Advertiser Disclosure
Advertiser Disclosure: The credit card and banking offers that appear on this site are from credit card companies and banks from which MoneyCrashers.com receives compensation. This compensation may impact how and where products appear on this site, including, for example, the order in which they appear on category pages. MoneyCrashers.com does not include all banks, credit card companies or all available credit card offers, although best efforts are made to include a comprehensive list of offers regardless of compensation. Advertiser partners include American Express, Chase, U.S. Bank, and Barclaycard, among others.

Mobile Contactless Cards & Payment Technology – How It Works



According to a 2019 report by the Consumer Financial Protection Bureau (CFPB), about 66% of American adults have at least one credit card. And that figure doesn’t account for bank-issued debit cards and prepaid debit cards, which leverage the same payment networks — such as Visa and Mastercard — as many credit cards.

Although the CFPB report indicates that overall credit card usage is on the decline and that committed card users are becoming more judicious, credit and debit cards aren’t going anywhere in the near future. In fact, payment card technology is changing in a big way thanks to mobile payment systems — also known as contactless or mobile tap-to-pay systems.

Mobile payment systems securely store credit and debit card information, allowing smartphone-wielding consumers to securely pay for in-store purchases with those cards simply by waving or tapping their phones in front of special radio frequency readers. Older contactless payment systems, which remain in limited use, store payment information on key fobs or special cards that can communicate with these readers — although adoption of phone-based systems is rapidly rendering these arrangements obsolete.

Contactless tap-to-pay systems also facilitate online payments from mobile and desktop devices. The experience is similar to Amazon’s one-click checkout system using a stored credit card. Merchants that accept contactless payments online and in-store usually display a generic contactless payment logo — which looks like a Wi-Fi signal symbol — in store windows, at physical payment terminals, or on online checkout pages.

Mobile contactless payment systems offer notable benefits, such as multilayered security protections and the convenience of carrying fewer plastic cards. Drawbacks include incompatibility with older phones and uneven adoption by merchants and card issuers.

Popular mobile payment systems available in the United States include Apple Pay, Google Pay (formerly Android Pay), and Samsung Pay. If you own a smartphone, why not try one out and trade in that routine swipe for a gentle tap or wave?

How Mobile Tap-to-Pay Systems Work

Mobile tap-to-pay systems use short-range radio waves to communicate with compatible payment processing hardware. They’re highly secure, although not invulnerable to compromise, and can store retailer-specific loyalty program details in addition to payment card information.

Near-Field Communication Technology and Readers

Mobile tap-to-pay systems rely on near-field communication (NFC) technology, which uses extremely short-range radio signals — they’re effective up to about 20 centimeters, but only work optimally within a four-centimeter range — to rapidly transmit data during in-store payments. NFC technology has a wide range of uses, from contactless transit passes and security keycards (proximity cards), to “bootstrapping” devices that boost Wi-Fi network bandwidth and power.

NFC technology isn’t revolutionary — it draws on decades of radio spectrum work. However, it’s more useful than many other types of radio signal solutions because its standards are strictly controlled by the NFC Forum, a consortium of more than 150 manufacturers and service providers that rely on NFC technology. NFC signals also have some general technical advantages over other forms of short-range radio communication, such as Wi-Fi and Bluetooth.

Although closed proprietary NFC systems aren’t uncommon in high-security applications, consumer systems are generally open, meaning they adhere to NFC Forum standards. Open systems permit communication between any NFC-enabled devices — including most smartphones produced since the early 2010s — using NFC Forum standards. Contactless payment technology wouldn’t be possible without special pieces of equipment called “NFC readers” — compact, inexpensive terminal devices that merchants use to accept secure NFC payments from customers’ phones.

Stored Payment and Loyalty Cards

Mobile tap-to-pay systems aren’t bank accounts. They don’t hold cash balances of their own, although they’re sometimes paired with digital wallets with similar features.

