As mobile continues to explode, we will see technologies such as NFC (Near Field Communication) explode with it. If you don’t know, NFC allows for data exchange wirelessly between two devices in close proximity to each other. In other words, this is a fantastic technology, which would allow payments to be made with your mobile phone for products and services.
While this is not a brand new technology, the adoption of NFC and integration of it into smartphones will become mainstream in the next 12-24 months as the technology is being adopted in almost all new handsets. Let’s now explore some of the great things that NFC will enable us to do:
Purchasing Goods or Services - Buying groceries? Why pull out your credit card when you can simply hold your mobile phone to a NFC reader at the till.
Device to Device File Sharing - Want to share a file with a friend? Transfer a file from one device to another seamlessly – such as a video, or a photo.
Contact Sharing - Just finished meeting people for the first time? Hold your smartphone to theirs and instantly have their contact information stored on your device.
Digital Boarding Cards – Forget boarding passes. Let’s now imagine just walking up to the counter and using your mobile phone to authenticate you before boarding an aircraft.
These are just a few examples of how NFC will likely be used in the very near future. While these things will most certainly enhance our day-to-day life, it is important to understand that the bad guys will undoubtedly find ways to exploit and capture this sensitive information for financial gain.
While NFC may be a secure method of communication, it is only as secure as the operating system that is using it. While some operating systems may be “more secure” than others, vulnerabilities in software will always present themselves. Tapping on a simple web link on a mobile device could re-direct to exploit code which could take advantage of these vulnerabilities and extrapolate valuable and sensitive information.
Cyber criminals like to focus their efforts in areas where large quantities of people store sensitive information. If all mobiles devices start acting as a means to purchase products and services, it’s only a matter of time before the bad guys start finding ways to exploit and extract this information to make themselves money. We will most likely see malware written specifically to exploit the mobile operating system and applications as a means to get at this information. We haven’t even yet touched on privacy issues that could arise by applications taking advantage of understanding buying patterns or usage patterns of NFC.
So how can we protect ourselves from this new threat which will become much more prevalent in the next 12-24months? Like with traditional personal computers, we need to ensure our operating systems are always up to date. We also need to ensure that we are running reputable security software, which has the ability to analyze not only malicious files, but, malicious URL’s that may be accessed from these mobile devices. Likely means of being infected on a mobile device will be via a rogue application downloaded from a third party application store, or, via a web link. This means, that we must be careful of what we “tap” on, or, which applications we install on our devices. Ensure all applications come from reputable online application stores and fight the urge to “jailbreak” or “root” your personal device.
While most people have done an adequate job of educating themselves on how to keep their credit card information safe in the physical world, it is equally, if not more important to understand how to do this in the digital world.