It seems like everyone is focused on this week’s iPhone announcement. I will not be buying one anytime soon, due to the expected price tags of the iPhone 8 and X.
But the new NFC support caught my attention. I’ve been waiting for years for iPhone support of user authentication via NFC (near-field communication). Here’s my blog on the topic from 2012. Many Android phones have this capability. The user’s credentials are accessed via the iPhone’s secure enclave (a separate hardware storage area) for authenticating over the air—within a distance of 20 cm or so. Think Apple Pay for authentication to buildings and IT systems. The secure enclave allows for high assurance authentication and high usability—a difficult combination to achieve with user authentication.
But Apple did not implement NFC authentication. Rather, the new iPhones can scan NFC tags. NFC tags are typically powerless microchips embedded in plastic or paper. The chips store a bit of text in them. The NFC reader shines electromagnetic waves at the tag, which enables the reader to access the text. In the case of the new iPhones, you will likely need a third-party application to take some action based upon the tag’s text.
For example, you can scan an NFC tag near your front door to turn off your iPhone’s WiFi before you leave home. Or scan an NFC tag in your car to turn on Bluetooth before you play your Pantera and Bee Gees jams through your car audio. Both tags would help with your iPhone’s battery life .
The hacker in me loves the iPhone’s NFC tag capability, but the identity guy will need to wait a little bit longer.