MITM attacks

It depends.

If you use the passkey to identify the device the attacker can pretend to be a trusted device, while it is not.

If not, the attacker can only decrypt an encrypted link if he has the passkey and sniffs the pairing process, only then will he get the keys used to actually encrypt the link.

Based on work by Mike Ryan (See: https://lacklustre.net/bluetooth/Ryan_Bluetooth_Low_Energy_USENIX_WOOT.pdf) it looks like even Passkey is pretty weak if the initial key exchange is monitored.

Bill, thank you for the article. Can NFC in nRF52 be used as OOB then?

That seems to be the intention, but it's not something I know much about yet. Since NFC has a very small range, it seems like it would limit key interception partly by limiting range of transmission. So, my questions are: 1) Is sniffing of NFC possible (even if not usually practical) to retrieve the OOB key? and 2) Which devices (Android, iOS, Windows Phone, etc.) currently support NFC for OOB? (I think the demos I've seen used Android devices)

1. Yes 2) Not sure, my phone has NFC but we aren't prepared to require it for pairing our peripherals yet.

QR code OOB is an alternative if you are developing with smartphones in mind and have display capabilities. I believe it is fairly common but most users I know have NFC turned off.