GURU POST: The future of ID credentials and the role of privacy in an NFC world

By Ayman S. Ashour. Chief Executive Officer,Chairman of the Board, Identive Group

privacy_NFC

Market research suggests that in the next few years, Near Field Technology, or NFC, will be all around us. As consumers, NFC will become omnipresent in our lives and NFC-enabled mobile phones will likely become our primary consumer ID credential. When staying at a hotel, rather than swiping a magnetic card to access your room, you’ll tap your mobile phone to the NFC reader on the door. You’ll be able to use your mobile phone to pay for dinner or tickets to a movie. You’ll be able to store a metro card or bus pass on your phone. Instead of carrying a supermarket, drug store or other loyalty token, such as a Metro or M&S card, you’ll just tap your mobile phone to a tag near the register to get a discount or collect points.

It is unlikely that a mobile phone will replace our driver’s license, citizen ID card or any other government-issued credential, as issuing agencies will want to maintain control of and manage the security aspects of these credentials. However, small businesses will most likely allow and enable the use of NFC mobiles to access buildings or to sign on to company networks. Some larger businesses may follow – especially when employees’ mobile phones are company issued. The usage models are very compelling. NFC technology is simple, it is relatively easy and very cost effective to implement. NFC works at very short distances, normally less than few centimeters and does not need an app to be launched or a camera to be turned on. It is compatible with most existing contactless smart card or radio frequency identification (RFID) technologies. It is intuitive and easy to use – it just works! Because of its attributes, low friction, simplicity and compatibility, NFC is certain to become pervasive, so we need to look at the implications for this wide spread use on the privacy of the users; the consumers, me, you, us!

What will wide adoption of NFC mean to our privacy?

How is our privacy impacted when so much of what we do is integrated into one credential: our mobile? It may be helpful to start out with a definition for ‘privacy’, which means different things to different people in different cultures and, of course, can be a highly politicized topic. Perhaps the most widely quoted definition for privacy is the very short and elegant definition put forward in 1890 by US Supreme Court judges Brandeis and Warren; privacy is the ‘right to be let alone’. Succinct indeed but is this broad definition sufficient to assess the impact of NFC technology on our privacy? A simple way to assess this could be to explore some possible NFC transactions and see if the use of NFC detracts or enhances our ‘right to be let alone’.

Applications that require mere possession of a credential

When we buy our daily Octopus, Charlie or Oyster pass in Hong Kong, Boston or london, we do so for cash or credit and we get a badge or card that we use then discard or recharge; a straight- forward process. When we use cash we remain anonymous, if we pay with a credit card we divulge our identity to the mass transit operator and we also divulge our presence to the financial institution that issued the credit card. The same exact scenarios are possible with an NFC-enabled phone. It is important to remember that the NFC functionality of a phone is independent of cellular and GPS activation. NFC can operate in the equivalent of airplane mode.

“The ability of NFC to function regardless of cellular activation allows us the same level of anonymity and privacy that we would enjoy with cash or credit cards”

Thus, if we pay using an NFC cash card application on our mobile and the phone’s communication function is deactivated, we remain anonymous. If we use a credit card linked to our NFC

phone, we reveal our purchase to the seller and the card-issuing institution. CCTV cameras and other technologies widely deployed by mass transit systems remain the same in both cases. The ability of NFC to function regardless of cellular activation allows us the same level of anonymity and privacy that we would enjoy with cash or credit cards. Over time, features of NFC technology could further enhance privacy and allow for the purchase of a mass transit ticket from home downloaded to a different mobile or through the mobile operator, thus reducing the number of locations ‘keeping track’ of our activity.

“NFC can offer a solution that matches current practice exactly with fewer plastic badges”

The same rule applies for most loyalty or coupon exchange applications. The mere possession of a valid credential is all that is required. In other words, there is no requirement to prove that my Best Buy or Starbucks token belongs to me, I have it and all that is needed it to present the customer ID number. Much like the application with mass transit, the mobile could be in airplane mode and the NFC communication function is still active. To the extent a user wishes to relinquish anonymity through payment with a credit card or by keeping an account with a retailer that includes personal details and tracking of purchase history, the use of mobile NFC does not alter the level of privacy for the transaction.

Applications that require the same person’s use

In certain applications we, as consumers, are required to prove that the credential we possess does indeed belong to us. This also applies to the use of an NFC mobile phone as a credential. The current pre-NFC practice often entails the collection of additional information above and beyond what is really needed for a transaction, and there is no change with using NFC. A good example here would be a season pass for a ski resort or amusement park. Arguably the service provider or retailer does not need to know my true identity to allow me on a roller coaster or ski slope, he only needs to know that the pass is being used by just one person. Retailers use different techniques for verification, normally a picture ID, sometimes asking for a university or government-issued ID card to validate the name. While most consumers and retailers do indeed treat such passes as personalized credentials, there is no real justification for this. This is an area where NFC use might require an additional badge with picture or a secure app for the retailer with a picture that pops up on presentation to allow for verification. Both the retailer’s revenues and the consumer’s privacy are at stake. The challenges posed by these kinds of transactions do not change with NFC. However NFC can offer a solution that matches current practice exactly with fewer plastic badges. The level of privacy or desire for anonymity may appear extreme in certain cultures but it is part of the ‘right to be let alone’. Why shouldn’t I be entitled to get a discounted annual pass for EuroDisney or St. Moritz slopes and yet retain my privacy?

