Smartphone makers,
wireless carriers, and credit card companies have all proclaimed their love for
near field communication . NFC
has a lot of exciting potential. Soon enough, we'll be able to make payments,
unlock our houses, stop worrying about our cumbersome Wi-Fi passwords, and hop
on the subway without a transit pass, all from our phones. Here's how.
What Is NFC?
NFC is a short-range, low-power communications
protocol between two devices. One device, the initiator, uses magnetic
induction to create a radio-wave field that the target can detect and access,
allowing small amounts of data to be transferred wirelessly over a relatively
short distance (in NFC's case, the distance must be less than 4 inches). If
that sounds a lot like RFID, the tech used by, for example, wireless toll-collection
devices like EZ-Pass and FasTrak, it's probably because NFC is pretty much an
evolved form of RFID. The difference is that RFID is a one-way street: Your
EZ-Pass transmitter beams your $4.25 toll to the tollbooth's receiver, and
that's the extent of the transaction. But, crucially, NFC is two-way, allowing
your NFC-enabled gadget to both send and receive information.
Compared to other wireless protocols like Wi-Fi or
Bluetooth, NFC is exceedingly slow, with a maximum data transfer speed of 0.424
Mbps, less than a quarter that of Bluetooth. But NFC has several key advantages
over Bluetooth: It consumes a mere 15 mA of power (practically nothing for
today's jumbo smartphone batteries), it has the possibility for greater
security (more on that in a bit), and it forgoes the involved
"pairing" process of Bluetooth entirely. Bluetooth needs to be
configured; NFC is completely effort-free, requiring nothing more than a tap.
What Can You Do With NFC?
The three main concepts that the NFC Forum, the
main association of companies promoting NFC, is pushing are "sharing,
pairing, and transaction."
Transaction is the most obvious of the three, and
the one we'll probably start seeing first. A smartphone with an NFC chip could
very easily be configured to work as a credit or debit card. Just tap your
phone against an NFC-enabled payment terminal, and bam, money spent,
consumerism upheld, everyone's happy. But that's really only the start of what
NFC can do in terms of transaction.
The other contents in your wallet aren't safe from
NFC takeover, either, which is sure to enrage the formerly bulletproof wallet
industry. NFC could work well for public transit passes, library cards, hotel
room keycards, and office building passcards. Even government-issued IDs like driver's
licenses and passports can be replaced or augmented with NFC, though the
security concerns there could push such applications further into the future.
But the point is, it's all possible, and relatively easy. Even keys could
someday become a relic of the past, replaced by the tap of a phone to a lock.
"Sharing" is a little bit trickier, due
to the limitations of the tech. Mostly, it'll be used much like QR codes--(the
square barcode-like tags scannable by your cellphone camera--are used now, just
without the need to open an app and take a picture. An active NFC-enabled
device like a smartphone can interact either with another active NFC device or
with a passive tag. That tag is basically just a little chip that's embedded
with some kind of data to transfer--maybe it's in a printed ad, and provides a
URL for more information. Those passive tags don't require power, either,
instead relying on the RF field created by your phone, so you can just tap your
phone to the tag and have a little bit of data--often a URL--beamed to your
phone.
Debbie Arnold of the NFC Forum says "the
concept of tag-reading is really exciting to me," as those passive,
unpowered tags are very cheap and could be embedded in all kinds of places. Tap
your phone against a tag on an appliance to get its warranty info, or on a pack
of cigarettes to get some horrifying government-sponsored images of smokers'
lungs. You know, for fun.
With its sub-0.5-Mbps speeds, you won't be beaming
high-def video with your smartphone, so sharing of files will be limited to
smaller items like photos, documents, and URLs (which, in our cloud-connected
environment, is often all you need). But say you do want to send a fairly large
file like a video. NFC can come in handy there too--as a bridge to a more intensive
wireless protocol.
Which is where the "pairing" concept
comes into play. Tap your phone to another phone to instantly configure a
Bluetooth or Wi-Fi connection, without the need for passwords. Or tap your
phone against your new router, and never again have to worry about that tiny
scrap of paper with your deliberately complex Wi-Fi password that you could've sworn your roommate taped to the freezer. Or tap one
phone to another to instantly exchange contact information, even when there's
no available 3G connection.
