Hackers Can Bank on NFC

Source: The Sydney Morning Herald, 8th August 2012

Charlie Miller, principal research consultant at US security firm Accuvant recently demonstrated how he could hijack a person’s smartphone by using the device’s embedded near-field communications (NFC) chip. He used an NFC tag to instruct the Google Beam app to open a webpage that contained a specially crafted attack or ”exploit” for a weakness in Android’s browser. It gave him ”root access” to the device, meaning he could take control of it, steal  files, or make phone calls and send SMS.

He did not undermine the security of NFC itself or compromise an NFC transaction, but illustrated his attack can shadow the victim and expose more than card data.