Everything You Need to Know About Near Field Communication

Thursday, March 3, 2011 by: Abadi Askdg

Smartphone makers, wireless carriers, and credit card companies have all proclaimed their love for near field communication over the last week. And we share their enthusiasm: NFC has a lot of exciting potential. Soon enough, we'll be able to make payments, unlock our houses, stop worrying about our cumbersome Wi-Fi passwords, and hop on the subway without a transit pass, all from our phones. Here's how.

 

What Is NFC?

NFC is a short-range, low-power communications protocol between two devices. One device, the initiator, uses magnetic induction to create a radio-wave field that the target can detect and access, allowing small amounts of data to be transferred wirelessly over a relatively short distance (in NFC's case, the distance must be less than 4 inches). If that sounds a lot like RFID, the tech used by, for example, wireless toll-collection devices like EZ-Pass and FasTrak, it's probably because NFC is pretty much an evolved form of RFID. The difference is that RFID is a one-way street: Your EZ-Pass transmitter beams your $4.25 toll to the tollbooth's receiver, and that's the extent of the transaction. But, crucially, NFC is two-way, allowing your NFC-enabled gadget to both send and receive information.
Compared to other wireless protocols like Wi-Fi or Bluetooth, NFC is exceedingly slow, with a maximum data transfer speed of 0.424 Mbps, less than a quarter that of Bluetooth. But NFC has several key advantages over Bluetooth: It consumes a mere 15 mA of power (practically nothing for today's jumbo smartphone batteries), it has the possibility for greater security (more on that in a bit), and it forgoes the involved "pairing" process of Bluetooth entirely. Bluetooth needs to be configured; NFC is completely effort-free, requiring nothing more than a tap.

What Can You Do With NFC?

The three main concepts that the NFC Forum, the main association of companies promoting NFC, is pushing are "sharing, pairing, and transaction."
Transaction is the most obvious of the three, and the one we'll probably start seeing first. A smartphone with an NFC chip could very easily be configured to work as a credit or debit card. Just tap your phone against an NFC-enabled payment terminal, and bam, money spent, consumerism upheld, everyone's happy. But that's really only the start of what NFC can do in terms of transaction.
The other contents in your wallet aren't safe from NFC takeover, either, which is sure to enrage the formerly bulletproof wallet industry. NFC could work well for public transit passes, library cards, hotel room keycards, and office building passcards. Even government-issued IDs like driver's licenses and passports can be replaced or augmented with NFC, though the security concerns there could push such applications further into the future. But the point is, it's all possible, and relatively easy. Even keys could someday become a relic of the past, replaced by the tap of a phone to a lock.
"Sharing" is a little bit trickier, due to the limitations of the tech. Mostly, it'll be used much like QR codes--(the square barcode-like tags scannable by your cellphone camera--are used now, just without the need to open an app and take a picture. An active NFC-enabled device like a smartphone can interact either with another active NFC device or with a passive tag. That tag is basically just a little chip that's embedded with some kind of data to transfer--maybe it's in a printed ad, and provides a URL for more information. Those passive tags don't require power, either, instead relying on the RF field created by your phone, so you can just tap your phone to the tag and have a little bit of data--often a URL--beamed to your phone.
Debbie Arnold of the NFC Forum says "the concept of tag-reading is really exciting to me," as those passive, unpowered tags are very cheap and could be embedded in all kinds of places. Tap your phone against a tag on an appliance to get its warranty info, or on a pack of cigarettes to get some horrifying government-sponsored images of smokers' lungs. You know, for fun.
With its sub-0.5-Mbps speeds, you won't be beaming high-def video with your smartphone, so sharing of files will be limited to smaller items like photos, documents, and URLs (which, in our cloud-connected environment, is often all you need). But say you do want to send a fairly large file like a video. NFC can come in handy there too--as a bridge to a more intensive wireless protocol.
Which is where the "pairing" concept comes into play. Tap your phone to another phone to instantly configure a Bluetooth or Wi-Fi connection, without the need for passwords. Or tap your phone against your new router, and never again have to worry about that tiny scrap of paper with your deliberately complex Wi-Fi password that you could've sworn your roommate taped to the freezer. Or tap one phone to another to instantly exchange contact information, even when there's no available 3G connection.

