Quick detection of NFC vulnerability: Implementation weakness exploitation

The purpose of this research is to explain particular implementation weaknesses of near field communication (NFC) systems done by several institutions which apply for critical purposes and provide practical solutions.

This research is done by literature studies of previous findings in NFC security, observations of some existing implemented systems and experimentations to provide practical solutions.

Unintentional lack of security protection of the NFC cards and tags by some card issuers make them a vulnerable target. The outcomes of this research are proposed solutions on methods to quickly detect vulnerability in NFC tags using an Android-based mobile application. Another solution involves the assembly of a detection device using the portable, low power and powerful Raspberry Pi to analyze the NFC tags or cards and NFC reader vulnerabilities.

This research is conducted in Indonesia; therefore, the results and solutions may lack generalizability. However, the findings may occur in other countries which newly apply NFC technology.

System implementer should become more aware about the security issue of old NFC tags like MIFARE Classic. Price should be considered after tag security. People also need to be aware of identity or money theft using NFC-enabled smartphones, as many identity cards and electronic money are now relying on NFC technology.

People also need to be aware of identity or money theft using NFC-enabled smartphones, as many identity cards and electronic money are now relying on NFC technology.

This research fulfills an identified need to evaluate the security aspect of a system that uses NFC as one of the main technologies. The results and solutions also provides cheap, easy and practical tools to analyze NFC security.