Säkerhet och integritet i närfältskommunikation

Sammanfattning: Context. In today’s society we use smart cards in many areas, NFC is a smart card technology that allows contactless interaction between a reader and the tag, the tag is often in the form of a card. NFC can be used for various payment methods or as access card to a building which makes life easier. In previous studies, the technique has proven to be weak to attacks using an NFC reader connected to a computer. Among today’s smartphones, there are phones that have built-in read and write support for NFC tags. Objectives. In this study, I examine the NFC tags that are frequently used in our society, entry cards and debit cards to determine the security against the increasing use of smartphones as a potential attack tool. If there is a threat I will try to remedy the found lack. Methods. My approach was to select a number of test items and analyze the objects using only a smartphone with NFC support to determine the risk for each of the items. The test conducted was the modification, cloning and unique copy. Results. Through this investigation, I concluded that four of the non-empty items was at risk of being intimidated. All four are used in public transport and the objects were vulnerable to unique copy. Conclusions. In order to remedy this vulnerability should be the management of the tag’s data is handled in a different way, perhaps by storing the data in a internal system or to replace the tags for a safer tag alternative.