IEEE Wireless Communications • December 2014 153 1536-1284/14/$25.00 © 2014 IEEE Kui Ren is with the State University of New York at Buffalo. Qian Wang is with Wuhan University. Di Ma is with the University of Michigan, Dearborn. Xiaohua Jia is with City University of Hong Kong. A CCEPTED FROM O PEN C ALL INTRODUCTION Near-Field Communication (NFC) is an emerg- ing wireless technology designed for low-power communication between devices within close proximity (e.g. a few centimeters) [1]. The close communication range, as a result of fast decay- ing magnetic induction between the antennas of NFC transmitter and receiver, is a distinctive trait of NFC and brings several key advantages. First, due to the physical collocation of the transmitter/receiver, NFC does not require cum- bersome network configuration and can be used as out-of-band channels for secure device pairing without resorting to a Public Key Infrastructure (PKI) or trusted third parties. Second, it offers a natural, physical protection against various attacks, particularly malicious eavesdropping. Due to these silent features, NFC is expected to revolutionize a range of mobile applications, from contactless payment and ticketing access control, to peripheral pairing for smart devices. It is estimated that the NFC market will grow to 34 billion by 2016. However, the widespread use of NFC is hin- dered by the fact that only a limited number of smartphone/tablet platforms have built-in NFC chipsets. Moreover, in order to support NFC on the existing industrial infrastructure like POS terminals, it typically requires costly hardware and software upgrades, due to the need for addi- tional NFC chipsets and radio stack. As of 2012, it is estimated that only three to five percent of smartphones worldwide and 12 percent of smart- phones in the U.S. have NFC support. For instance, the popular iPhone has no NFC sup- port. Moreover, while NFC does not incorporate any security at the physical or MAC layers by assuming that the extremely short range of com- munication in itself has offered a degree of phys- ical protection, several recent findings have brought the security of NFC into question. Account details of Google Wallet could easily be hacked into and changed. In [2] the eavesdrop- ping distance of NFC is empirically measured to be 30 cm using an oscilloscope. Recent experi- mental studies shows that, with a specially designed portable NFC sniffer, it is possible to eavesdrop NFC transmissions from up to 240 cm away, which is at least an order of magnitude further than the intended NFC communication distance. These results have seriously challenged the general perception that NFC is immune to eavesdropping. Recently, the NFC forum pro- posed that NFCIP-1 and NFC-SEC-01 specifica- tions adopt the Diffie-Hellman key exchange protocol to enhance data confidentiality. Howev- er, most existing NFC applications are designed for short-duration rapid data exchange, and the lengthy key exchange process might dominate the entire NFC communication session, compro- mising the user experience. Recently, great interest has been aroused in the practicality and security enhancement of KUI REN, QIAN W ANG, DI MA, AND XIAOHUA JIA ABSTRACT As an emerging advanced short-range com- munication technology, near field communica- tion (NFC) is undergoing a fast rate of expansion with many promising benefits including low power, small size, and peer-to-peer communica- tion, without incurring complex network configu- ration overhead. However, current NFC technologies suffer from one practical limitation: almost all NFC-enabled applications require built-in NFC chipsets, and as a result such low levels of penetration of NFC hardware has stymied its applications on most mobile devices in the market, for example, smartphone and tablet platforms. In addition, from the security perspective the confidentiality of the transmitted data has not been satisfactorily addressed by cur- rent NFC technologies, which do not incorpo- rate any security at the physical or MAC layers by assuming that the extremely short range of communication itself has offered a degree of protection physically. Therefore, great interest has been aroused in the practicality and security enhancement of NFC technologies. In this article we discuss alter- native NFC technologies, with an emphasis on barcode-based NFC and acoustics-based NFC, which are compatible with legacy devices and existing infrastructure and can provide a high level of security guarantee. Following a brief overview of barcode-based and acoustics-based short-range communications respectively, for each technology we present the major technical hurdles to be overcome and the state-of-the-art, and finally offer a vision of the future research issues on these two promising technologies. S ECURING E MERGING S HORT R ANGE W IRELESS C OMMUNICATIONS : T HE S TATE OF THE A RT