I understand how using something like Apple Pay or whatever the android equivalent is is secure, using things like one-time-codes, but how is having a card that can do tap-to-pay secure? Couldn’t someone just copy the wireless signal it gives off and then use that in place of my card?
In: 5
I’m not entirely sure how the technology is implemented in practice, but an easy way I can see it implemented is with encryption. Instead of sending a password, the password is stored on the card and never output. Instead, it receives a message, encrypts it with the stored password, outputs the encrypted message, and the receiver verifies that the encrypted message was legitimately encrypted. Transaction approved.
Edit: seems like NFC authorization flow is generally as I’ve outlined.
Latest Answers