A security specialist has demonstrated that the Near Field Communication (NFC) technology on new Android and Nokia devices can be easily hacked if left on their default settings. The information was presented at the 2012 Black Hat security conference in Las Vegas.
Dr. Charlie Miller’s presentation, “Don’t Stand So Close To Me: An Analysis of the NFC Attack Surface,” was one of the highlight of the show. The presentation included a demonstration of a malicious NFC device that could hack into a phone if close enough. Formerly an employee of the NSA, Dr. Miller has won awards and notice for his attacks on Macs and iPhones. He is now a researcher for Accuvant Labs.
NFC technology is used to allow mobile phones to submit data (e.g. payment information) to receivers that are in close proximity. Usually, the devices have a range of about four centimeters. It is believed that in the future, the technology will be used with parking meters, vending machines, checkout lanes and more. Users store payment information on the device which can then be used to make payments similar to RFID technology in some toll booths and buses.
“So lots of people think that no encryption is needed since no one will get that close,” Miller said, as the audience laughed.
Dr. Miller’s hack worked, not by compromising the NFC technology itself, but by using the program to open malicious websites without the users knowledge. In particular, he was able to tell a phone to go to website where malicious software would be downloaded into the phone. The downloaded software would then be used to remotely access the phone.
The hardest part of exploiting the vulnerability was getting a phone within range of a malicious NFC device. The whole premise of NFC technology is that the user needs to be close enough to another NFC device that the action would have to be purposeful and direct. Otherwise, people would be paying for things by walking near a cash register. This is what makes NFC more useful for these kinds of interaction than Wi-Fi or Bluetooth, which transmit for much farther ranges.
In the video portion of the presentation, Dr. Miller is seen following a friend, trying to get close enough to him to activate the NFC technology in his friend’s phone. The attempt was described as awkward, but Dr. Miller explained several ways that a person could fall prey to such an attack or to other schemes. He notes that pickpockets routinely get this close to their marks and as NFC technology proliferates, criminals will undoubtedly target the payment method. As for a method that involves tricking someone, Dr. Miller gives the example of a person putting up a tag over a legitimate tag on an advertisement.
Currently, nearly 50 smartphones have NFC capabilities, including Android and Nokia models. While current iPhone models do not have NFC technology, the feature is among the rumored highlights of the iPhone 5.
Dr. Miller’s presentation assumes that the users of NFC-capable phones leave the NFC running at all times. Current phones with NFC can have the feature turned off, which users are likely to do to save power and for security.
Dr. Miller has forwarded his research to the NFC Implementation Team at Google, so they can work to improve security. He also suggests a few simple tactics to make it harder for NFC devices to be compromised. Dr. Miller ran more than 50,000 tests to find the flaws he pointed out in his presentation. He noted that some of the issues in the Android Beam (Google’s NFC program) were fixed in Android 4.0 (Ice Cream Sandwich).
“NFC attacks are really hard to test,” said Miller at the Black Hat conference. “The biggest takeaway is before you push a webpage to me or something, for God’s sake, give me the option to say no.”
NFC pairing with Nokia N9
Learn how to pair Nokia N9 and a loudspeaker by using NFC.
NFC and Android Beam
A session covering the developer-oriented NFC features we’ve been adding to the Android platform. Learn how to use Android Beam to add magic sharing abilities to your application, and see what other new and exciting NFC features we’re working on.