Instead, tap-to-pay systems securely store debit and credit cards for on-demand use. Once you download the payment system app — if it doesn’t come preloaded on your phone, as is sometimes the case — you can add as many cards as you like. Most systems require you to take photos of the front and back of each card, plus answer questions to verify your identity. The first added card usually serves as the default, although it’s easy to change this.

Most mobile tap-to-pay systems store and sync with store loyalty cards and electronic coupons as well. The procedure for adding loyalty cards and coupons may vary from that of payment cards, but the end result is the same: Once the card is stored in the system, you can use it at will.

Compatibility and Necessary Hardware

To add a payment card to your mobile payment system and use it at a particular merchant, two things need to happen:

  1. The card’s issuer (payment service companies like Visa or Mastercard) must agree to work with the payment system (platforms such as Apple Pay, Google Pay, or Samsung Pay).
  2. The merchant must have a working NFC reader (also called an NFC terminal) — or, if they operate online, they must accept your chosen mobile payment system.

Platform-Issuer Compatibility

Compatibility varies somewhat by platform. Although most major card issuers and payment processors partner with most mobile payment platforms, there are exceptions. For instance, Apple Pay wasn’t compatible with Discover cards until late 2015. Additionally, arrangements between card issuers and payment platforms are subject to interruption or discontinuation at any time due to corporate disagreements, meaning tap-to-pay users need to keep one eye on the news.

Store loyalty cards present separate challenges that don’t fatally impact payments, but still inconvenience users. Some mobile payment systems, such as Apple Pay, aren’t compatible or have limited compatibility with store loyalty cards. Other systems sync seamlessly with loyalty cards, automatically conferring discounts and accruing loyalty points with relevant merchants.

NFC Reader Availability and Online Acceptance

The NFC reader issue is more straightforward. NFC terminals are relatively inexpensive — they generally cost less than $50 and some payment platforms actually give them away for free. Because mobile payment systems want merchants to adopt the technology, accepting contactless payments doesn’t cost the merchant anything beyond the credit card’s standard interchange fee — usually 2% to 3% of total transaction value.

Syncing NFC readers with store point-of-sale systems isn’t difficult either. And accepting mobile payments for online purchases is as easy as taking a few minutes to download the mobile payment system’s free software and creating a free merchant account.

On the other hand, many merchants with physical stores are understandably hesitant to deploy a new, unfamiliar payment technology — particularly when many customers continue to use traditional credit cards. However, the adoption of EMV (chip-and-PIN) “smart” cards, which use similar contactless technology bundled into many existing NFC terminal models, is likely to speed adoption and broaden mobile payment compatibility in the years ahead.

Payment Procedure

In-store contactless payment is extremely convenient. Although functionality varies somewhat by system, you usually just need to unlock your phone, open the payment app, pass it within an inch or two of the NFC terminal, and possibly confirm your identity by entering a PIN or scanning your fingerprint. If you want to change your payment method from the default card, just go into the app and select from your stored card menu before completing payment. For online purchases, select the appropriate contactless payment system from the payment options menu and complete checkout as normal.

In both cases, your stored card is charged as it would be if you had swiped it through a magnetic reader or entered the number online. You still receive statements from your issuer and make payments according to the normal schedule. You also automatically receive points or perks specific to the card — for instance, cash-back rewards on qualifying purchases.

Security Features and Vulnerabilities

Although no electronic payment method is totally secure, mobile tap-to-pay systems have multiple layers of security that reduce the risk of theft and fraud.

Data Encryption and Masking

Virtually all mobile payment systems use complex methods to obscure actual credit card numbers and other sensitive information. In other words, when you add your credit card to your Apple Pay or Google Pay account, you’re not simply uploading it to the public Internet for hackers to steal at will.

Contactless payment systems mask real credit card numbers with a special token known as a device account number (DAN). The DAN contains information that identifies both the mobile device used for payment and the payment card itself to the NFC reader in a way that makes no sense to an electronic thief. Thus, mobile payment systems never actually transmit credit card numbers over the Internet.

