Wireless Near Field Communication (Nfc) Security - Honeywell dolphin 70e black Network And Security Manual

• Use TLS 1.2 between client applications and servers. Make sure the client is configured to validate the server certificate
and uses secure crypto-suites.

Wireless Near Field Communication (NFC) Security

Specific security precautions are recommended to mitigate the potential security risk associated with exchanging data using
wireless Near Field Communication (NFC) between NFC enabled Dolphin 70e Black devices and an NFC tags or other NFC
enabled devices.
NFC security is based on the short range characteristic of the RF solution. In some applications, there is the potential for an
attacker to utilize the Android Beam application and/or other applications to attack the Dolphin 70e Black device. For example,
the Android Beam application can be used to exchange data between devices or from a tag to a device. The data exchange can
include, but is not limited to, contacts, URLs, and applications. No confirmation is required on the receiving side of the
connection and the Dolphin 70e Black device automatically runs the associated application. Attackers could potentially transfer
a malicious URL and either trick the user into clicking it or exploit a browser bug to visit a malicious website and download
malicious content.
Honeywell recommends the following security recommendations and precautions listed below:
• Disable NFC on the Dolphin 70e Black device unless it is critical to the application.
• If the application must allow NFC, it should only be enabled as needed and the user must have a means to confirm the
transfer is expected. If the application transfers data between two Dolphin 70e Black devices using NFC, then the
application should enable encryption of the data.
7 - 2