Security researcher warns over NFC flaws

A researcher from the Berlin Institute of Technology has warned against the increasing prevalence of Near-Field Communications (NFC) technology, due to major security flaws in its design and implementation.

Presenting at the European Commission Joint Research Centre's 'Digital Footprint in a Mobile Environment' event, Collin Mulliner warned attendees that NFC - a short-range radio system used to connect smartphones to other devices, which lies at the heart of future mobile payment systems - is not without its risks.

Among the issues highlighted in Mulliner's speech were a lack of encryption that could lead to man-in-the-middle eavesdropping, spoofing and corruption attacks, the ability to spoof URI - Universal Resource Indicators - from 'smart' posters used for NFC-powered advertising, and flaws in current NFC handsets that can cause serious issues.

Far from being a dry technical discussion, Mulliner's talk included proof-of-concept examples of NFC-borne attacks, including a smart poster URI spoofing attack that automatically sends a premium-rate SMS and purchases a paid-for ringtone, code that crashes Nokia and Samsung NFC-equipped handsets - including the Nexus S - through a record-payload-length bug, and a worm which propagates over NFC.

This last of these is worth a closer look: Mulliner highlighted a proof-of-concept self-propagating worm that uses NFC radios to find nearby devices to infect. The result: the digital equivalent of an airborne virus, capable of spreading rapidly between carriers simply via proximity.

Mulliner also claimed that work was progressing on a proof-of-concept creation that would be able to inject code into a handset via NFC - potentially allowing an attacker to install custom software to force the handset to do anything at all, including listen in on calls and internet traffic.

"I would say that we need to seriously reconsider security for NFC devices before major deployment of devices and services at the very least," opined privacy activist Alexander Hanff, who described the presentation as "some scary stuff".

"NFC tags can be destroyed very easily and you can simply stick your own tag over an existing one - consumers don't seem to notice," he warned.

This isn't the first time Mulliner has warned against the spread of NFC, having given a similar presentation at the Ninjacon event earlier this year - but with analysts predicting a cash boom for payment processors who implement NFC capabilities into their systems, his warnings appear to be falling on deaf ears.