Printer Go₿rrr ⚡ on Nostr: Having a background in telecommunication, I don’t trust NFC in combination with ...
Having a background in telecommunication, I don’t trust NFC in combination with Bitcoin. I’ll highlight the risks of NFC that you should be most aware of here.
1. Eavesdropping:
Eavesdropping the number one threat facing all NFC contactless payments. The term refers to a criminal "listening in" on an NFC transaction.
Unlike handing over cash in a store, the nature of NFC payments means the payment device and the terminal are transmitting electronic data. That data can be used by thieves to ascertain private information about the user.
There are three main aspects to an NFC transaction: air interface signals capture, communication channels decoding, and captured data analysis. It is the first part which is at risk of eavesdropping.
NFC payments work by magnetic coupling to manage the energy transferred between the HF RFID reader and tag antennas. The coupling places limits on how far signals can reach, but white hat hackers claim they've succeeded from as far away as five meters.
Ultimately, if an interceptor can receive, amplify, process, and decode the leaked signals, they can eavesdrop. Readily built eavesdropping devices exist already and can be bought at various outlets.
Eavesdropping is the number one threat facing all NFC contactless payments. The term refers to a criminal "listening in" on an NFC transaction. Unlike handing over cash in a store, the nature of NFC payments means the payment device and the terminal are transmitting electronic data. That data can be used by thieves to ascertain private information about the user. There are three main aspects to an NFC transaction: air interface signals capture, communication channels decoding, and captured data analysis. It is the first part which is at risk of eavesdropping. NFC payments work by magnetic coupling to manage the energy transferred between the HF RFID reader and tag antennas. The coupling places limits on how far signals can reach, but white hat hackers claim they've succeeded from as far away as five meters. Ultimately, if an interceptor can receive, amplify, process, and decode the leaked signals, they can eavesdrop. Readily built eavesdropping devices exist already and can be bought at various outlets.
2. Apps / Malware:
NFC contactless payments are made possible by apps. The NFC technology is hardware within your phone or tablet, but it's the individual app or operating system that decides how the technology is used. So the security of every NFC payments is dictated by the state of your Apps. This brings us to malware attacks. Cybercriminals can also use malware to infect mobile devices and steal payment information or conduct fraudulent transactions. They can do this by sending phishing messages or using other social engineering tactics to trick users into downloading malicious software onto their devices.
3. Card skimming:
RFID-chips can also be vulnerable to data skimming, where hackers use special devices to read the relevant information from a distance. This can happen when a person is simply walking through a crowded area or standing in line at a store or worse, at a bitcoin conference.
4. Lack of awareness:
Many users may not be aware of the potential risks associated with NFC payments, or they may not take the necessary precautions to protect their payment information. This can include failing to secure their mobile devices or failing to monitor the physical security of other NFC enabled devices.
Thankfully the above risks can be easily mitigated by using wallets with limited funds on them, and a bit of common_sense. This is not meant to spread FUD, but you should always be aware of potential risks. I’m positive that most of these vulnerabilites could potentially be fixed, if there is enough awareness about them.
Thank you for reading!
1. Eavesdropping:
Eavesdropping the number one threat facing all NFC contactless payments. The term refers to a criminal "listening in" on an NFC transaction.
Unlike handing over cash in a store, the nature of NFC payments means the payment device and the terminal are transmitting electronic data. That data can be used by thieves to ascertain private information about the user.
There are three main aspects to an NFC transaction: air interface signals capture, communication channels decoding, and captured data analysis. It is the first part which is at risk of eavesdropping.
NFC payments work by magnetic coupling to manage the energy transferred between the HF RFID reader and tag antennas. The coupling places limits on how far signals can reach, but white hat hackers claim they've succeeded from as far away as five meters.
Ultimately, if an interceptor can receive, amplify, process, and decode the leaked signals, they can eavesdrop. Readily built eavesdropping devices exist already and can be bought at various outlets.
Eavesdropping is the number one threat facing all NFC contactless payments. The term refers to a criminal "listening in" on an NFC transaction. Unlike handing over cash in a store, the nature of NFC payments means the payment device and the terminal are transmitting electronic data. That data can be used by thieves to ascertain private information about the user. There are three main aspects to an NFC transaction: air interface signals capture, communication channels decoding, and captured data analysis. It is the first part which is at risk of eavesdropping. NFC payments work by magnetic coupling to manage the energy transferred between the HF RFID reader and tag antennas. The coupling places limits on how far signals can reach, but white hat hackers claim they've succeeded from as far away as five meters. Ultimately, if an interceptor can receive, amplify, process, and decode the leaked signals, they can eavesdrop. Readily built eavesdropping devices exist already and can be bought at various outlets.
2. Apps / Malware:
NFC contactless payments are made possible by apps. The NFC technology is hardware within your phone or tablet, but it's the individual app or operating system that decides how the technology is used. So the security of every NFC payments is dictated by the state of your Apps. This brings us to malware attacks. Cybercriminals can also use malware to infect mobile devices and steal payment information or conduct fraudulent transactions. They can do this by sending phishing messages or using other social engineering tactics to trick users into downloading malicious software onto their devices.
3. Card skimming:
RFID-chips can also be vulnerable to data skimming, where hackers use special devices to read the relevant information from a distance. This can happen when a person is simply walking through a crowded area or standing in line at a store or worse, at a bitcoin conference.
4. Lack of awareness:
Many users may not be aware of the potential risks associated with NFC payments, or they may not take the necessary precautions to protect their payment information. This can include failing to secure their mobile devices or failing to monitor the physical security of other NFC enabled devices.
Thankfully the above risks can be easily mitigated by using wallets with limited funds on them, and a bit of common_sense. This is not meant to spread FUD, but you should always be aware of potential risks. I’m positive that most of these vulnerabilites could potentially be fixed, if there is enough awareness about them.
Thank you for reading!