The weakest point in this arrangement is the initial setup phase — the split-second after you upload images of your card to your mobile payment system account and before the system creates a DAN for it. Shortly after Apple Pay’s rollout, Ars Technica noted that users’ unencrypted card numbers were visible during this period, and can therefore theoretically be stolen by sophisticated hackers. This is a legitimate vulnerability, if not a grave threat. In terms of likelihood, it’s akin to the person behind you in the checkout line stealing your credit card number by snapping a photo of the card as you swipe. It’s not clear whether Apple has since addressed the issue.

Dynamic Security Codes

For added fraud protection, each mobile payment transaction also includes a randomly generated, transaction-specific security code that functions like the CVV number on the back of your credit card. The transaction doesn’t complete unless the DAN and security code can be authenticated.

The system works in such a way that the DAN-code combination is always unique and must originate with the specific device involved in the transaction. This means that it’s virtually impossible for someone to make a fraudulent transaction by stealing a contactless payment system user’s DAN — the actual device denoted by the DAN, along with the randomly generated transaction code, is required to verify and complete the transaction.

Device Lock/Lost Mode

Many mobile tap-to-pay systems have device lock or “lost mode” features that prevent unauthorized access to lost or compromised devices. These systems are typically accessible from any Internet-connected device, often through a separate account or folio administered by the mobile payment system’s parent company.

For instance, Google Pay users can lock their devices, freeze their accounts, and remotely wipe any stored information such as passwords and credit cards through the Android Device Manager. Apple Pay’s Lost Mode, accessible through Apple’s iCloud, has similar capabilities.

Credit Card Fraud Protection

Mobile payment platforms don’t typically have their own fraud protection policies, although they generally have staffers who assist with fraud claims. However, using a credit or debit card on a mobile payment platform doesn’t negate the card issuer’s fraud protection policy. So if a criminal makes fraudulent charges on your Chase Sapphire card through your Samsung Pay account, the team at Chase will investigate and issue a refund if appropriate.

Additional Protections

Security protections vary somewhat by payment system, and some have downright futuristic features. For instance, Samsung Pay has a biometric security feature: a fingerprint reader that effectively prohibits anyone other than the platform owner from using the stored cards.

Other mobile payment systems use retina scanners and heart rate monitors for identity verification or fraud detection. As biometric technology and data encryption techniques improve, new protections are likely to make their way into existing and future contactless payment systems.


Contactless Payment History and Technology

Contactless payment technology has been around longer than the smartphone, although adoption was patchy until smartphones became widely available.

NFC Technology’s Origins and Early Contactless Payment Systems

Near-field communication technology arose out of early work on radio frequency identification (RFID) technology, which used patterned radio signals for communication and product identification. According to Google Patents, the first RFID patent was filed in 1983 by American scientist Charles Walton. RFID didn’t gain traction in consumer applications until the late 1990s, when a variation on the technology was incorporated into a line of “Star Wars” dolls manufactured by Hasbro.

Around the same time, Mobil introduced Speedpass, an RFID-enabled keychain fob that allowed members to pay at the pump without swiping a credit card. Speedpass, which still exists in modified form, is a proprietary closed-loop (merchant-specific) system that essentially functions as a store credit card.

In the following years, similar merchant-specific systems proliferated in the United States and elsewhere. However, due to the fragmented nature of store-specific payment options, they never really emerged as an alternative to magnetic-stripe credit cards.

NFC Forum’s Origins

Although the systems used by Hasbro and Speedpass were technically similar to future NFC systems, strict standards for NFC technology weren’t released until 2002. That year, Sony and Philips — two of the world’s largest electronics companies at the time — entered into a strategic partnership to develop a short-range communication system in the 13.56 MHz spectrum band.

According to a Sony release, the new system was designed to facilitate “the transfer of any kind of data between NFC-enabled devices such as mobile phones, digital cameras, and PDA’s [personal digital assistants], as well as to PCs, laptops, game consoles, or PC peripherals, across a distance of up to 20 centimeters … at speeds fast enough to transfer high-quality images.” The partnership integrated two predecessor technologies — Sony’s FeliCa and Philips’ MiFare — that were sporadically used at the time. This partnership attracted other major partners, such as Nokia, and led to the founding of the NFC Forum in 2004.

