Remember the first time your cell phone number was required to make an online account?
If you’re like me, you probably felt some initial reluctance.
“I don’t want them to have my cell phone number. Why do they need it?”
Now, most of us type in our number without a second thought — or let autofill do it for us.
Of course, we all try to stay diligent and protect our data and personal information. But as the Equifax breach taught us, it’s really out of our control sometimes.
This is especially true for technology like NFC, or near field communication — the method of wireless data transfer that’s used for services like Apple Pay and Amazon Key.
In Apple Pay, the NFC chip in your phone comes into close proximity with the scanner at a cash register, it activates, and transfers your credit card information. For Amazon Key, an NFC chip is what allows delivery employees to open digital smart locks on doors.
NFC has gone mainstream, and it isn’t just about paying for groceries with your phone or delivering packages.
Some people are shocked by the idea of a delivery person going into their home. Personally, I’m less worried about someone entering my home than I am about all the data we willingly give up.
As we use NFC more in our daily lives, some of its use cases are raising concerns about security — both in terms of data and physical well-being.
The problem is, the data stored on standard NFC chips using an UID identifier can easily be cloned or copied. A host of new issues arise when NFC is used to gain access to someone’s home, as Amazon showed with their Key service.
This technology can easily let people commit identity theft or fraud by replicating an identity to gain access through smart locks.
For now, it’s only Amazon’s delivery team coming through the door.
But if they want to get maximum benefits and spread the service countrywide — right now it’s only available in 37 cities — Amazon has to expand their access to the postal service, UPS, and FedEx.
As more people install smart locks in their homes, everyone from maintenance and cleaning services to delivery personnel will need access to the system.
It makes sense to have a common backend for this data, rather than entrusting it to one entity.
What happens if all your access control records were compromised by hackers? They’d have information about when you’re typically out of the house or when you’re most vulnerable for a break in.
It’s not easy to duplicate or replicate an identity on blockchain.
Identities for cleaners or delivery people will be definitively tied to the record. And once someone swipes or scans an access control to enter your home, that record is immutable.
On a blockchain-based access control system, people can view the records and know if anything is out of the ordinary.
When NFC PKI (Public Key Infrastructure) is combined with the blockchain, it creates the secure link between the real world and blockchain. Personal information is absolutely more secure when it’s stored in this distributed system.
I gave a talk on this subject not too long ago, and someone asked me, “Do you think we’ll have doors and locks in the future?”
The question may seem a little extreme, but it represents an interesting perspective. Will there be a time when we’ll be completely desensitized to giving others access to our homes, to the point where our concept of security actually changes?
Public transit systems are already using NFC for payments.
Amazon just opened their first store without cashiers, allowing people to walk out with their groceries while paying through an app. Kitchen appliances now come equipped with sensors that communicate with other objects and gather personal data about our habits.
The more we increase our exposure to these devices, the more vulnerabilities we expose.
It’s up to us to decide how much access and security we want in our society, and what we’re willing to surrender for the sake of convenience.
Thanks for reading!
Want to learn more? Get in touch with Samantha here.