One of the new features which almost all companies are including in the latest flagship devices is Near Field Communications (NFC). This functionality allows for the wireless transmission of the data at close ranges between mobile devices. Recently, there has been much buzz about this technology for its use in mobile payment systems, of which Apple Pay is the most well known.
However, now we are beginning to discover a darker side to the tech. It turns out that having yet another way of wireless communicating with a device, allows for yet more potential holes in a phone’s security.
So-called ‘white hat’ hackers have been taking part in the ‘Pwn2Own’ competition held over the last few days in Tokyo. This competition involves people trying to hack the operating systems of mobile devices in an attempt to win prizes and find flaws in these devices’ security. At the event this year, it seemed that the hottest new way to break into a phone’s operating system was through their NFC connection.
Of the five phones which these hackers managed to break on the first day of the event, 3 were made vulnerable by flaws in the NFC code. These flaws allowed a hacker complete access to the phone, enabling them to carry out tasks such as remote eavesdropping, and installation of malware software such as viruses.
The probable reason why NFC is so vulnerable is that it is a new technology. As it has only been around for a short amount of time, many of its vulnerabilities have not been well publicized and then patched, leaving skilled hackers plenty of room to try and find novel exploits of their own. While the vulnerabilities were alarming, it is much better for mobile phone users that they were found at this event, rather than by people who would abuse them for more nefarious means.