RE: NFC Security on the NRF52

endnode — Mon, 30 Jan 2017 23:37:02 GMT

Hi Sam,

There exist numerous applicative protocols on top of ISO14443 stack (which you call "NFC"), there are many ways starting from the things defined in ISO7816-4 up to specific technologies such as EMV (payment) protocols or NXP's DESFire used in transport and physical access applications. In general any of these CAN be implemented on top of NFC front-end in nRF52 chips, it's just matter of doing it. I'll let Nordic to answer why there is nothing like that available but my view is following is:

It would need to be "interoperable" with reader application you want to use on the other side. But you want to use typically it with Android phone (or Windows PC) which has nothing like that by default (at least as far as I know Android supports just basic NFC Forum NDEF Tag formats, not speaking about crippled native Smart Card service in Windows).
It's already "secured" by extremely short range communication when compared to things like BLE or other sub-GHz/2.4GHz/5GHz technologies. So they usually don't bother because by using NFC as second factor you've already improved the situation by several orders of magnitude.

However I do agree that NFC security is desirable and that I suggest to implement it as custom in your app (until Nordic or someone else release suitable solution as library or open source - but I'm very skeptical;).

Cheers Jan