Near Field Communication or NFC is a short-range high frequency wireless communication technology which enables the exchange of data between devices over about a 10 centimeter (around 4 inches) distance. The technology is a simple extension of the ISO/IEC 14443 proximity-card standard (proximity cardRFID) that combines the interface of a smartcard and a reader into a single device. An NFC device can communicate with both existing ISO/IEC 14443 smartcards and readers, as well as with other NFC devices, and is thereby compatible with existing contactless infrastructure already in use for public transportation and payment. NFC is primarily aimed at usage in mobile phones.



  • Like ISO/IEC 14443, NFC communicates via magnetic field induction, where two loop antennas are located within each other’s near field, effectively forming an air-core transformer. It operates within the globally available and unlicensed radio frequency ISM band of 13.56 MHz. Most of the RF energy is concentrated in the allowed 14 kHz bandwidth range, but the full spectral envelope may be as wide as 1.8 MHz when using the ASK modulation.
  • Working distance with compact standard antennas: up to 20 cm
  • Supported data rates: 106, 212, 424 or 848 kbit/s
  • There are two modes:
    • Passive Communication Mode: The Initiator device provides a carrier field and the target device answers by modulating the existing field. In this mode, the Target device may draw its operating power from the Initiator-provided electromagnetic field, thus making the Target device a transponder.

Active Communication Mode: Both Initiator and Target device communicate by alternately generating their own fields. A device deactivates its RF field while it is waiting for data. In this mode, both devices typically have power supplies.

  • NFC employs two different codingsto transfer data. If an active device transfers data at 106 kbit/s, a modified Miller coding with 100%modulation is used. In all other cases Manchester coding is used with a modulation ratio of 10%.
  • NFC devices are able to receive and transmit data at the same time. Thus, they need to check the radio frequency field and can detect a collision if the received signal does not match with the transmitted signal.


NFC technology is currently aimed mainly at being used with mobile phones. There are currently three specific uses for NFC:

  • Card emulation: the NFC device behaves like an existing contactless card
  • Reader mode: the NFC device is active and reads a passive RFID tag, for example for interactive advertising
  • P2P mode: two NFC devices are communicating together and exchanging information.

Plenty of applications are possible, such as:

  • Mobile ticketing in public transport: an extension of the existing contactless infrastructure, such as Mobile Phone Boarding Pass.
  • Mobile payment: the device acts as a debit/credit payment card.
  • Smart poster: the mobile phone is used to read RFID tags on outdoor billboards.
  • Bluetooth pairing: in the future pairing of Bluetooth 2.1 devices with NFC support will be as easy as bringing them close together and accepting the pairing. The process of activating Bluetooth on both sides, searching, waiting, pairing and authorization will be replaced by a simply bringing the mobile phones close to each other.

Other applications in the future could include:

A patent licensing program for NFC is currently under development by Via Licensing Corporation, an independent subsidiary of Dolby Laboratories.

A Public, platform independent Near Field Communication (NFC) library is released under the freeGNU Lesser General Public License by the name libnfc.

In December 2008 the application eCL0WN was released which allows you to read and copy the chip content of biometric passports.

At the end of 2010 Telefónica, La Caixa and Visa participated in a pilot project in Sitges pioneer in Europe with over 1,500 users and 500 shops.



Although the communication range of NFC is limited to a few centimeters, NFC alone does not ensure secure communications. In 2006, Ernst Haselsteiner and Klemens Breitfuß described different possible types of attacks.

NFC offers no protection against eavesdropping and is also vulnerable to data modifications. Applications have to use higher-layer cryptographic protocols (e.g., SSL) to establish a secure channel.


The RF signal for the wireless data transfer can be picked up with antennas. The distance from which an attacker is able to eavesdrop the RF signal depends on numerous parameters, but is typically a small number of meters. Also, eavesdropping is extremely affected by the communication mode. A passive device, which does not generate its own RF field, is much harder to eavesdrop on than an active device. An Open source device which is able to eavesdrop on passive and active NFC communications is the Proxmark instrument.

Data modification

Data destruction is relatively easy to realize. One possibility to perturb the signal is the usage of an RFID jammer. There is no way to prevent such an attack, but if the NFC devices check the RF field while they are sending, it is possible to detect it.

Unauthorized modification of data, which results in valid messages, is much more complicated and demands a thorough understanding. In order to modify the transmitted data an intruder has to deal with the single bits of the RF signal. The feasibility of this attack, i.e., if it is possible to change the value of a bit from 0 to 1 or the other way around, is amongst others subject to the strength of the amplitude modulation. If data is transferred with the modified Miller coding and a modulation of 100%, only certain bits can be modified. A modulation ratio of 100% makes it possible to eliminate a pause of the RF signal, but not to generate a pause where no pause has been. Thus, only a 1 which is followed by another 1 might be changed. Transmitting Manchester encoded data with a modulation ratio of 10% permits a modification attack on all bits.

Relay attack

Because NFC devices usually include ISO/IEC 14443 protocols, the relay attacks described are also feasible on NFC. For this attack the adversary has to forward the request of the reader to the victim and relay back its answer to the reader in real time, in order to carry out a task pretending to be the owner of the victim’s smart card. One of libnfc code examples demonstrates a relay attack using only two stock commercial NFC devices.

Lost property

The very simple problem of losing the mobile phone and therewith opening access to any finder of the property is not addressed. Either the NFC RFID card or the mobile phone will act as a single-factor authenticating entity, beyond the fact that the mobile phone is protected with the PIN code, again as a single authenticating factor. Hence the basic way of defeating the lost-property threat requires an extended security concept including more than one physically independent authentication factor.

Walk off

Once lawfully opened, access to a secure function or data is usually protected by time-out closing after a period of inactivity. Modern attacks may succeed, despite provisions to shut down access when the user turns inactive. The distance of a successful attacker to the locus of lawfully granted access is not addressed with any of the described concepts.


  • Nokia C7-00
  • Nokia 6216 Classic (Nokia has confirmed the cancellation of this phone in February 2010)
  • Nokia 6212 Classic
  • Nokia 6131 NFC
  • Nokia 3220 + NFC Shell
  • Samsung S5230 Tocco Lite/Star/Player One/Avila
  • Samsung SGH-X700 NFC
  • Samsung D500E
  • SAGEM my700X Contactless
  • LG 600V contactless
  • Motorola L7 (SLVR)
  • Benq T80
  • Sagem Cosyphone
  • Google Nexus S

Posted By

Vishnu Pratheek (ECE)  MGIT

Watch This Video …

About these ads