Why Are Gadget-Makers, Bankers, Merchants, and Wireless Carriers So Gung-Ho About It?

NFC has some pretty amazing possibilities, but the reason every company from Google to Visa to McDonald's to T-Mobile is singing its praises has nothing to do with your ability to remember your router's password. In their eyes, NFC is always bracketed by dollar signs, with thoughts of direct advertising and real-time customer data causing their brains' mouths to mind-water (it's a serious condition). Pay for a purchase with your NFC-enabled phone, get a coupon. Tap your phone to an NFC-enabled movie poster, get a special offer for a 1PM Tuesday showing of Gnomeo and Juliet: The Squeakquel (this will be in the near future, obviously). Use NFC's mobile payment capabilities, and you're likely to get coupons, promos, samples, or other various digital perks beamed back to you in response.
But that doesn't explain why the business types are quivering in their business suits about NFC. The answer: It's all about advertising.
When Google's soon-to-be-ex-CEO Eric Schmidt recently took the stage at Mobile World Congress, he was barely able to contain his excitement. Google, let us recall, is in the business of ads and customer data. When you make an NFC purchase, your phone isn't just transmitting your bank numbers for payment. It can also transmit your buying habits and demographic information. That sounds terrifying, but for the most part that kind of information is already out there and being used every time you buy an app, or anything from Amazon, or search for a product on Google. NFC just has the potential to make that data available instantly and in real time, which is exceedingly valuable to marketers and retailers and other people who care that you prefer Five Guys to Shake Shack. And instead of coupons, you might get beamed advertising instead--intensely targeted ads tailored to your latest purchase.
Of course, it's unlikely that your personal data would be given to merchants without your knowledge -- at least by Google, which has a history of providing opt-out options for advertising like that. But if would certainly be possible.

Why Now?

At MWC, Schmidt said that "NFC has been around for a long time, but everything has just started to come together," which is mostly true. Magnetic induction for data transfer has been around for quite a few years, and mobile payments via magnetic induction have even become the de facto standard in Japan. The Mobile FeliCa (Felicity Card) has been in wide use in Japan, packaged into handsets from DoCoMo and Sony, but according to Debbie Arnold, spokesperson from the NFC Forum, systems like Mobile FeliCa "were more of a precursor to NFC." Mobile FeliCa is a one-way transfer card, a simpler form of RFID, that requires no power. "Nobody wanted to put up a product until NFC was ready," says Arnold, and it appears that it's ready now.
In late 2010, the NFC Forum finalized its first wave of technical specifications, as well as announcing its certification process for devices. Debbie Arnold notes that the program "gives manufacturers a means of confirming that their devices comply with NFC Forum specifications, and helps to ensure interoperability." It was only last year that tests and pilots were undertaken, which in turn led the banks, mobile carriers, and hardware manufacturers to jump on board and start really putting the web of NFC together.

What About Infrastructure?

It's generally assumed that the introduction of NFC into smartphones will require a massive infrastructure overhaul, but that may not be the case. NFC, as an evolved form of RFID, is actually compatible with existing RFID terminals, which are distributed by companies like Visa and MasterCard and are present in businesses from the international (McDonald's) to the local (my childhood sandwich purveyor, Wawa). For your bog-standard wireless payment, no fancy new hardware will be necessary.

Of course, those businesses that want to take advantage of NFC's more ad-friendly two-way abilities will need to install new NFC-powered point-of-sale devices. If McDonald's wants to know how many chicken nuggets you typically eat at a meal, they'll have to install a two-way NFC terminal. But the companies that really want that kind of data are typically not your mom-and-pop corner store, and are more likely to pony up for an NFC upgrade. The mom-and-pop store can still step up to a cheaper RFID reader, which works in the same system. You'll be able to find NFC-enabled devices by looking for the "N-Mark," pictured left, which alerts you that NFC-ing can be commenced.

