If your cashless solution truly supports and underwrites offline transactions it must be storing wallet balance data on the NFC tag itself – and doing so has various implications that inform which NFC chip technology is needed for your closed loop cashless solution. When storing balance information on the NFC chip (required for safe offline transactions) the terminal must write to this memory when a purchase or top up is made.
Writing to NFC chips always has security implications and capabilities of NFC chips is by no means standardized and range from trivial or no security to fully bank grade EAL4+ certified. In part two of this series, we’ll explore the security implications of commonly used NFC chips for closed loop cashless applications and how there are certain immutable truths relating which cashless features can be safely supported, and those that cannot and are sometimes insecurity implemented or implemented using naive software incapable of underwriting transactions without frequent and strong connectivity to a central server.
NFC Chips are Not All Made Equally , especially for Security
We’ve all seen how even the largest and most capable tech firms can sometimes not hold the security of their users as the highest priority. Add to this the inclination to cut costs at the expense of security and you could be surprised to learn that your cashless solution may not be as secure as you hoped. This article will cover an essential security feature to ask for when using an NFC chip in a closed loop cashless system that supports offline transactions: Password vs. Authentication security.
No Security vs. Password vs. Authentication
Authentication differs from passwords in that when mutual authentication is performed, the actual secret encryption key is never transmitted over the wireless communication channel, and thus it’s impossible to attack it with a simple eavesdropping attack.
Many NFC chips feature no security whatsoever, simply because they were not designed for it. These chips (or tags) were designed to hold static information such as a URL of an inventory identifier. They can be permanently locked to prevent anyone from overwriting the data, but that’s it. Using these NFC chips such as basic Ultralight for a closed loop cashless solution is only appropriate for a short term event and usage where Internet access is strong and with no downtime.
Next comes the NTAG 21x model chip and others like it such as the ST25TA and even ICODE SLIX2. The manufacturer explicitly cautions against using these for any financial application, even a limited use, low value one. This is because they only feature a basic password that is transmitted openly when used to unlock memory access. This means that a very simple eavesdropping attack will allow someone to falsely doctor the balance in their wallet. If your cashless solution provider uses these chips in the wristbands/cards/fobs then the system must be predicated on online transactions only – those that require a strong Internet connection to function correctly since terminals must “phone home” to ensure the guest has sufficient balance for each purchase. In this case the NFC chip serves only as an account identifier to be looked up online where a chip designed for static information is adequate. The password simply can’t provide any protection and an NTAG could, just like an Ultralight, serve as no more than a basic account identifier.
The last of the basic NFC chips is the Ultralight C. The Ultralight C is the least expensive product on the market that has authentication based security which guards against the most trivial and basic eavesdropping attack. Any NFC chip used for cashless applications that safely support offline transactions must have at a bare minimum authentication based access control to memory That said, the Ultralight C is essentially an NTAG with a basic DES-based authentication replacing the simple four-byte password. DES is now a deprecated encryption algorithm no longer in active use now that AES based encryption has become standard. Add to this that the Ultralight C is also susceptible to corruption through memory tearing, and it makes it adequate only for low value, limited use vending such as one day events where the event is essentially over before any meaningful attack could be mounted such as those described in part three of this series.
See below for a comparison matrix of commonly used NFC chips in closed loop cashless systems.