Everybody has been talking about NFC for years now. There is something intriguing about this wireless communication technology, that has never really taken-off in Silicon Valley despite its obvious potentialities.


NFC or Near field communication is a wireless communication technology (using a short-range high frequency) which enables the exchange of small amounts of data between devices such as a bank card or mobile phone over a distance of about 10 centimeters (3.9 in). Using this technology, a smartphone can be linked with users’ credit cards. The users could complete transactions by tapping a physical point, such as a payment terminal. Amongst other things, NFC technology could be used for mobile payment, transportation or ticketing.

Lately, NFC technology has also been the focus of many Silicon Valley titans. Google, Apple or Nokia has already publicized their interest in NFC. Google ex CEO Eric Schmidt demonstrated how the technology could work at the Web. 2.0 Summit in November 2010.  Gingerbread – the new Android OS – has a standard API for interaction with NFC chips. Apple could integrate NFC technology into its next iPhone, to turn it in to an e-wallet. Undoubtedly, those applications look promising. But will it be enough for NFC to become a mainstream technology?

New issues and threats have been identified linked to NFC that can act upon any part of the high number of Mobile Payment stakeholders - retailers, consumers, mobile operators or banks. This proclivity for system weakness could compromise the commercial development of the mobile payment. What’s more, there is a lack of a defined standard or standardized solution for new types of threats possible with contactless payment (Unauthorized card read, relay attack, etc.).

One of the main security concerns is vulnerability. Without going into details, when you pay by credit card, you share some information such as the number and CVV (card verification value code), the short number on the back of the card. More or less the same information is transmitted when using NFC for payments except that this CVV can be changed for each transaction based on cryptographic algorithms. Potentially, this type of practice would increase security, but it will depend on various elements, such as PIN or secure element association (as a SIM card).

In this sense, the main barrier to the integration of NFC technology within mobile phones is more a business model question embracing the views of mobile operators, banks and other players in the mobile value chain than it is a technical, user acceptance or security issue. A strategic announcement from mobile operators, banks or mobile devices manufacturers would be a game-changer for NFC prospects.

By Thibaut Loilier