In terms of phone hardware, you can expect to see NFC in the next generation of smartphones--basically, the ones after the ones that are about to hit the market. Google built some pretty elaborate NFC capabilities into the latest release of Android (version 2.3 Gingerbread), and the NFC Forum counts such high-profile companies as Sony, Nokia, LG, Motorola, Qualcomm, and RIM (BlackBerry) among their principal members. In the last week alone, we've gotten major commitments from Google, RIM, and Visa, with more surely to come. At the moment, only Google's Nexus S has an NFC chip (and that's fairly useless at the moment), but future Android, BlackBerry, and probably iOS devices will boast NFC abilities: rumors of an NFC-capable iPhone 5 have recently begun to surface.
According to a very recent leak, BlackBerry is partnering with Bank of America to offer NFC retrofitting as soon as this spring, and their solution is pretty clever: Instead of waiting for a new phone, BoA will simply provide an NFC-enabled replacement battery door for a few BlackBerry models, accompanied by a software update that will allow mobile purchases. That won't work for the iPhone and a few Android devices which lack replaceable battery doors (or, um, replaceable batteries), but an NFC-enabled phone case could accomplish the same feat.

Is This, Well, Safe?

Ah, security. NFC is inherently worrisome in that it promotes the transmission of very sensitive data through the air, like magic, and that data could theoretically be snatched. The NFC protocol itself has surprisingly few actual safeguards against data snatching--and the protections the NFC Forum does highlight are simply logical extensions of the physical nature of the protocol. For example, that 4-inch transmission zone would theoretically make it a challenge to steal data wholesale without a crafty plan. There's also the ability to simply turn NFC off when you're not using it, which could stem some piracy, if you remember to do it each time. But that's not really enough; it's like declaring a wallet generally safe just because it's difficult for a pickpocket to get close enough to snatch it undetected.
The NFC standard leaves any kind of advanced protection, like encryption or password protection, up to whoever uses it. You'll have to trust your bank to encrypt your bank info, you'll have to trust Google, Apple, or RIM to encrypt your account info, you'll have to trust your digital locksmith to encrypt your new space-age virtual house key, and so forth. It's relatively easy for any of these companies to embed encryption or a password, but they still have to do it. According to Debbie Arnold of the NFC Forum, "Applications may also provide their own security appropriate to the application," like encryption and password protection, and that "these security requirements can be tailored to the particular application."
That being said, point-of-sale security, using the ISO 14443 protocol, is already a standard, being used by the major credit card companies with RFID tech, and NFC won't change that. More advanced security like encryption, newly available for NFC, is to avoid eavesdropping, which the NFC Forum says is up to the developers. The NFC Forum's third-party solution isn't entirely satisfying--we'd much rather see an encryption standard embedded in the tech from the start.
Destruction of the signal is actually much more likely than eavesdropping, provided there's adequate software encryption being used. An RFID jammer can also ruin an NFC chip's ability to communicate, and there's no real way to counter such an attack. Of course, there's no real reason to jam a signal other than immensely irritating prankery.
I spoke to the Federal Reserve to find out about NFC's inclusion in the Truth in Lending Act, a piece of legislation that protects customers from having to pay bills of more than $50 that result from a stolen or otherwise unauthorized card. Though NFC is not specifically mentioned in the legislation (understandably so, given its newness), the Fed representative I spoke to noted that there are a few clauses to which NFC could be applied without much of a stretch. "I don't see why it wouldn't be covered under the Electronic Funds Transfer regulation," the rep told me. "It's still going to be an electronic transfer, and other wireless tech like magnetic transfers are already covered." Those "magnetic transfers" are referring to the RFID chips inside certain credit cards, already in use--and since NFC is essentially an evolved (and still magnetic) version of RFID, it seems a no-brainer that NFC would also be covered.

Will It Succeed?

NFC has tons of potential, and with backing from banks, hardware makers, and retail shops, it'll likely be widespread before long. Whether it's embraced smoothly will depend in large part on the implementation--Android's NFC functionality, from the brief glances we've seen, look kind of obtuse and complex, and NFC needs to be super simple for the public to understand and use it. But if it's done right, the days of crammed wallets and forgotten passwords may be coming to a close.

Filed under: