• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Mobile   »   Good NFC Habits

Good NFC Habits

  • Posted on:November 6, 2012 at 1:53 am
  • Posted in:Mobile
  • Author:
    Ben April (Threat Researcher)
0

Recently, I spoke at the hashdays security conference in Switzerland to talk about the security of Near field communication (NFC) – specifically, how people and businesses can use it securely.

While NFC is not quite yet seeing widespread usage, early adopters – like many readers of this blog – are already using it in their lives. Some mobile manufacturers are touting the addition of NFC in their mobile devices. For my talk, I discussed what aspects of NFC usage can be considered secure, and what can be considered just “convenient”; what businesses can do to keep their customers safe; and what features of NFC should designers implement or completely avoid.

For home users, though, the most important part of my talk was what they can do to keep themselves safe. It’s never too early to pick up good NFC habits. What are these habits that can keep you secure? They are:

  • Lock your mobile device. In general, devices have to be turned on or unlocked before they can read any NFC tags. A simple screen lock – even without any password being used – can protect users against these threats.
  • For passive tags, use an RFID/NFC-blocking device (such as a wallet). Passive tags will emit fixed information in the presence of a NFC field, which means that there is a slight privacy risk carrying around these devices – if a blocking device is not used. (Anti-static bags can also block RFID devices.) This isn’t the case for mobile devices as their NFC reader automatically turns off once devices are locked, so this precaution is not necessary.
  • Use an NFC reader app on your mobile device. By default, most mobile devices will simply open a URL if one is detected on an NFC tag. If you wouldn’t lick a tag, you shouldn’t open it blindly – instead, use an app like NFC TagInfo or NFC TagInfo by NXP to read the tag first. The apps will be able to tell you what information is on the tag – allowing you to make an informed decision if you want to scan it or not.

We’ve seen no indication that NFC has been used in the wild by attackers, but it’s never too early to develop good habits when using this emerging – and promising – technology.

Learn how to protect Enterprises, Small Businesses, and Home Users from ransomware:
ENTERPRISE »
SMALL BUSINESS»
HOME»

Featured Stories

  • systemd Vulnerability Leads to Denial of Service on Linux
  • qkG Filecoder: Self-Replicating, Document-Encrypting Ransomware
  • Mitigating CVE-2017-5689, an Intel Management Engine Vulnerability
  • A Closer Look at North Korea’s Internet
  • From Cybercrime to Cyberpropaganda

Security Predictions for 2019

  • Our security predictions for 2019 are based on our experts’ analysis of the progress of current and emerging technologies, user behavior, and market trends, and their impact on the threat landscape. We have categorized them according to the main areas that are likely to be affected, given the sprawling nature of the technological and sociopolitical changes under consideration.
    Read our security predictions for 2019.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Recent Posts

  • February Patch Tuesday: Batch Includes 77 Updates That Cover Flaws in Internet Explorer, Exchange Server, and DHCP Server
  • Trickbot Adds Remote Application Credential-Grabbing Capabilities to Its Repertoire
  • Windows App Runs on Mac, Downloads Info Stealer and Adware
  • Linux Coin Miner Copied Scripts From KORKERDS, Removes All Other Malware and Miners
  • Various Google Play ‘Beauty Camera’ Apps Send Users Pornographic Content, Redirect Them to Phishing Websites and Collect Their Pictures

Popular Posts

  • Going In-depth with Emotet: Multilayer Operating Mechanisms
  • February Patch Tuesday: Batch Includes 77 Updates That Cover Flaws in Internet Explorer, Exchange Server, and DHCP Server
  • Various Google Play ‘Beauty Camera’ Apps Send Users Pornographic Content, Redirect Them to Phishing Websites and Collect Their Pictures
  • Linux Coin Miner Copied Scripts From KORKERDS, Removes All Other Malware and Miners
  • Trickbot Adds Remote Application Credential-Grabbing Capabilities to Its Repertoire

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.