Google Nexus S
Google
Google's Nexus S, made by Samsung, is the first
NFC-compatible smartphone in the U.S.
Why Are Gadget-Makers, Bankers, Merchants, and Wireless Carriers So
Gung-Ho About It?
NFC has some pretty amazing possibilities, but the
reason every company from Google to Visa to McDonald's to T-Mobile is singing
its praises has nothing to do with your ability to remember your router's
password. In their eyes, NFC is always bracketed by dollar signs, with thoughts
of direct advertising and real-time customer data causing their brains' mouths
to mind-water (it's a serious condition). Pay for a purchase with your
NFC-enabled phone, get a coupon. Tap your phone to an NFC-enabled movie poster,
get a special offer for a 1PM Tuesday showing of Gnomeo and Juliet: The Squeakquel (this will be in the
near future, obviously). Use NFC's mobile payment capabilities, and you're
likely to get coupons, promos, samples, or other various digital perks beamed
back to you in response.
But that doesn't explain why the business types are
quivering in their business suits about NFC. The answer: It's all about
advertising.
When Google's soon-to-be-ex-CEO Eric Schmidt
recently took the stage at Mobile World Congress, he was barely able to contain his excitement. Google, let
us recall, is in the business of ads and customer data. When you make an NFC
purchase, your phone isn't just transmitting your bank numbers for payment. It
can also transmit your buying habits and demographic information. That sounds
terrifying, but for the most part that kind of information is already out there
and being used every time you buy an app, or anything from Amazon, or search
for a product on Google. NFC just has the potential to make that data available
instantly and in real time, which is exceedingly valuable to marketers and
retailers and other people who care that you prefer Five Guys to Shake Shack.
And instead of coupons, you might get beamed advertising instead--intensely
targeted ads tailored to your latest purchase.
Of course, it's unlikely that your personal data
would be given to merchants without your knowledge -- at least by Google, which
has a history of providing opt-out options for advertising like that. But if
would certainly be possible.
Why Now?
At MWC, Schmidt said that "NFC has been around
for a long time, but everything has just started to come together," which
is mostly true. Magnetic induction for data transfer has been around for quite
a few years, and mobile payments via magnetic induction have even become the de
facto standard in Japan. The Mobile FeliCa (Felicity Card) has been in wide use
in Japan, packaged into handsets from DoCoMo and Sony, but according to Debbie
Arnold, spokesperson from the NFC Forum, systems like Mobile FeliCa "were
more of a precursor to NFC." Mobile FeliCa is a one-way transfer card, a
simpler form of RFID, that requires no power. "Nobody wanted to put up a
product until NFC was ready," says Arnold, and it appears that it's ready
now.
In late 2010, the NFC Forum finalized its first
wave of technical specifications, as well as announcing its certification
process for devices. Debbie Arnold notes that the program "gives
manufacturers a means of confirming that their devices comply with NFC Forum
specifications, and helps to ensure interoperability." It was only last
year that tests and pilots were undertaken, which in turn led the banks, mobile
carriers, and hardware manufacturers to jump on board and start really putting
the web of NFC together.
What About Infrastructure?
It's generally assumed that the introduction of NFC
into smartphones will require a massive infrastructure overhaul, but that may
not be the case. NFC, as an evolved form of RFID, is actually compatible with
existing RFID terminals, which are distributed by companies like Visa and
MasterCard and are present in businesses from the international (McDonald's) to
the local (my childhood sandwich purveyor, Wawa). For your bog-standard
wireless payment, no fancy new hardware will be necessary.
NFC's N-Mark
Of course, those businesses that want to take
advantage of NFC's more ad-friendly two-way abilities will need to install new NFC-powered
point-of-sale devices. If McDonald's wants to know how many chicken nuggets you
typically eat at a meal, they'll have to install a two-way NFC terminal. But
the companies that really want that kind of data are typically not your
mom-and-pop corner store, and are more likely to pony up for an NFC upgrade.
The mom-and-pop store can still step up to a cheaper RFID reader, which works
in the same system. You'll be able to find NFC-enabled devices by looking for
the "N-Mark," pictured left, which alerts you that NFC-ing can be
commenced.
