Over the past few days, we’ve been bombarded by speculation and official statements regarding near field communication-based payments. Major companies such as Samsung, Google, Apple, Amazon, Mastercard, Citibank and Visa are either involved or believed to be involved with this new payment option. The purpose of this technology is simple. Instead of using a physical credit card, people can wave their NFC-compatible phones in front of a scanner to complete transactions. This market is estimated to grow exponentially over the next few years and we’re going to have to get used to it. The big question that will undoubtedly come up deals with security. How can these manufacturers ensure that this won’t usher in a wave of identity thefts and unauthorized purchases?
With every new payment option, thieves will find a way to circumvent it. There are devices out there that can read information off a credit or debit card’s magnetic strip while it’s still in someone’s pocket. There is, or will be a way for thieves to grab NFC payment information out of thin air. I have no idea how it can be done, but then again, I’m no digital thief. I expect both hardware and software manufacturers to discuss this topic in great detail before expecting the majority of us to use this technology.
While I was pondering over the news of how Samsung and Visa will have a new phone with NFC technology built in, a thought crossed my mind. What happens if the phone is lost or stolen? The Olympic Games are going to be crowded and phones are an easy target. Think about how many apps our phones have that we set up to log us in automatically. A thief could get access to bank accounts, credit cards and all kinds of personal information this way. The Olympic phone will have an app that must be launched to make a contactless payment. An unprotected app can result in tons of unauthorized payments. How can Visa and others secure their apps? I have some ideas.
I believe NFC security could be bolstered through hardware and software. The Motorola Atrix 4G has a biometric fingerprint scanner on its rear. A hardware feature like this could be useful within a NFC payment application. It could also be set up to allow a certain number of fingerprints to access the application. A standard pin number or pattern-based lock screen could also work, but NFC payments are supposed to be quick. If I wanted to put in a pin number or sign my name, I’d use plastic.
This technology is expected to be everywhere in a few years. Not every hardware manufacturer is going to put a biometric fingerprint scanner on their phones. That’s why I think the app for making payments should have built-in fingerprint recognition as well. You’ll start the app, press your finger on the screen and voilà.
It’ll also be nice if we could remotely disable the application over the web. If there are applications to wipe a phone of contacts, messages and other personal things, we should be able to protect our money this way too.
The more security options there are, the better the public will respond to NFC-based payments.