Cell Phones

How do you use NFC?

  • Last Updated:
  • Mar 25th, 2019 12:39 am
Tags:

Poll: Do you use NFC?

  • Total votes: 57. You have voted on this poll.
Yes, my phone has it and it is useful
 
31
54%
No, my phone has it but it is not useful
 
15
26%
No, I wish my phone had it
 
1
2%
No, I don't care about it
 
10
18%
Deal Expert
Aug 2, 2004
30270 posts
4861 upvotes
East Gwillimbury
hvwozq wrote:
Mar 19th, 2019 3:58 pm
They might even have the full real card number, but the app and their email to me only show the last 4 digits. Some people might think that I am an amateur and I gave my card number to Lyft, but no, Lyft got it from Apple Pay.
They definitely have the full card number. There is a formula (checksum). You can't make up 16 random digits. The first 4 are the issuing bank, the next twelve have to fit a pattern. If they have the last 4, they have the rest.
Deal Addict
Jan 13, 2014
1139 posts
416 upvotes
Calgary
hvwozq wrote:
Mar 19th, 2019 1:37 pm
That's BS. I used Apple Pay with Lyft, and yet Lyft still got the last 4 digits of my real card number.
Actually, that doesn't disprove my point at all. It's quite possible that during the authorization process, the real card number gets re-generated from the virtual one. It doesn't mean the real number is stored on the phone at all.

Edit - here's Samsung's description on Samsung Pay is secure.

https://www.samsung.com/us/support/answer/ANS00043932/
Deal Addict
User avatar
Sep 10, 2005
3691 posts
892 upvotes
GTA
When you setup your card with Apple Pay, the card issuer or bank is the one who assigns the Device Account Number. That's the number used to process transactions. On iPhones, this number is encrypted on the Secure Enclave, not the actual card number.

So, I assume the card issuer passed on the last four digits there as an identifier of sorts or whatever.

Also, you can't get the full number from just the four digits alone. There's a reason these numbers can be shown on receipts.
Deal Addict
Aug 18, 2018
1262 posts
856 upvotes
SFO <==> YYZ
qualdoth wrote:
Mar 19th, 2019 1:31 pm

The limits point is interesting. That is obviously not something that is specific to mobile payments specifically, but rather tap payments in general. For example, I had absolutely no issues using mobile payment to purchase a phone (in my case, using Apple Pay via the apple store app), which is obviously way beyond the normal "tap limit".
Yeah must be a tap specific security feature. I've bought $500 GCs at grocery stores and paid with my phone no problem.
hvwozq wrote:
Mar 19th, 2019 1:37 pm
That's BS. I used Apple Pay with Lyft, and yet Lyft still got the last 4 digits of my real card number.
This has already been addressed but FWIW, whenever I use Samsung Pay, it's always the tokenzied card number that shows on the receipt.

Since the US is still a decade behind everybody else and tap payment is virtually unknown, it's actually faster to pay with a mobile wallet instead of a physical card. And with the added security of tokenization, it's become my default payment method.
Member
User avatar
Dec 18, 2017
343 posts
643 upvotes
Vancouver, BC
Gee wrote:
Mar 19th, 2019 9:55 am
That's a valid point. But I prefer not to have my credit info stored on a device
Your credit info isn't stored on your device my friend. Your bank simply authorizes your phone to be used as a payment device. No one can steal or view your credit card # etc from your phone - not the police, not samsung, not Google, not Apple. And you also need to personally and physically authorize every single payment through your phone either your fingerprint or whatever biometric sensor your phone is equipped to use for payments. And get this, every time you authorize a payment through your phone, a temporary 'card number' of sorts is generated for the merchant and it is a unique number for every transaction you make- ok I'm simplifying it here a bit, but that's to explain the concept (it's not even a credit card number).

Biometric authentication is always going to be more secure than a physical card, period. Be a skeptic if you may, but using this method is exactly how you keep your money and your credit safe, not with a physical card. No one can steal your card number, or your PIN or go around swiping your card to make purchases all over town.

Again, the choice will always remain yours, but I want to ensure you're not misinformed about which method is more secure for safeguarding your money and your credit.
Deal Expert
Aug 2, 2004
30270 posts
4861 upvotes
East Gwillimbury
vancityguy0 wrote:
Mar 20th, 2019 2:55 am
Your bank simply authorizes your phone to be used as a payment device.
How does the bank do this? Do they authorise the IMEI number on the phone? Do they use my actual phone number?

How do they identify the phone uniquely?
Member
User avatar
Dec 18, 2017
343 posts
643 upvotes
Vancouver, BC
Gee wrote:
Mar 20th, 2019 3:13 am
How do they identify the phone uniquely?
I'm unclear on exactly what identifier is used and how it is generated. It's definitely not your phone number (Payment functionality remains active even if you change your phone) or your IMEI (most new phones have two IMEIs and Mobile payments remain enabled regardless of whether both or either IMEIs remain active).

My guess is that it's some obscure identifier that your device dynamically assigns to your profile and passes on to the partnered bank for card verification/authorization - something that will never be visible to a user, merchant or a bank employee.