Early Multi-Merchant Contactless Payment Systems

The adoption of NFC standards made multi-merchant contactless payment systems practical. In the United States, one of the earliest multi-merchant systems was Mastercard’s PayPass, which debuted in a trial in Orlando, Florida, in 2003. PayPass allowed users to complete contactless payments by touching special key fobs or credit cards with embedded transmitters to NFC terminals.

During the 2000s, Mastercard’s competitors deployed similar systems, such as American Express’s ExpressPay and Visa’s payWave. Due to security and functionality issues, as well as limited merchant adoption of NFC readers, these systems remained niche-bound for the 2000s and early 2010s.

NFC Phones and Global Contactless Payment Adoption

Mobile payment systems hit their stride as NFC-enabled phones became more common. Nokia released the first NFC phone, a clamshell device without many features common to modern smartphones, in early 2006. More sophisticated devices followed, and proved particularly popular in Europe and Asia. The first Android phone with NFC capabilities came out in mid-2010. The first NFC-enabled Apple smartphone, the iPhone 6, didn’t appear until September 2014.

According to NFC Forum, there were roughly 2 billion NFC-enabled devices in global circulation in 2019, most of them smartphones. Not surprisingly, mobile payment system adoption is accelerating in many parts of the world. According to a PaymentsSource article that cites data from Mastercard, nearly half of all transactions are contactless in the United Kingdom. PaymentsSource reports that just 20% of U.S. retail locations are equipped to accept contactless payments.

African America Woman Selling Fresh Produce Receiving Payment Mobile Contactless

Complementary Payment Systems and Technologies

Mobile tap-to-pay systems have a number of kindred spirits in the payment world. With these similar or complementary technologies, merchants and consumers can exchange money without using paper cash or magnetic stripe cards. Along with mobile tap-to-pay systems, they form the basis of the emerging post-cash, post-magnetic stripe payment economy.

  • EMV (Chip-and-PIN) Payment Cards. Also known simply as “smart” cards, EMV cards store sensitive data on integrated circuits embedded within the cards themselves, not magnetic stripes on card exteriors. EMV cards come in two forms: contact and contactless. Contact card users “dip” — insert and hold — their cards into a reader, then enter their PIN to complete the transaction. Contactless card users tap their cards to an NFC reader and enter their PIN. Both EMV card types are compatible with mobile tap-to-pay systems — you can add them to Apple Pay, Samsung Pay, Google Pay, and other systems just like magnetic stripe cards. In the mid-2010s, EMV cards began replacing magnetic stripe cards in the U.S. and are now standard on virtually all newly issued credit cards, although magnetic stripes remain to ensure compatibility with older readers.
  • Digital Wallets. Digital wallets function as simple, virtual bank accounts whose users can send, receive, and spend money online. Google Wallet and PayPal are popular examples of digital wallets. Some digital wallet systems sync with mobile tap-to-pay systems to facilitate in-store purchases. Others aren’t compatible with mobile tap-to-pay systems and thus require magnetic stripe or EMV cards for in-store purchases.
  • Cryptocurrency. Cryptocurrencies such as Bitcoin are digital alternatives to fiat currencies issued by national governments. They’re governed by complex algorithms and codes that control their supply and ensure that they can’t be duplicated, thereby supporting their value. There’s no such thing as a physical cryptocurrency coin — all storage and exchange takes place in a dispersed cloud network. However, digital currency exchanges allow holders to exchange them for dollars, euros, and other fiat currencies. Growing numbers of popular merchants — including Newegg, Overstock, and Target — accept Bitcoin, while competing cryptocurrencies such as Ripple and Litecoin are gaining traction.

Benefits of Mobile Tap-to-Pay Systems

The benefits of mobile tap-to-pay systems include reducing or eliminating the need to carry plastic cards and physical wallets, superior security, and convenient syncing with store loyalty cards.

