NFC - What Could Go Wrong? Risks Associated With NFC

Learning objective: By the end of this lesson, students will be able to identify common cybersecurity risks associated with NFC, including methods attackers might use to intercept or steal card data.

How data can be stolen

1. Eavesdropping

   • Attackers use powerful antennas to capture transmissions.
   • This can happen from several feet away and often targets payment information.

2. Relay attacks

   • In this type of attack, criminals use two devices - one near your card or phone and another near a payment terminal.
   • Your card thinks it’s making a legitimate payment, but it’s just providing it to the attackers!

3. Data manipulation

   • This attack is done by modifying data during transmission and inserting malicious commands or corrupting transmitted information

Real-world scenarios

There are several ways in which NFC can become problematic. I bet you’ve heard about a few of them! Fake payment terminals or card skimming devices are frequently found at gas stations.

A reader can be used to steal your information just by getting close enough - even through a few layers of clothing. Have you seen commercials advertising RFID-blocking wallets to help prevent this?