NFC Mobile Phones and the Future of Privacy
NFC-enabled phones will offer consumers the opportunity to enhance their privacy by empowering them with their own secure ID devices.
Sep 26, 2011—Market research suggests that over the next few years, Near Field Communication (NFC) technology will be in use all around us. For consumers, the technology will become omnipresent in our lives, and NFC-enabled mobile phones will emerge as our primary consumer ID credential. When staying at a hotel, rather than swiping a magnetic card to access your room, you'll be able to tap your mobile phone to the NFC reader on the door to your room. You'll be able to use your phone to pay for dinner or movie tickets. And you'll be able to store a subway or rail card or bus pass on the device. Instead of carrying a loyalty token from a supermarket, pharmacy or other retailer or service provider, such as Starbucks or Kinkos (now known as FedEx Office), you'll be able to just tap your mobile phone to a 13.56 MHz passive RFID NFC tag located near the register, in order to obtain a discount or collect points. For social networks, check-in would be performed simply and on the spot, using a Google Places tag, or via a Foursquare or Facebook equivalent.
It is unlikely that mobile phones will replace driver's licenses, citizen ID cards or any other government-issued credentials, as issuing agencies will certainly want to maintain control of and manage the security aspects of these IDs. Small businesses, however, will most likely enable the use of NFC mobiles to access buildings, or to sign on to company networks. Some larger businesses may follow—when employees' mobile phones are company-issued. The usage models are very compelling. NFC is simple, relatively easy to use and very cost-effective to implement. The technology works at very short distances—typically, less than an inch away—and does not require an application to be launched, or a camera to be activated. It is intuitive and easy to use. Because NFC is certain to become pervasive, we need to consider the implications for privacy.
How is our privacy impacted when so much of what we do is integrated into a single credential—our mobile phone? It may be helpful to begin with a definition of "privacy," which has different meanings to different people in different cultures—and which, of course, can be a highly politicized topic. Perhaps the most widely quoted description of privacy is the very short and elegant definition put forward in 1890 by Louis Brandeis (who later became a U.S. Supreme Court justice) and his law partner, Samuel Warren: Privacy, they maintained, is the "right to be let alone." Succinct, indeed, but is this broad definition sufficient to assess NFC technology's impact on our privacy? A simple way to ascertain this could be to explore some possible NFC transactions, and to determine if the use of NFC detracts or enhances that right.
Applications That Require Mere Possession of a Credential
When we buy our daily MARTA, Charlie or Oyster pass, in Atlanta, Boston or London, respectively, we do so for cash or credit, and we receive a badge or card that we can use, and then discard or recharge—a straightforward process. When using cash, we remain anonymous, whereas if paying with a credit card, we divulge our identity to a mass-transit operator, and also reveal our presence to the financial institution that issued the card.
The same exact scenarios are possible with an NFC-enabled phone. It is important to remember that such a device's NFC functionality is independent of cellular and GPS activation. NFC operates in the equivalent of airplane mode. Thus, if we pay using an NFC cash-card application on our mobile device, and the phone's communication function is deactivated, we remain anonymous. If we use a credit card linked to our NFC phone, we reveal our purchase to the seller and the card-issuing institution. Closed-circuit television (CCTV) cameras and other technologies widely deployed by mass-transit systems remain the same in both scenarios. NFC's ability to function regardless of cellular activation affords us the same level of anonymity and privacy that we would enjoy using cash or credit cards. Over time, features of NFC technology could further enhance privacy, enabling the purchase of a mass-transit ticket from home, downloaded to a different mobile device, or through the mobile operator, and thus reducing the number of locations tracking our activities.
The same rule applies for most loyalty or coupon-exchange applications. The mere possession of a valid credential is all that is required. In other words, there is no need to prove that my Best Buy or Walgreens token belongs to me—I have it, and all that is necessary is for me to present the customer ID number. Much like the mass-transit application, the mobile phone could be in airplane mode, but the NFC communication function would still remain active. To the extent that a user might wish to relinquish anonymity through payment with a credit card—or by maintaining an account with a retailer that includes personal details and the tracking of purchase history—the use of mobile NFC technology does not alter a transaction's level of privacy.
Login and post your comment!
Not a member?
Signup for an account now to access all of the features of RFIDJournal.com!
SEND IT YOUR WAY
RFID JOURNAL EVENTS
ASK THE EXPERTS
Simply enter a question for our experts.