NFC and terminal security

As you know NFC is a multi-level multi standard.
It aims at providing easy ways to communicate from an passive/active device (a tag, a panel or a terminal) to an active device (a terminal).
For this to work, NFC Forum defined what is a tagn an exchange format (NDEF) and even now an exchange protocol (SNEP) between active devices.
The NDEFormat is not a simple passive format as could be a .txt. It defines methods as well as fields to trigger actions on the terminal side : open an URL (to go farther after seeing the comercials displayed on the panel), send a SMS, send a mail and even send AT commands amongst other things (example given in annex A).
What's interesting with AT commands is that it allows to dial numbers and, above all, premium-rate numbers.

Here is the scheme: you sit down in a shopping mall equipped with a NFC dongle and a few-dBi antenna (as well as a amplifier?) the whole stuff being hidden in a bag.
And you try to establish NFC links with all the smartphones that goes through your beam and ask them to dial a premium-rate number that you own.
Simple, efficient, you don't have to go to the office anymore.
db