NFC Forum Specifications Offer Mobile Device Security with Cryptography

The NFC Forum, the global standards-body for Near Field Communication (NFC) technology, released two specifications that offer cryptology security for NFC.

The new NFC specifications provide security for NFC-enabled mobile devices by using a cryptographic framework to enable development of secure NFC applications protecting the confidentiality and the privacy of NFC communications. The specifications can be used to improve the security of applications involving smartphones, among many other uses.

The NFC Authentication Protocol 1.0 Specification (NAP 1.0) provides a framework for using cryptography to establish a secure channel and authentication as well as the bonding between two devices using a shared, secret key for communicating personal data and messages between devices. The Logical Link Control Protocol Technical Specification 1.4 (LLCP 1.4) is the first NFC Forum technical specification to take advantage of NAP 1.0’s secured data transfer. It describes how the processes defined in NAP 1.0 are mapped on LLCP 1.4 for communication between two devices. The devices do not have to be on-line at the time authentication takes place.

The specifications help protect the privacy and confidentiality of personal data and messages shared electronically by establishing a secure communications channel. In addition, the authentication and bonding mechanisms allow for the establishment of trust and the pairing of an NFC-device, like a smartphone or wearable, to create different applications.