Applications that require a specific person’s use

The applications that require verification of a specific person’s identity tend, in general, to be higher security applications, such as those allowing access to an office, network, bank account or to the making of a cashless payment beyond what is commonly referred to as a micropayment. Depending on the level of security and the desired speed for processing the transaction, different design options are available. For making payments or gaining access to a network or a building, an NFC-enabled mobile acts exactly as a smart card credential. So the mobile could be used alone, or with a PIN, entered either on the mobile itself or via an external PIN-pad. For some applications verification could require a mobile together with biometric identification, again with the biometric sensor built into the mobile itself or available externally. For access to high-security networks or bank accounts, the mobile could be used as the logon credential together with a separate, secondary credential from the bank such as a token for One Time Password (OTP) generation, as required in many European countries. In all of these higher security applications, we as consumers, or in some cases employees, have willingly surrendered our anonymity. The answer to the question of whether the use of NFC detracts from or enhances privacy is clearly that the effect is neutral.

“NFC can potentially help us be selective about what it is we want to reveal, when and to whom, it can empower us as individuals to control our own privacy”

Can NFC enhance our privacy?

Location-based social networks and loyalty

At present many smartphone users take advantage of GPS location services to ‘check-in’ to restaurants or clubs in order to share their status with friends or just to receive a loyalty discount from a retailer. NFC technology will enable achievement of the same goals offering users the choice of selective disclosure without the need for a GPS broadcast. So a user can receive a loyalty discount from a coffee shop without broadcasting to others her presence at a particular location, or indeed can choose to update her status without broadcasting her GPS location. The ‘near field’ aspects of NFC allow users to make a deliberate decision to check in at a particular tag and thus offer clear privacy advantages.

Identity theft and passwords

Any time we can protect ourselves from identity theft, we enhance our privacy, and we enhance our ability ‘to be let alone’ and to minimize intrusion into our accounts or our social networks. Governments and corporations issue their employees with smart cards that

can be used as a secure credential or secure ID; the NFC-enabled mobile will be our very own smart card, a secure credential that belongs to us. It also liberates us from the many passwords we currently need with their increasing complexity, vulnerability and requirement for renewal. As a tool that potentially can enhance our security against identity theft, and thus our privacy, NFC is a positive development.

NFC, privacy and the future

The Haifa Center of Law & Technology under the title ‘Privacy in the Digital Environment’ proposed a new definition for the right to privacy: “The right to privacy is our right to keep a domain around us, which includes all those things that are part of us, such as our body, home, thoughts, feelings, secrets and identity. The right to privacy gives us the ability to choose which parts in this domain can be accessed by others, and to control the extent, manner and timing of the use of those parts we choose to disclose.” It is obvious how NFC can potentially help us be selective about what it is we want to reveal, when and to whom, it can empower us as individuals to control our own privacy.

“The mass introduction of NFC-enabled mobile phones in the coming years will offer an opportunity to enhance our privacy as consumers by empowering consumers with their own secure ID devices”

Much work remains to be done to ensure privacy whenever databases are used to keep track of purchases, subscriptions, privileges, membership, loyalty points, etc. Databases need to be purged of superfluous details unnecessary for delivering what the consumer specifically is seeking. This is an issue that requires government legislation, as the fascination with data mining and buying patterns as tools of commerce expands.

A number of European countries have implemented laws that promote privacy and enhance protection for databases. In the U.S., smart card industry associations have put forward positive ideas, but ultimately privacy must be thoughtfully integrated into the design of a system and not offered as an optional extra or as a service. The mass introduction of NFC-enabled mobile phones in the coming years will offer an opportunity to enhance our privacy as consumers by empowering consumers with their own secure ID devices. Mobile phone manufacturers, carriers and governments will need to ensure that the privacy-enhancing features of NFC are not compromised for commercial advantage and the crucial issue of enhancing the architecture and security of databases as well as curtailing excessive storage of personal information is addressed; these are urgent issues.

Related Articles in the IDENTIVE GURU POST collection;

GURU POST: How Near Field Communications will changes our lives

Tags: , , , , , , ,

Categories: Contactless Technology, Near Field Communications, Security

CONNECT with Contactless Intelligence

Connect with us here

One Comment on “GURU POST: The future of ID credentials and the role of privacy in an NFC world”

  1. February 10, 2013 at 3:08 am #

    Precisely how long did it take you to create “GURU POST: The future of ID credentials and the role of privacy in an NFC world | Contactless Intelligence”?
    It carries a bunch of fine information. With thanks -Bridget

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: