The NFC Security Quiz

Get white paper

6 key questions answered regarding today’s security framework for delivering sensitive NFC mobile services

The paper explains how the security framework for delivering near field communication (NFC) services needs to evolve to meet the business and technical needs of all NFC stakeholders. The document focuses on the work of industry body, GlobalPlatform, to clarify and simplify the security certification process; balancing security, functionality and cost.
Stakeholders must understand liabilities, undertake a risk assessment, seek clarity on areas of responsibility and investigate ways to optimise security; creating a ‘security chain’, which FIME believes every actor engaged in NFC must support.

Table of contents

  1. What are the threats to sensitive NFC services?
  2. What security does a mobile device offer?
  3. Who ensures the security of NFC services?
  4. What are the relevant security requirements?
  5. Can NFC security evaluations be simplified?
  6. What is the future of NFC security evaluations?

The authors

Christian DAMOUR

Security Business Line Manager at FIME

Christian joined FIME in 2011 to develop and manage FIME’s security offer, having spent 12 years as a certification leader within a licensed security evaluation lab (ITSEF). On behalf of FIME, he contributes to GlobalPlatform’s Card Security and TEE Security Working Groups.

Stéphanie EL RHOMRI

NFC & Payments Vendor Business Line Manager at FIME

Stéphanie is Chair of the GlobalPlatform TEE Work Group. In addition to GlobalPlatform, Stéphanie contributes to the NFC Forum and is engaged in EMVCo and GSMA activities.