | Threaded View
User Rank
More Correct: Lack of security in NFC is slowing NFC-based payment programs
fmotta   5/21/2014 5:25:49 PM
For a short time the USA credit card companies were automatically sending NFC-based cards.  Everyone I know that received one watched as I used an Arduino and cloned it.  Then they sent the card back requesting the safer cards without the silicon-based security hole (called NFC).

SIMs have been more secure than NFC for quite some time.  So, I assert that the the need for improved security should be to bar the ability for attack by a script-kiddie with $30 worth of equipment (or an Android phone now - see Electronic Pickpocket app at Play store - Free).


User Rank
Security... for whom?
ngpd   5/13/2014 11:02:58 AM
While many might like the speed and convenience of ticketless payments, lots of people are worried about the security aspects. Witness, for example, all the adverts for wallets and passport covers that act as NFC shields. The idea of having a payment card that broadcasts my account details makes me very concerned!

The idea of a single card (or device) that authenticates my payments is all very good, provided that it cannot be cloned, it stops working if it is lost or stolen (and I can get a replacement very quickly, even if abroad), and it does not reveal information about me beyond that which is necessary for the transaction. A tall order!

There is also the issue of how the information about payments is stored and used. If I contact my mobile phone operator, my identity is validated by easily-discoverable information... and a PIN which can be discovered by many employees. I do not call this secure, so entrusting more information to them does not seem wise. basically, all 'security' and 'trust' seems to run one way, so it seems sensible to limit ones vulnerability until systems offering mutual trust are put in place.

Pablo Valerio
User Rank
Re: Want more
Pablo Valerio   5/12/2014 5:44:51 PM
@ip2design, I agree with you. There is no reason for SIM based security to be slower. But the security layers implemented by the service providers --and mostly by the SIM system integrators-- have serious implications on speed.

Looks like TfL and other transit authorities have been working closer with cell companies and system integrators and the issue is being resolved.

User Rank
Re: Want more
ip2design   5/11/2014 3:01:36 AM
Hi Pablo,

We all know that NFC-SIMs and embedded Secure Elements are fast enough to perform access control the right way at the right speed. Most of the ICs are now based on 32-bit core running at 30MHz with hardware crypto and secure OS.So, there may be some tricks to optimize the solution.


Pablo Valerio
User Rank
Re: Want more
Pablo Valerio   5/10/2014 4:59:02 PM
Susan Rambo
User Rank
Want more
Susan Rambo   5/10/2014 9:59:14 AM
Hi Pablo, thanks for the interesting blog. You say you've written frequently about this issue. Where can we find more of blogs?

Top Comments of the Week
Like Us on Facebook

Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)
EE Life
Frankenstein's Fix, Teardowns, Sideshows, Design Contests, Reader Content & More
Max Maxfield

March 28 is Arduino Day -- Break Out the Party Hats!
Max Maxfield
Well, here's a bit of a conundrum. I just received an email from my chum David Ashton who hails from the "Unfinished Continent" Down Under. David's message was short and sweet; all he said ...

Bernard Cole

A Book For All Reasons
Bernard Cole
1 Comment
Robert Oshana's recent book "Software Engineering for Embedded Systems (Newnes/Elsevier)," written and edited with Mark Kraeling, is a 'book for all reasons.' At almost 1,200 pages, it ...

Martin Rowe

Leonard Nimoy, We'll Miss you
Martin Rowe
Like many of you, I was saddened to hear the news of Leonard Nimoy's death. His Star Trek character Mr. Spock was an inspiration to many of us who entered technical fields.

Rich Quinnell

Making the Grade in Industrial Design
Rich Quinnell
As every developer knows, there are the paper specifications for a product design, and then there are the real requirements. The paper specs are dry, bland, and rigidly numeric, making ...

Special Video Section
After a four-year absence, Infineon returns to Mobile World ...
A laptop’s 65-watt adapter can be made 6 times smaller and ...
An industry network should have device and data security at ...
The LTC2975 is a four-channel PMBus Power System Manager ...
In this video, a new high speed CMOS output comparator ...
The LT8640 is a 42V, 5A synchronous step-down regulator ...
The LTC2000 high-speed DAC has low noise and excellent ...
How do you protect the load and ensure output continues to ...
General-purpose DACs have applications in instrumentation, ...
Linear Technology demonstrates its latest measurement ...
Demos from Maxim Integrated at Electronica 2014 show ...
Bosch CEO Stefan Finkbeiner shows off latest combo and ...
STMicroelectronics demoed this simple gesture control ...
Keysight shows you what signals lurk in real-time at 510MHz ...
TE Connectivity's clear-plastic, full-size model car shows ...
Why culture makes Linear Tech a winner.
Recently formed Architects of Modern Power consortium ...
Specially modified Corvette C7 Stingray responds to ex Indy ...
Avago’s ACPL-K30T is the first solid-state driver qualified ...
NXP launches its line of multi-gate, multifunction, ...
EE Times Senior Technical Editor Martin Rowe will interview EMC engineer Kenneth Wyatt.
Flash Poll