1. Reduced Need of Plastic Cards and Bulky Wallets

Mobile tap-to-pay systems are lean and convenient, requiring only an NFC-enabled smartphone — or, for older, store-specific systems, a special fob — to work. If you know that every merchant on your daily errand run accepts contactless payments, you can leave your wallet at home and bring only your phone, or use a slim phone wallet that has room for your phone, driver’s license, a small amount of cash, and a handful of other cards. Either way, your physical burden is substantially reduced.

2. Generally Better Security Protections

Tap-to-pay systems have multiple layers of security. Although they’re not infallible, and are particularly vulnerable during the setup phase, they’re less susceptible to theft and fraud than traditional magnetic stripe credit cards. When paired with an RFID blocker belt to deter wireless theft — a common type of theft abroad — tap-to-pay systems are difficult for even the most sophisticated criminals to crack.

3. Some Systems Sync With Store Loyalty Programs

Most mobile tap-to-pay systems sync with store loyalty programs, automatically conferring discounts and loyalty points at the point of sale. This further reduces the need to carry special loyalty cards or tags in your wallet or keychain, and removes one more logistical worry — forgetting to use your loyalty card — from your shopping routine.

4. No Added Fees for Merchants

Merchants who accept contactless payments aren’t burdened with additional fees. They pay the same credit card interchange fees required of a normal credit card transaction — usually 2% to 3%. In other words, there’s no financial disincentive for merchants to accept tap-to-pay payments.

By contrast, Square, PayPal, and some other digital payment processors charge fees of their own — up to 3% — in addition to credit card interchange fees, for a total merchant cost of up to 6% of transaction value.

5. Measurably Faster in Some Situations

Contactless payment systems undeniably save time in certain situations. It’s no accident that a gas station operator, Mobil, deployed the United States’ first contactless payment platform. Walking into the station to physically pay the clerk is time-consuming, and pay-at-the-pump magnetic card readers are clunky, sometimes requiring multiple swipes due to the peculiar insert-and-remove motion, and usually requiring you to enter your ZIP code as well.

By contrast, a system that allows you to tap your phone to a reader one time and then get on your way is much more convenient. Other payment locations in which tap-to-pay is noticeably faster include automatic vending machines and transportation ticket kiosks, whose card readers usually resemble pay-at-the-pump readers.


Final Word

Technological change is accelerating before our eyes. Millennials have never known a world without increasingly powerful, increasingly plentiful personal computers. Gen Z-ers — people born after 2000 — have never known a world without on-demand broadband Internet access.

Automation has revolutionized the manufacturing and automotive industries. Advances in genetic screening and therapies have done the same for health care. Advances in sustainable power generation and battery storage mean a future in which fossil fuels no longer dominate electricity production and transportation is closer than we might think. And nanotechnology could soon unlock solutions that we can barely conceive at present.

For many, the pace and implications of this change are unsettling. Many economists believe that automation and artificial intelligence bode ill for millions (perhaps billions) of human workers. Philosophers warn of the dangers of on-demand access to physical goods and information, as well as the lack of privacy inherent in the Internet’s ever-increasing social plumbing.

It’s no surprise, then, that many Americans are wary of technology. According to Pew, 19% of Americans still shunned smartphones in mid-2019 — either by choice or because they couldn’t afford the technology. These folks can’t participate in the mobile payments revolution. If you’re one of them, the good news is that traditional card payment terminals will persist for the foreseeable future. However, it’s worth asking what else those who tread cautiously around new technologies — often for legitimate reasons — stand to miss out on in the coming years.

Do you use mobile payment systems like Apple Pay, Google Pay, or Samsung Pay? How does the experience compare to using a plastic credit or debit card?

Brian Martucci writes about credit cards, banking, insurance, travel, and more. When he's not investigating time- and money-saving strategies for Money Crashers readers, you can find him exploring his favorite trails or sampling a new cuisine. Reach him on Twitter @Brian_Martucci.