Lightweight Security Middleware to Detect Malicious Content in NFC Tags or Smart Posters

NFC, similar to RFID, is a contactless identification technology that has gained widespread adoption in application domains such as contactless transactions, micropayments, identity management and mobile health IDs etc. However, the NFC standard itself does not provide built-in security features. This means that each and every developer would need to implement security features in his NFC application on his own. This in turn results in users being as secure from NFC-based security vulnerabilities as the developer chooses to implement. Clearly, this environment is a major impediment in the widespread adoption and deployment of NFC applications. In this paper, we propose the concept of a light weight security middleware that could implement the different security safeguards needed by a wide array of applications. The applications in turn can then implement the security features relevant to their scenarios. Furthermore, we implemented security safeguards to deal with malicious tag content in NFC applications. Our evaluations showed that the security middleware is both lightweight and has low functional latency.