Bottomline is that carrying around a payment enabled phone is exponentially more secure than losing a physical credit/debit card to a thief who can just tap away at the closest gas station or convenience store.
Deal Addict
User avatar
Nov 14, 2003
2877 posts
1310 upvotes
Everywhere
arkane wrote:
Mar 18th, 2019 2:50 am
One word: tokenization.
This
vancityguy0 wrote:
Mar 20th, 2019 3:50 am
Bottomline is that carrying around a payment enabled phone is exponentially more secure than losing a physical credit/debit card to a thief who can just tap away at the closest gas station or convenience store.
and this
Gee wrote:
Mar 20th, 2019 3:13 am
How does the bank do this? Do they authorise the IMEI number on the phone? Do they use my actual phone number?

How do they identify the phone uniquely?
https://en.m.wikipedia.org/wiki/Tokeniz ... _security)
Deal Addict
User avatar
Nov 14, 2003
2877 posts
1310 upvotes
Everywhere
Gee wrote:
Mar 20th, 2019 9:51 am
@batcave

Who runs these token servers? Is it apple and google, the banks or a third party?
I'm not really sure, but I would guess the card issuer because they need some way to connect the token with the card account.

Maybe read this
Newbie
Feb 9, 2013
6 posts
Does Google/Apple/Samsung pay give detailed purchased history? (e.g. I buy stuff at the grocery store; can I see a digital, detailed version of my receipt?)
Also, I'm surprised no one mentioned loyalty cards. I don't use NFC but it seems like it would be one neat advantage to avoid carrying a ton of cards.

Gee wrote:
Mar 19th, 2019 4:22 pm
They definitely have the full card number. There is a formula (checksum). You can't make up 16 random digits. The first 4 are the issuing bank, the next twelve have to fit a pattern. If they have the last 4, they have the rest.
If you can get the other digits from the last 4 digits, then there can only be 10000 credit card numbers.
Sr. Member
Nov 1, 2009
998 posts
312 upvotes
mastertop101 wrote:
Mar 20th, 2019 8:35 pm
Does Google/Apple/Samsung pay give detailed purchased history? (e.g. I buy stuff at the grocery store; can I see a digital, detailed version of my receipt?)
Also, I'm surprised no one mentioned loyalty cards. I don't use NFC but it seems like it would be one neat advantage to avoid carrying a ton of cards.




If you can get the other digits from the last 4 digits, then there can only be 10000 credit card numbers.
Most loyalty cards use barcode, I use Stocard app for those cards.
Deal Addict
User avatar
Sep 10, 2005
3691 posts
892 upvotes
GTA
mastertop101 wrote:
Mar 20th, 2019 8:35 pm
Does Google/Apple/Samsung pay give detailed purchased history? (e.g. I buy stuff at the grocery store; can I see a digital, detailed version of my receipt?)
Also, I'm surprised no one mentioned loyalty cards. I don't use NFC but it seems like it would be one neat advantage to avoid carrying a ton of cards.
Samsung Pay seems to show the last ten transactions. It's not super detailed. It shows date, time, store, and amount.

Google Pay is pretty much the same except it will sometimes also show the exact location of the store/restaurant as well.

But if you're expecting an actual receipt with a listing of what you bought then no, that's not there.

And as already mentioned, loyalty cards usually use bar codes and not NFC. However, all these mobile payment apps also support storing these cards.
Deal Expert
Aug 2, 2004
30270 posts
4861 upvotes
East Gwillimbury
mastertop101 wrote:
Mar 20th, 2019 8:35 pm
Does Google/Apple/Samsung pay give detailed purchased history? (e.g. I buy stuff at the grocery store; can I see a digital, detailed version of my receipt?)
Also, I'm surprised no one mentioned loyalty cards. I don't use NFC but it seems like it would be one neat advantage to avoid carrying a ton of cards.

If you can get the other digits from the last 4 digits, then there can only be 10000 credit card numbers.
I actually just launched the Android Pay app on my Pixel 3 XL. It does support loyalty cards. There is a section for purchase history. However, I doubt it will give you a detailed receipt. How could it? You go to Walmart, scan a bunch of items and you're presented with a total. You tap and the only info you have is Walmart, date & time and total spent.

Now that I have read up on how the technology works, I have more confidence in using it. I haven't used it yet, but I believe the token server is controlled by google. So they now have all your purchases.
Deal Expert
Dec 4, 2010
17082 posts
1583 upvotes
Space for rent
I have a small concern as using mobile payment is new to me. During set up with Apple Pay and my banking institution, the app asked me to enter the verification number that was texted to me but in the process of getting it they just automatically verify itself. Is this because the phone iPhone Xr used the facial gesture to complete the transaction? Seems to defeat the purpose if they're asking for a pin to be inputted then overrides it with the phone unlocking security protocol. They should not be the same.

Also Face ID seems to work really fast or is it really inconsistent? I can pick it up and barely glance at it and itll unlock for me. Is there a way to make the process a little more delayed?

Top