What Are NFC Mobile Payments, And Are They Safe?
If you needed to order lunch or a cab or pull up your quarterly bank statement, you'd probably reach for one thing to do it: your smartphone. Our mobile devices have increasingly played an essential part in managing our day-to-day lives, so it was inevitable that tech would progress to the point where we could pay for stuff via our smartphones. And it has.
NFC mobile payments allow you to not only make payments on but also with your phone. It's the technology behind Apple Pay, Android Pay, and other such mobile payment methods, and it's picking up steam with businesses and consumers alike.
Statista reports a steady uptick in the number of U.S. customers who use proximity mobile payments, with the number going from 58.7 million in 2018 to about 69 million in 2020. A 2020 Mastercard survey recorded 82% of respondents saying contactless payments are "the cleaner way to pay." Industry experts predict that the trend will continue, and more users will opt to pay with their smartphones.
So, whether you're a curious customer or an expanding entrepreneur, here's a quick look into NFC mobile payments, the technology behind them, and whether you can trust it all.
What are NFC mobile payments?
If you've ever seen someone use a contactless debit/credit card to "tap to pay," then you've witnessed NFC technology at work. NFC is short for near-field communication, and it's basically a kind of technology that allows two devices to wirelessly exchange data when they're close to each other.
While the mobile payment use case of NFC is relatively new, the technology itself has been around for a while. NFC is a subgroup of another wireless technology called RFID (radio-frequency identification), which is used to identify things through radio waves. RFID tech is at work in car key fobs, the barcode scanners used in grocery stores, airports, or other places that do asset and inventory tracking.
To complete a contactless mobile payment, there needs to be an NFC-enabled reader hooked to the merchant's PoS system and then an NFC-enabled mobile device on which a digital wallet has already been set up and funded. This could be a smartphone, tablet, smartwatch, or even laptop (although that would make for one clunky transaction). Only new-ish models are enabled with NFC chips, though, typically, so customers with older devices might not be able to make contactless payments.
NFC technology also powers other modes of payment, such as peer-to-peer transactions between two mobile devices. A prime example of this is Apple's tap-to-pay, which enables contactless payment between two iPhones.
How do NFC mobile payments work?
When a transaction is initiated through a point-of-sale (PoS) system, the NFC reader sends out a signal that searches for the NFC-enabled payment device. In response, the customer has to unlock their digital wallet app, select a pre-registered card to pay with, and then hover the mobile device over the reader. NFC technology typically needs at least two inches of proximity to work (hence the N if NFC), so you'll have to get close enough.
Next, an encrypted data exchange will take place between both devices. A chip, also known as a secure element (SE), will authorize and validate the transaction and tag it with a one-time digital signature that will be forwarded to the merchant bank. After receiving this tokenized information, the bank verifies that there's enough money in the customer's account to complete the transaction and then confirms the payment if there is.
This entire data exchange is fully encrypted, which means the customer's payment info is never revealed and, therefore, is unlikely to be compromised. If there are no problems, the entire process should take place in seconds, and that speed is one of the main benefits of NFC payments over its alternatives.
Are NFC payments safe?
It's perfectly reasonable to question how safe NFC mobile payments are — we're talking about money, after all. Any loopholes or security shortcomings could literally cost one a dear price. The good news is that NFC payments are one of the most secure ways to process transactions, largely because of the method with which the payments are conducted.
First, NFC payments are dynamically encrypted. With traditional card payments, the PoS reads and collects the info on your card strip, and because those numbers don't change, there's the looming risk of losing that sensitive data to a breach or a hack. But the data involved in an NFC transaction is dynamic — all your payment info is scrambled per transaction so that it's unreadable and consequently useless to any malicious party who might attempt to intercept it. It's similar to the system VPNs use to mask your IP address to protect your identity online, which is why you should be using a VPN if you aren't already.
Also, the fact that a mobile device is the payment medium is another security advantage of NFC payments. Credit cards can be stolen, and if that happens, all your payment info is at risk of compromise. But phones/smartwatches provide a built-in 2FA system, thanks to the fingerprint and facial recognition that most of them require to be unlocked. Even if your phone is stolen, it'll be difficult, if not almost impossible, for fraudsters to bypass these security locks.
To boot, NFC technology works over a pretty short distance, so it'll be hard to intercept a transaction from afar. Between the proximity factor and the biometric authentication, you can rest assured that NFC payments will be quite difficult to compromise.