Breaking News
Comments
Newest First | Oldest First | Threaded View
fmotta
User Rank
Freelancer
More Correct: Lack of security in NFC is slowing NFC-based payment programs
fmotta   5/21/2014 5:25:49 PM
NO RATINGS
For a short time the USA credit card companies were automatically sending NFC-based cards.  Everyone I know that received one watched as I used an Arduino and cloned it.  Then they sent the card back requesting the safer cards without the silicon-based security hole (called NFC).

SIMs have been more secure than NFC for quite some time.  So, I assert that the the need for improved security should be to bar the ability for attack by a script-kiddie with $30 worth of equipment (or an Android phone now - see Electronic Pickpocket app at Play store - Free).

 

ngpd
User Rank
Rookie
Security... for whom?
ngpd   5/13/2014 11:02:58 AM
NO RATINGS
While many might like the speed and convenience of ticketless payments, lots of people are worried about the security aspects. Witness, for example, all the adverts for wallets and passport covers that act as NFC shields. The idea of having a payment card that broadcasts my account details makes me very concerned!

The idea of a single card (or device) that authenticates my payments is all very good, provided that it cannot be cloned, it stops working if it is lost or stolen (and I can get a replacement very quickly, even if abroad), and it does not reveal information about me beyond that which is necessary for the transaction. A tall order!

There is also the issue of how the information about payments is stored and used. If I contact my mobile phone operator, my identity is validated by easily-discoverable information... and a PIN which can be discovered by many employees. I do not call this secure, so entrusting more information to them does not seem wise. basically, all 'security' and 'trust' seems to run one way, so it seems sensible to limit ones vulnerability until systems offering mutual trust are put in place.

Pablo Valerio
User Rank
Blogger
Re: Want more
Pablo Valerio   5/12/2014 5:44:51 PM
@ip2design, I agree with you. There is no reason for SIM based security to be slower. But the security layers implemented by the service providers --and mostly by the SIM system integrators-- have serious implications on speed.

Looks like TfL and other transit authorities have been working closer with cell companies and system integrators and the issue is being resolved.

ip2design
User Rank
Rookie
Re: Want more
ip2design   5/11/2014 3:01:36 AM
NO RATINGS
Hi Pablo,

We all know that NFC-SIMs and embedded Secure Elements are fast enough to perform access control the right way at the right speed. Most of the ICs are now based on 32-bit core running at 30MHz with hardware crypto and secure OS.So, there may be some tricks to optimize the solution.

 

Pablo Valerio
User Rank
Blogger
Re: Want more
Pablo Valerio   5/10/2014 4:59:02 PM
NO RATINGS
Susan Rambo
User Rank
Blogger
Want more
Susan Rambo   5/10/2014 9:59:14 AM
NO RATINGS
Hi Pablo, thanks for the interesting blog. You say you've written frequently about this issue. Where can we find more of blogs?



Flash Poll
Top Comments of the Week
Like Us on Facebook
EE Times on Twitter
EE Times Twitter Feed

Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)
EE Life
Frankenstein's Fix, Teardowns, Sideshows, Design Contests, Reader Content & More
Max Maxfield

Energizing the Young Engineers of Tomorrow
Max Maxfield
2 comments
It doesn't seem all that long ago when I was a bright-eyed, bushy-tailed young engineer. Now I feel like an old fool, but where are we going to find one at this time of the day (LOL)?

Jolt Judges and Andrew Binstock

Jolt Awards: The Best Books
Jolt Judges and Andrew Binstock
1 Comment
As we do every year, Dr. Dobb's recognizes the best books of the last 12 months via the Jolt Awards -- our cycle of product awards given out every two months in each of six categories. No ...

Engineering Investigations

Air Conditioner Falls From Window, Still Works
Engineering Investigations
2 comments
It's autumn in New England. The leaves are turning to red, orange, and gold, my roses are in their second bloom, and it's time to remove the air conditioner from the window. On September ...

David Blaza

The Other Tesla
David Blaza
5 comments
I find myself going to Kickstarter and Indiegogo on a regular basis these days because they have become real innovation marketplaces. As far as I'm concerned, this is where a lot of cool ...