In terms of phone hardware, you can expect to see
NFC in the next generation of smartphones--basically, the ones after the ones
that are about to hit the market. Google built some pretty elaborate NFC
capabilities into the latest release of Android (version 2.3 Gingerbread), and
the NFC Forum counts such high-profile companies as Sony, Nokia, LG, Motorola,
Qualcomm, and RIM (BlackBerry) among their principal members. In the last week
alone, we've gotten major commitments from Google, RIM, and Visa, with more surely to
come. At the moment, only Google's Nexus S has an NFC chip (and that's fairly
useless at the moment), but future Android, BlackBerry, and probably iOS
devices will boast NFC abilities: rumors of an NFC-capable iPhone 5 have recently
begun to surface.
According to a very recent leak, BlackBerry is
partnering with Bank of America to offer NFC retrofitting as soon as this
spring, and their solution is pretty clever: Instead of waiting for a new
phone, BoA will simply provide an NFC-enabled replacement battery door for a
few BlackBerry models, accompanied by a software update that will allow mobile
purchases. That won't work for the iPhone and a few Android devices which lack
replaceable battery doors (or, um, replaceable batteries), but an NFC-enabled
phone case could accomplish the same feat.
Is This, Well, Safe?
Ah, security. NFC is inherently worrisome in that
it promotes the transmission of very sensitive data through the air, like
magic, and that data could theoretically be snatched. The NFC protocol itself
has surprisingly few actual safeguards against data snatching--and the
protections the NFC Forum does highlight are simply logical extensions of the
physical nature of the protocol. For example, that 4-inch transmission zone would
theoretically make it a challenge to steal data wholesale without a crafty
plan. There's also the ability to simply turn NFC off when you're not using it,
which could stem some piracy, if you remember to do it each time. But that's
not really enough; it's like declaring a wallet generally safe just because
it's difficult for a pickpocket to get close enough to snatch it undetected.
The NFC standard leaves any kind of advanced
protection, like encryption or password protection, up to whoever uses it.
You'll have to trust your bank to encrypt your bank info, you'll have to trust
Google, Apple, or RIM to encrypt your account info, you'll have to trust your
digital locksmith to encrypt your new space-age virtual house key, and so
forth. It's relatively easy for any of these companies to embed encryption or a
password, but they still have to do it. According to Debbie Arnold of the NFC
Forum, "Applications may also provide their own security appropriate to
the application," like encryption and password protection, and that
"these security requirements can be tailored to the particular
application."
That being said, point-of-sale security, using the ISO 14443 protocol, is already a standard, being
used by the major credit card companies with RFID tech, and NFC won't change
that. More advanced security like encryption, newly available for NFC, is to
avoid eavesdropping, which the NFC Forum says is up to the developers. The NFC
Forum's third-party solution isn't entirely satisfying--we'd much rather see an
encryption standard embedded in the tech from the start.
Destruction of the signal is actually much more
likely than eavesdropping, provided there's adequate software encryption being
used. An RFID jammer can also ruin an NFC chip's ability to communicate, and
there's no real way to counter such an attack. Of course, there's no real
reason to jam a signal other than immensely irritating prankery.
I spoke to the Federal Reserve to find out about NFC's
inclusion in the Truth in Lending Act, a piece of legislation that protects
customers from having to pay bills of more than $50 that result from a stolen
or otherwise unauthorized card. Though NFC is not specifically mentioned in the
legislation (understandably so, given its newness), the Fed representative I
spoke to noted that there are a few clauses to which NFC could be applied
without much of a stretch. "I don't see why it wouldn't be covered under
the Electronic Funds Transfer regulation," the rep told me. "It's
still going to be an electronic transfer, and other wireless tech like magnetic
transfers are already covered." Those "magnetic transfers" are
referring to the RFID chips inside certain credit cards, already in use--and
since NFC is essentially an evolved (and still magnetic) version of RFID, it
seems a no-brainer that NFC would also be covered.
Will It Succeed?
NFC has tons of potential, and with backing from
banks, hardware makers, and retail shops, it'll likely be widespread before
long. Whether it's embraced smoothly will depend in large part on the
implementation--Android's NFC functionality, from the brief glances we've seen,
look kind of obtuse and complex, and NFC needs to be super simple for the
public to understand and use it. But if it's done right, the days of crammed
wallets and forgotten passwords may be coming to a close.