![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
thewayneNFC is similar to the payment fobs tied to your credit cards that you can wave at some gas pumps to pay for purchases. It is a more sophisticated in that it's built-in to some cell phones and requires that you enter a PIN into your phone to complete the transaction, so it has a slightly higher level of security: you must have possession of the phone, know how to start the NFC payment program, and know the PIN.
The researchers attempted man-in-the-middle attacks when transacting and when registering new credit cards through the phone, and also analyzed the memory content of the phone. They discovered no blatant security issues and were unsuccessful with their MITM attacks, but they did find some unencrypted data cached in memory that did not contain sensitive information such as complete credit card numbers.
So overall, it looks like Google did a good job with their NFC implementation, though the researchers stressed that something as important and ubiquitous as this needs a lot more study. The iPhone does not yet have NFC tech built-in, it is more likely for the iPhone 5 than it was for the 4/4S. iPhones can accept credit card payments through Intuit or the Square dongle, I have a Square and it works pretty nice. But that's receiving payments, not making them.
http://www.h-online.com/security/news/item/Forensic-specialists-analyse-Google-Wallet-1396363.html
The researchers attempted man-in-the-middle attacks when transacting and when registering new credit cards through the phone, and also analyzed the memory content of the phone. They discovered no blatant security issues and were unsuccessful with their MITM attacks, but they did find some unencrypted data cached in memory that did not contain sensitive information such as complete credit card numbers.
So overall, it looks like Google did a good job with their NFC implementation, though the researchers stressed that something as important and ubiquitous as this needs a lot more study. The iPhone does not yet have NFC tech built-in, it is more likely for the iPhone 5 than it was for the 4/4S. iPhones can accept credit card payments through Intuit or the Square dongle, I have a Square and it works pretty nice. But that's receiving payments, not making them.
http://www.h-online.com/security/news/item/Forensic-specialists-analyse-Google-Wallet-1396363.html
no subject
Date: 2011-12-22 06:55 am (UTC)