NFC Village aims to create an interactive experience so people can become more aware of the potentials for this technology, while also getting them to think about the emerging risks.
Toronto, ON (PRWEB) May 23, 2013
Security Compass, a leading application security firm, is unveiling the first NFC hands-on hacking lab for US and Canadian information security conferences in June, when it debuts "NFC Village" at SC Congress Toronto. NFC Village is a live, experiential lab designed to introduce conference attendees to key features of near-field communication technology and new emerging threats.
"We’re excited that SC Congress Toronto has chosen to feature NFC Village as part of its conference lineup," said Sahba Kazerooni, managing director of Security Compass. "As NFC technology becomes more integrated with consumers’ daily lives and key industry sectors, it’s important to have a full grasp of the capabilities, features and attack surfaces that exist. Our goal with NFC Village is to create an interactive experience so people can become more aware of the potentials for this technology, while also getting them to think about the emerging risks."
NFC Village at SC Congress Toronto includes four labs:
- Introduction to NFC – As a general introduction to NFC features, this lab demonstrates how different phones on the market today react differently to NFC "intents" or messages.
- Antenna Array – Commonplace objects can be converted into malicious NFC readers. This lab demonstrates that by expanding the surface area of a reader, an attacker could position a couch cushion that doubles as an NFC reader to steal credit card numbers when a person sits down.
- Bandwidth Exploitation (DoS) – By now, many people are aware of the potential for malicious ‘bump attacks’ that steal information from NFC-enabled devices. But is this the full extent of malicious possibilities? This lab will showcase how another type of outcome can be accomplished by redirecting to a malicious URL. This technique can be used for bandwidth exploitation (i.e., forcing a smartphone to surpass the carrier’s data limits), code injection and other types of attacks.
- NFC Scavenger Hunt – This "Easter egg hunt" exercise turns the entire conference facility into a live lab as participants are asked to find several NFC tags on conference staff, posters, etc. The first attendees to gather all tags will be entered in a prize draw.
Security Compass is currently developing several new labs that will be added to the NFC Village later this year. These include "NFC Intercepting Proxy" and potentially a long distance NFC antenna.
NFC Village debuts at SC Congress Toronto, June 11-12 at the Metro Convention Center (go to booth L1 in the Media Trades area). Walkups welcome. For more information, contact nfcvillage(at)securitycompass(dot)com.
ABOUT SECURITY COMPASS:
Headquartered in Toronto, Security Compass is a leading information security firm specializing in web and mobile application security for Fortune 500s, large financial institutions, energy firms, technology/software providers, media companies, retailers and other businesses. The company recently developed SD Elements, a new platform for secure application development that prevents 97% of high-risk security vulnerabilities from existing in the first place. Security Compass was a key contributor on mobile application security to the recently released HP 2012 Cyber Risk Report. http://www.SecurityCompass.com