Apple Pay, Android Pay, contactless credit cards, is it safe?
If you live in Canada and own a credit card you are now probably accustomed to tapping your credit card to pay for your small purchases. Canadian banks started issuing contactless credit cards in 2010, and most vendors now have pay terminals that support "Tap".
Visa officially calls the contact-less credit card feature payWave and MasterCard calls it Tap & Go.
For majority of Americans this great convenient form of payment came in 2014 with Apple Pay or Android Pay. Canadian banks are starting to enabling Apple Pay this June.
Apple Pay, and Android Pay use NFC. Early versions of the contactless credit cards used RFID and was a hot topic in 2012 as hackers demonstrated how the can read the data just by standing near you with a smartphone. Since then Visa payWave and MasterCard Tap &Go have moved to using NFC.
What is NFC and how is it different from RFID?
NFC stands for Near Field Communication and is related to but not the same as RFID (Radio Frequency Identification).
Both NFC and RFID are technologies that enables close proximity communication using radio waves. In both cases you have a reader (the device requesting data) and a tag (the devices sending data).
The key difference is NFC allows two way communication between the reader and the tag while RFID the tag can only send data to the reader.
This is why in 2012 an Android smartphone with NFC was able to so easily grab credit card information. The smartphone acted as the reader and the credit card acted as the tag and sent over the credit card data.
With NFC technology Apple, Google, Visa, MasterCard have added a layer of security. Now the reader must send authenticate data to the credit card or smartphone an only if the receiver pass the credit card authentication will it sent data to the reader.
Apple and Android Pay is even more secure than current contactless credit cards because they don't send over your actual credit card info, but a virtual credit card that changes with each transaction.