I remember watching some tech show that presented the potential negatives of NFC wallets as easy targets for e-thiefs. They’ll simply pass you and upon NFC contact, you’ll get charged.
Ars Technica highlights this issue on Android and Nokia handsets with NFC based on 6 months of research by Charlie Miller. Regarding Nokia NFC, they look at the Nokia N9.
“Code on the attacker-controlled chip or handset is beamed to the target phone over the air, then opens malicious files or webpages that exploit known vulnerabilities in a document reader or browser, or in some cases in the operating system itself.”
NFC on the N9 is not on by default. It makes sense now I think about security issues (though not in terms of usability issues).
NFC on the N9 isn’t turned on by default, but once it’s enabled, it too will accept malicious content and requests with no prompting. Among the easiest and most damaging attacks are those that use NFC to establish a Bluetooth connection with another device. Once NFC is turned on, an N9 will automatically accept all connection requests with no prompting
… in range, he can force it to make phone calls, send text messages, or upload and download proprietary files, including contact lists
Nokia officials apparently responded, acknowledging these issues:
Nokia takes product security issues seriously. Nokia is aware of the NFC-research done by Charlie Miller and are actively investigating the claims concerning Nokia N9. Although it is unlikely that such attacks would occur on a broad scale given the unique circumstances, Nokia is currently investigating the claims using our normal processes and comprehensive testing. Nokia is not aware of any malicious incidents on the Nokia N9 due to the alleged vulnerabilities
Cheers Gäst for the tip!