How Does a Drive-By NFC Hack Work?


Maybe you’ve noticed a feature on your phone called NFC, and wondered what it is. Or maybe you’re using NFC for contactless payments from your Android or other device, and you’re concerned about how secure it is.

NFC is a common feature on phones, but something that many people aren’t aware of is that there are security risks associated with using it. Here we’ll explain more about NFC and how NFC hacking works.

What Is NFC (And Why Is It on My Phone)?

NFC Hack - what is NFC

NFC stands for near-field communication. It is a way for devices to communicate with each other when they are physically nearby. The most common place you’ll find NFC is on your smartphone. If your phone is NFC-enabled, as most are these days, you can use NFC for tasks like quickly pairing headphones with your phone, or bumping your phone against someone else’s to transfer contact data.

NFC typically works over a distance of a few centimeters. So to use it, you need to bring the two devices which are communicating very close together. Today, it’s also used for phone-based payments systems. When you tap your phone onto a reader to pay for your coffee order, that’s using NFC.

What’s the Difference Between NFC and RFID?

A similar technology to NFC that you might have heard of is RFID. You’ll find RFID chips in contactless cards, such as pre-paid cards you use to travel on some public transportation systems. And you might see items like wallets or card holders advertised as “RFID blocking.”

So what is RFID, and what does it have to do with NFC?

RFID stands for radio frequency identification. It is a term for a system of a small radio transponder and a receiver and transmitter. You’ll also see these referred to as tags, readers, and antennas. The technology is used in everything from clothing tags in retail shops to access control such as identification cards used by employers. It can also be used for things like “chipping” pets or monitoring cars going in and out of parking garages.

RFID is not necessarily a secure technology, as it does not use encryption. There exist tools called RFID skimmers which allow hackers to read RFID data from nearby objects like cards. Hackers could use this technology to steal information from RFID items.

That’s why NFC exists. NFC is a sub-type of RFID, which is somewhat more secure. It uses encryption to keep data safe. Applications used for payment from your phone, such as Apple Pay, use NFC.

NFC Isn’t Perfectly Secure

NFC Hack - NFC security

So does that mean you don’t have to worry about your NFC devices being hacked?

Unfortunately not. NFC is more secure than other types of RFID, but it’s not perfect. It was designed to be a connection of convenience, not security. NFC requires you to bump, tap, or swipe an NFC-capable device like your phone against an NFC-capable reader like another phone. As long as both devices are NFC-capable and that they are within the NFC wireless range, the connection is valid.

As far as the NFC protocol is concerned, the close distance is all that’s necessary for a valid transfer.

Can you see the weakness? No password or credential requirements! NFC connections are established automatically and do not require any form of login or password entry in the way that Wi-Fi does. This has the potential for some real problems since anyone can establish an NFC connection with your device as long as they get close enough.

Imagine if you bumped up against a virus-infected NFC device? It would only take one bump for you to catch it.

NFC can be made secure at the application layer by implementing secure channels or by requiring credentials, but NFC as a protocol itself is not secure at all. And despite the close-proximity requirements for an NFC connection to trigger, unwanted bumps do occur. Sometimes, even a well-intentioned bump (such as when paying with Google Wallet) can result in a disaster.

Basics of An NFC Hack

NFC Hack - how NFC hacking works

What is an NFC hack, anyway? Why is this particular form of wireless connection so vulnerable?

It has to do with the way that NFC is implemented on particular devices. Because NFC is a connection based on convenience, and because there aren’t many security checks in place, a bump could end up uploading a virus or malware or some other malicious file to the bumped device. And if the NFC implementation is insecure, that file could be automatically opened by the device.

Imagine if your computer automatically opened any file that it downloaded off the Internet. All it would take is one mistaken click on a bad link for your computer to auto-install malware. The concept is similar for NFC.

With these malicious apps running in the background, your phone could be secretly forwarding bank PINs and credit card numbers to an unauthorized person somewhere across the world. A virus might open up other vulnerabilities, allowing the malicious user full privileges to your device to read your email, texts, photos, and third-party app data.

The crux of the issue is that NFC transfers can be executed without the user even knowing a transfer is in progress. If someone could figure out a way to hide NFC tags in inconspicuous places where phones are likely to bump up against, they could upload malicious data onto NFC-enabled devices without people even realizing it. Hacker group, Wall of Sheep, proved this with NFC-tagged posters and buttons.

How to Protect Yourself Against NFC Hacks

NFC Hack - protect yoruself

The most effective way to secure against NFC vulnerabilities is simply not to use NFC at all. However, if you want to use functions like contactless payments, then there are steps you can take to make it more secure.

Compartmentalize your sensitive accounts. If you use your NFC device for, say, quickly making payments through Google Wallet, then one way to stay safe is to have a separate account just for NFC. That way, if your phone is ever compromised and your Google Wallet information is stolen, it will be the dummy account that’s stolen rather than your main account.

Turn off NFC when you aren’t using it. This prevents accidental bumps from delivering unwanted programs and malware to your device. You may not think your phone gets within bump-range of many devices throughout the day. But you’d be surprised, especially if you find yourself in crowds a lot.

Routinely check your device for malware, especially after you’ve used NFC. It may or may not be possible to fully prevent NFC hacks. But if you catch them before they do much damage, that will be better than not catching them at all. If you find anything suspicious, change your important passwords and security credentials right away.

Be Aware of Security Risks From Using NFC

NFC is a useful technology for certain functions. But it’s not without its security risks. Because it lacks password protection, it’s possible for hackers to access NFC data. They can even do this without you being aware of it.

It might seem like newly adopted technologies like NFC on phones only makes them more vulnerable. However, on balance, phones now are more secure than ever before. To learn more, see our list of reasons that smartphones are more secure than dumb phones.

Read the full article: How Does a Drive-By NFC Hack Work?