Dutch think tank reports on the impact of NFC and consumer data privacy issues

When it comes to designing NFC ecosystems, solutions that appear to be logical and beneficial for the actors involved may not prove to be in the customers’ best interests, says a new report by Dutch technology think tank Rathenau Institute

An in-depth study into what the introduction of NFC means from a consumer identity and government regulation point of view has been published by the Rathenau Institute, a Dutch think tank that focuses on the influence of science and technology on our daily lives.

An influential think tank has warned that what suits the operators of NFC systems may not be in the best interests of users

The study starts with the premise that “NFC allows for the merging of data relating to payments, locations and communications, and there is clearly potential for developing new services,” but “it is necessary to ask, however, who will be managing users’ personal data, and to whom will users be able to turn if things go wrong?”

The report examines how NFC works, describes each of the ‘actors’ involved in the NFC ecosystem and looks in-depth at two innovative NFC projects based in the Netherlands and run by Payter and Rabo-Mobiel. The authors, Wouter Schilpzand of the Technical University Eindhoven and Christian van ‘t Hof of Rathenau Institute, then draw together the findings of their research for a final chapter entitled ‘Conclusion: Managing identity in NFC environments’:

With so many technologies and applications coming together in hand-held devices, many different suppliers are currently collaborating to agree on common standards.

Who will manage which data on users remains a contentious issue, however. Each of the various actors involved – telecoms operators, chip manufacturers, mobile phone suppliers, and banks – brings its own interests, technical standards and organizational culture to the negotiating table. It seems unlikely that a consensus will be reached in the near future.

Meanwhile, users and government have so far played a marginal role in the process. By further elaborating the concept of identity management, this chapter suggests that now is the time for governments and users to become involved. We thus ask, which roles can companies, users, and governments play in managing identities in an increasingly digitalized public arena?

The authors then go on to describe four key issues:

First, there is the issue of the Secure Element (SE), whereby important data (for example, on identification and encryption keys) can be shielded from the outside world. Will this element be built into phones, into SIMs, or into an additional card (an SD or smart card)? Each of these three options serves the interests of one or another of the actors involved.

Second, in order to integrate all of the applications, networks and data flows, a new intermediary needs to be established: the Trusted Service Manager (TSM). Will the TSM merely be an intermediary, supporting the smooth flow of data from one to another? Or will the TSM also play an important role in promoting smooth collaboration and competition among suppliers, and help customers switch from one supplier to another? And if the TSM does become a point of ultimate technological and organizational convergence, and plays a dominant role, then which actor will be responsible for ensuring that it is doing its job well?

Third, once more people start using NFC, it is likely that there will be increasing attempts to hack into people’s phones, eavesdrop, and commit identity theft and other cybercrimes. Although suppliers claim that NFC is safe, computer security experts view NFC as a ‘mixed bag’: while there are more entries to be broken into, greater computer power is also needed to seal it off. In theory, any device can be broken into as long as enough effort is made. Only practice will prove whether it to be a criminal business case.

Finally, the process of setting up a TSM demands an overall architecture for data exchange. Currently, there are many different flows of user data, and every application has its own identification mechanism and a separate organization handling the data. For instance, a customer’s phone calls are not automatically linked to a customer’s purchases. In future, will NFC evolve into an application which requires users to sign-on just once, thus linking everything to one single identity (one number and one database containing all personal data), or will a more versatile form of identity management prevail?

“Resolving the issues surrounding the SE and the role of the TSM appears to be crucial,” say the authors. “If the SE is placed in the handset, this could shift the balance of power in favour of handset manufacturers – if, of course, the latter perceive there to be sufficient commercial benefit in adopting the technology. Mobile network operators, on the other hand, perceive significant advantages to be gained from putting the SE on SIMs, thus allowing them to govern the technology.”

“If this were to happen,” they warn, “then the network operators might gain so much dominance in the market by locking-in customers and overcharging for services, that other actors might see few benefits in the technology.”

From a consumer point of view “solutions that appear to be logical and beneficiary for the actors involved may not prove to be in the customers’ best interests,” says the study:

Placing the SE on the SIM card may prove to be advantageous for mobile network operators, but users might experience the result as a lock-in that limits their choice of service provider. All in all, a non-proprietary solution to the SE placement issue would offer consumers more freedom of choice, but would also raise the issue of who would then oversee this freedom. In addition, the existence of too much choice may lead to confusion.

Making it the user’s responsibility to decide where the SE is placed could result in a Kafkaesque nightmare in which consumers went from one provider to another with a handful of chips. This is where the TSM could play a pertinent role: the TSM would manage the SE, regardless of where it had been placed on the device, allowing customers to avoid having to care or even know about the issue.

Moreover, the TSM could emerge as a single service contact point for users. In addition to integrating data flows for all of the companies involved and resolving the SE issue, it could provide a help desk for users seeking assistance with malfunctioning devices or changing their provider, bank or device, and also monitor who does what with users’ personal data. All of these functions would indeed amount to a highly integrated identity manager. On the other hand, however, if all of these responsibilities were to be awarded to a single party, to what extent would users be able to trust the TSM?

The research forms part of the Rathenau Institute’s project on the Digitalization Of Public Places, which analyses the societal impact of upcoming digital technologies in the public domain. A full copy of the 50-page study ‘Near Field Communication: Convenience takes a great step forward, but what about the footprints we leave?’ can be downloaded free of charge from the Rathenau Institute’s website.

Next: Visit the NFCW Expo to find new suppliers and solutions