A recent publication with Thomas P. Diakos, one of my PhD students, shows that NFC transmissions can be successfully received from distances of 45-80cm (depending on field strengths transmitted and user scenarios) using inconspicuous equipment, highlighting concerns about personal data. NFC technology is in use on more recent mobile phones and on contactless debit/credit cards issued by UK banks. The implications for consumers are significant. The results we found have an impact on how much we can rely on physical proximity as a ‘security feature’ of NFC devices. Designers of applications using NFC need to consider privacy because the intended short range of the channel is no defence against a determined eavesdropper.
This research is published by IET Open Access Research in The Journal of Engineering, and has also generated considerable interest at the IET and in the media. It has been reported on by BBC online, The Telegraph, IET Engineering & Technology, and others. Links to the paper and related press articles can be found in my publications page. Thomas is supervised by myself and Dr Stephan Wesemeyer from the Department of Computing, and Dr Tim W. C. Brown from the Centre for Communication Systems Research. This research was funded by the EPSRC and Consult Hyperion.