问题
one advantage of NFC vs QR code is that unlike QR code which can be photographed and accessed from anywhere later, an NFC binds you to scan the NFC chip from close distance in order to access the info.
But, once scanned and your browser is ready to open the URL, what prevents the user from sharing the URL so that others can use it and access it remotely (or to use it twice, when already away from the NFC tag)?
My use case is to let a person who is physically near the NFC device, to submit some input, via a URL obtained from scanning the NFC.
However, I don't want to allow other persons to access that same URL, since this will enable them to submit data remotely (such as false data), and this will "contaminate" the info I'm trying to gather.
There is no way to dynamically change the URL as it is written once onto the NFC tag and that's it (to alter the URL every minute for example, the NFC must be re-written by physically accessing it, so this is not feasible).
I can't think of some extra token that can be applied here, since I can't physically pass such token to the user, and I also don't want to make it hard for the user to use the system, by introducing another security layer and ask him to make another action.
回答1:
The only way I can think of doing this is not with an NFC card but with an NFC enabled device running Custom Host Card Emulation (HCE) software (Possible on an Android Device and may be possible with a PC and USB card reader)
As the device is emulating an NFC card when another device comes in to NFC range the HCE device will respond as if it was a card and send out an NDEF message with the custom URL.
The URL will be visible in the browser that a standard phone will launch given the right NDEF message but these URL's can be one time use as once the HCE device has sent the NDEF message, it can use the time or another method to generate a new URL for the next time somebody tries to read it's emulated card.
I can think of other methods that would require custom software of the scanning device to work either to hide the URL. Or I think it might be possible with some of the Advanced NFC cards you can run applications on the card to generate a unique URL for the NDEF message, but that is very advanced stuff.
Host Card Emulating is complicated but possible for a non specialist programmer. The only problem is the item you are leaving for people to scan needs to be secured and powered.
来源:https://stackoverflow.com/questions/59431120/prevent-url-obtained-from-nfc-from-being-shared-or-accessed-remotely