NFC and Bluetooth Low Energy (BLE) are two types of protocols or “languages” electronic devices use to communicate. After reading this whitepaper, you will be able to answer the questions:
- What are NFC and BLE technologies?
- How are these technologies similar and how are they different?
- Why do they matter to mobile access control security?
What is BLE?
Bluetooth Low Energy is a wireless technology developed as a power efficient, low-cost protocol for data transfer. BLE is used across several segments, from audio playback and fitness to IoT and Security. BLE devices transmit data over a 2.4Ghz to 2.48Ghz band and remain in sleep mode unless a connection is initiated.
- Power– Low voltage e.g., battery operated.
- Speed– Transmits data at about 1 MB per second.
- Range– BLE radios have a maximum range of 30 meters and a practical range of 10 meters, configurable by adjusting transmit power.
For more information, please visit: https://www.bluetooth.com/
What is NFC?
NFC is a subset of radio frequency identification (RFID), developed to interactive with passive electronic tags using a globally available radio frequency. NFC is used in banking, identification, and access. NFC transmits data over a 13.56 MHz band. Passive NFC tags require no power of their own, reducing unit costs and opening a number of possibilities e.g., inventory control and tracking.
- Power- Inductive coupling.
- Speed- Transmits data at a maximum of 424 KB per second.
- Range- The receiver and transmitter must be within four centimeters.
For more information, please visit: https://nfc-forum.org/
What are the Differences Between NFC and Bluetooth?
Both BLE and NFC transmit information between or among devices (e.g., your phone and the door reader). There are important differences in the two technologies, range and speed being the most obvious as noted in the table below.
|Bluetooth LE||15mA||1MBs||< 10 Meters secure < 30 Meters indoor, < 100 Meters outdoor||Asynchronous Connection-oriented |
|NFC||Passive – None |
Active – 5mA
|424KBs||4 Centimeters||Asynchronous Connection-oriented |
How do NFC and BLE Compare?
BLE and NFC are considered short-range “languages”, used across several industries, and use cases, often together where NFC is used to boot strap the higher bandwidth BLE connection. One of the most common uses of boot strapping occurs within infotainment systems in automobiles, NFC facilitates one touch pairing for the BLE connection.
Both technologies are present on modern mobile phones, although iOS and Android have different approaches to access and use.
Over the past five years, NFC technology has appeared on ATMs as a wireless alternative to sliding a debit card. Access control key cards, debit cards and Apple and Google Pay all use NFC technology for contactless communication.
A readable NFC tag requires no source of power and can only communicate with one other device at a time (e.g., a key card and a door reader). As mentioned above, the maximum speed of NFC technology is a sluggish 424 Kbits/second (just under 8x faster than dial-up internet). Yet, this is considered lightning fast since the data its transmitting is small.
How Do Bluetooth and NFC Work?
With NFC communication involves transmission between two “antennas” within the NFC-enabled devices. When the two come into range, the data transfer occurs. For example, antennas are embedded within the chip on your debit card. NFC identifies us by our bank accounts, cards, devices, and other personal information.
BLE 4.0 has two primary communication modes, broadcast and connection based. Broadcast is the method used by Apple iBeacon, Google Eddystone and in projects with low data payloads. These broadcast communications are not secure by design, requiring vendors to add encryption suitable for their use case. Connection based communication requires pairing, and is the method used in automotive example earlier in this post.
Is Bluetooth Access Control More Secure than NFC?
The question “Which is more secure?” might come up. It’s a good question, and as is the case with most good questions, the answer is: “it depends.”
Standard NFC and BLE broadcast connections are not protected against eavesdropping —when a hacker intercepts or modifies data transmitted between two devices. However, access control vendors often use higher-layer cryptographic protocols, AKA higher security tech, to establish more secure communications.
BLE connection-based communications have additional security, however, these require pairing, which can be cumbersome and introduce vulnerabilities during that process.
Assuming equal (or no) encryption, NFC’s shorter range gives it an advantage over BLE in security. A potential bad actor would have to be very close – within a few meters, using specialized equipment – to even be able to detect an NFC connection taking place.
NFC and Bluetooth in Access Control
Understanding the security needs of your access control system goes a long way when determining NFC or Bluetooth use.
Selecting NFC over Bluetooth or vice-versa depends on the situation at hand. There are advantages and disadvantages to both technologies, so a top down approach is recommended; starting with how and where you are going to use the technology and what your prospective vendors security profile looks like.
Consideration for how your mobile access vendor implements security should be at the forefront of the decision. A good starting point is to look at any security accreditations the solution has and how the company engages with partners or customers on security related matters e.g., The presence of a security resource center.
NFC is short-ranged and connects instantly but comes with extra costs. Bluetooth works over longer distances, creating opportunities for additional opening modes, however, this can also create challenges where multiple readers are within range. Consideration should also be given to 2.4ghz traffic in your building(s)
NFC and Employee Badge in Apple Wallet
Apple Wallet is an application that allows users to securely store digital versions of their driver license, banking cards and more on their iPhone and Apple Wallet. Genea users can also store their employee badges inside Apple Wallet. Once added, the user can gain quick access to their building or suite. Employee badge in Apple Wallet use NFC technology to communicate with non-proprietary card readers. Additional benefits of the solution include the ability to leverage Power Reserve mode which allows the utilization of the credential for up to 5 hours after the phone’s battery has been depleted. The solution also leverages the Find My ecosystem which allows a user to mark their device as “lost” or “stolen.” Upon doing so, Genea will receive this command and will instantly deactivate the credential on the misplaced device, rendering it useless as a badge if recovered by anyone other than the owner.
HID is thrilled to partner with Genea to deliver employee badge in Apple Wallet to the market. “Unlocking” NFC support on Apple devices offers an unparalleled user experience coupled with frictionless access to secured areas. This is a powerful and unique joint solution.
When shopping for a mobile access control system, make sure to ask about the transmission technology and encryption it uses to secure data. Being informed about how data is transferred and stored is vital to the security and longevity of a company. Genea takes the security of our products seriously. We make it a priority to educate our customers about necessary data security regulations and the extra steps Genea takes to safeguard their wellbeing. To learn more, visit www.getgenea.com .