Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to implement NFC payments?

I want to add NFC payment to an Android application I'm working on to allow the users to pay directly to a POS. I'm interested in supporting as much POS as possible.

I was wondering if it's really possible or it depends on propietary protocols/hardware.

I have found information (and code samples) about reading the contacless card info but I can't find any library or code about the payment itself.

I know about the EMV Specification but it looks pretty long and technical and I would like to know if it's really possible before diving into it.

We cannot use Google Wallet because I am not in the United States.

like image 596
angudu Avatar asked Jul 17 '15 16:07

angudu


People also ask

What is NFC payment method?

NFC mobile payments are contactless digital payment options that allow phones, tablets, or credit cards to communicate with NFC-enabled readers. NFC technology allows businesses to accept customer payments quickly and conveniently without requiring employees to handle or cards.

Can I use NFC without Internet?

Your phone uses Near Field Communications (NFC) to communicate with the terminal and so you may not need an internet connection to use the Google Wallet app in stores.


1 Answers

You won't be able to support NFC payment in your application, unless you are a bank with a Visa/Mastercard/etc agreement, and have access to a certificate to sign your EMV transactions.

Contactless EMV transactions are not encrypted. That is why you can easily sniff a contactless transaction, or read a contactless payment card info.

Transactions are still secured because of a certificate embedded in the card, specific to the card issuer (ex : Visa, mastercard). This certificate is protected (can't be read). It is used to sign the transaction details (amount, date, random identifier, etc.), so that the POS and transaction processor (on the bank side) can authenticate and validate the transaction. Without a valid signature, your transaction will be rejected.

However, since all major card issuers added mobile payment support to their latest specification (ex : mastercard PayPass 3.0, Visa PayWave 2.1). They may eventually offer API for other apps on the phone to initiate tranasctions. Still, my understanding is that phones will need some specific hardware (ex : a cryptoprocessor) to process transactions.

like image 181
Nicolas Riousset Avatar answered Sep 23 '22 06:09

Nicolas Riousset