Hacker News new | past | comments | ask | show | jobs | submit login

Any idea why Apple doesn't allow use of NFC? It's been in devices for ages, I'm surprise to hear it's not available to developers. Given Apple reviews all apps anyway, and can restrict what it's used for any way they like, I can't imagine why they wouldn't allow apps to use it.



I'm actually very suprised by this article because in iOS 11, over a year old now, they did open up NFC to developers: https://developer.apple.com/documentation/corenfc.

The problem could be that they require a different data format then the NFC Data Exchange Format (NDEF) as that is the only format that CoreNFC supports.


Communicating with a passport requires two-way communication for authentication and data transfer; they're not simple NFC tags.


> Any idea why Apple doesn't allow use of NFC?

iOS apps can access NFC capablities on devices with that have appropriate hardware support, but from what I understand the CoreNFC API has some limitations.

For example, it doesn't provide a way to read an RFID'c unique ID without using a private API that would disqualify an app from being published on the app store. There's some information about this at [1] and [2]. CoreAPI can read NDEF tags, but they don't expose the UID.

Perhaps the Home Office's app needs the UID of the passport's embedded RFID? I don't know why they might want this, or why Apple restricts the ability to read it. Privacy concerns?

[1] https://www.taptrack.com/article/blog/core-nfc-2/

[2] https://stackoverflow.com/questions/51822226/corenfc-not-rea...


You don’t just need the UID (and by the way, passports don’t have one).

You need to do a proper cryptographic handshake with the passport, something impossible with the current SDK. You need to be able to send raw “APDUs” (commands) to the smart card/passport.


> you need to be able to send raw “APDUs” (commands) to the smart card/passport.

Is this available via a private API in CoreNFC? Is that what they're asking for?

Edit:

> and by the way, passports don’t have one

Thanks - I didn't know that. Now reading about Pseudo-Unique IDs.


Not available as far as I know; I looked into it as I needed it as well.

Seems like there are some classes in the SDK that hint at that but so far they don’t work (presumably they require an entitlement that only Apple can provide).


Maybe they don't want NFC payment alternatives that would rival Apple Pay. And they don't want to restrict it for that use-case because it makes them look weak for artificially blocking out the competition so they just restrict the feature entirely.


Or the security/PR nightmare that would happen when someone used one of those that was poorly implemented and said “I paid with Apple Pay and all my money was stolen!”


Or an anti-competition suit?


It's really silly – but Apple keep the NFC functionality exclusively for use by Apple Pay. Whilst it is NFC, Apple have never marketed it as such. Presumably they want people to think that it's just Apple Pay 'magic'.


Not just Apple Pay anymore, they also use it for certain transit cards and student ID cards. New phones can read tags and launch the appropriate app (via notification like Camera gives you for QR code reading): https://www.macrumors.com/2018/09/12/2018-iphones-background...


But they prevent competition with their own services in myriad ways already via their review process. Try building your own app store, for example.


Presumably because they want to force financial institutions to go through Apple Pay, so they can take their transaction fee cut.


Imagine Ford making a car that only accepts fuel bought at a Ford fueling station.

I am sure you can see the advantages?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: