NFC Archives

AppWizard

January 6, 2026

How Android Apps Are Adapting To The Rise Of Cross-Platform Digital Payments

Android developers are adapting to a rapidly changing global payments landscape, driven by user demand for seamless experiences across platforms, shifting regulatory frameworks, and the rise of cross-border transactions through mobile applications. This evolution is particularly relevant for international sectors like igaming, which often utilize alternative payment methods under offshore licensing. Developers are focusing on streamlined in-app experiences by adopting payment frameworks that enhance security and expedite verification processes. Over the past two years, payment standards have diversified, leading to the implementation of unified payment layers in Android apps to accommodate various tokens, cards, mobile wallets, and region-specific methods. The number of global mobile payment users is projected to reach 5.6 billion by 2025, highlighting the need for cross-platform support. Mobile wallets, NFC, and universal payment APIs are being integrated more deeply into the Android ecosystem, allowing for instant recognition of users' preferred wallets. Streaming platforms are adopting cross-platform billing strategies, while travel apps are implementing flexible frameworks to adapt to regional regulations. In online gaming, there's a focus on diverse payment options to meet international audience expectations. By 2026, Android applications are expected to feature more cohesive payment interfaces, increased biometric verification, and dynamic updates of payment methods based on user location and device capabilities.

AppWizard

December 10, 2025

New details about Android’s NameDrop alternative surface with bright animations

Google is developing an alternative to Apple's NameDrop feature for Android, aimed at simplifying and enhancing the sharing of contact information. This feature, referred to as "Gesture Exchange," utilizes NFC technology and may include engaging animations during the sharing process. Recent findings indicate that it has been activated in a Play Services beta, allowing users to share details like phone numbers, names, emails, and profile pictures by placing one phone on top of another. Additionally, there will be interactive menus to help users select what information to share and to inform them about the details received from the other device.

Tech Optimizer

December 2, 2025

The Cyber Monday 2025 Cybersecurity, IT, VPN, & Antivirus Deals

As Black Friday 2025 approaches, various early deals are available across multiple sectors. Password Manager Deals: - Passwork: 50% discount on all plans. - LastPass: - 50% off Premium & Families - 10% off Teams - 20% off Business - 30% off Business Max Plans - Dashlane: 60% discount on all personal plans. VPN Deals: - NordVPN: Up to 77% off a 2-year subscription; basic plan at .99/month (74% discount). - SurfShark: Up to 88% off with three free months on a 2-year subscription. - ProtonVPN: Up to 70% off, depending on subscription length. Antivirus Software Deals: - Malwarebytes: 50% off 1-year or 2-year subscriptions to Standard, Plus, and Ultimate plans. - Avast: Up to 70% off antivirus software. - ESET: 50% off ESET Home antivirus software. - Bitdefender: 30% off subscriptions for GravityZone products. Personal Information Privacy Deals: - Incogni: 55% off personal information removal plans with coupon code BFDEAL25. - DeleteMe: 30% off privacy protection plans with coupon code BFCM30OFF25. IT and Security Courses Deals: - PuralSight: 60% off individual plans with coupon code BLACKFRIDAY60. - Udemy: Cyber Week sale with courses available for .99. - ISC2: 10% off cybersecurity training and courses from November 28 to December 5. Security & IT Black Friday Deals: - Firewalla: Sitewide discounts and additional savings on devices. - Hak5: Hacked November Sale with significant discounts. - Yubico: 30% off YubiKey 5 NFC and 5C NFC security keys.

Winsage

November 27, 2025

Microsoft Security Keys May Require PIN After Recent Windows Updates

Microsoft announced an update for FIDO2 security keys on Windows 11, introducing a new prompt for users to set up a PIN during authentication. The rollout began with preview update KB5065789 on September 29, 2025, for OS Builds 26200.6725 and 26100.6725, and was completed with security update KB5068861 on November 11, 2025, for OS Builds 26200.7171 and 26100.7171. This update affects sign-ins where a Relying Party (RP) or Identity Provider (IDP) requests User Verification set to “Preferred” for keys without a PIN, in accordance with WebAuthn specifications. Users must now set up a PIN during authentication flows, not just during registration. To avoid PIN prompts, RPs or IDPs can set “userVerification” to “discouraged.” There is no option to roll back the changes.

Winsage

November 26, 2025

Microsoft: Security keys may prompt for PIN after recent updates

Microsoft issued a notice to users about a new behavior related to FIDO2 security keys following Windows updates since the September 2025 preview update. This change affects devices on Windows 11 versions 24H2 or 25H2, where users may be prompted to enter a PIN during authentication. The adjustment aligns with WebAuthn specifications, which outline protocols for authentication methods, including PINs and biometrics. User verification can be categorized as discouraged, preferred, or required, with "preferred" necessitating a PIN setup if supported by the authenticator. The rollout began after the KB5065789 preview update and was completed with the November KB5068861 security update. Microsoft stated that after installing the September 29, 2025 update, users might need to create a PIN to sign in with a security key, even if it was not required during initial registration. This behavior occurs when a Relying Party or Identity Provider requests User Verification = Preferred during authentication with a FIDO2 security key lacking a PIN. Organizations can opt to adjust the user verification setting to "discouraged" if they do not want to require users to create or enter PINs. FIDO2 security keys enable passwordless authentication by requiring the physical presence of a USB, NFC, or Bluetooth token, gaining popularity as organizations seek to reduce risks associated with traditional passwords.

Tech Optimizer

November 25, 2025

The Black Friday 2025 Cybersecurity, IT, VPN, & Antivirus Deals

As Black Friday 2025 approaches, various promotions in digital security and online education are being offered. Password Manager Deals: - Passwork: 50% discount on all plans. - LastPass: 50% off Premium & Families plans, 10% off Teams, 20% off Business, and 30% off Business Max Plans. - Dashlane: 60% discount on all personal plans. VPN Deals: - NordVPN: Up to 77% off a 2-year subscription, basic plan at .99/month (74% discount). - SurfShark: Up to 88% off with three free months for a 2-year subscription. - ProtonVPN: Up to 70% off, depending on subscription length. Antivirus Software Deals: - Malwarebytes: 50% off 1-year or 2-year subscriptions. - Avast: Up to 70% off various antivirus software options. - ESET: 50% off ESET Home antivirus software. - Bitdefender: 30% off subscriptions to GravityZone products. Personal Information Privacy Deals: - Incogni: 55% off personal information removal plans with coupon code BFDEAL25. - DeleteMe: 30% off privacy protection plans with coupon code BFCM30OFF25. IT and Security Courses Deals: - PuralSight: 60% off individual plans with coupon code BLACKFRIDAY60. - Udemy: Courses discounted to .99 during Cyber Week. - ISC2: 10% off cybersecurity training and certificates from November 28 to December 5. Security & IT Black Friday Deals: - Firewalla: Sitewide discounts and additional discounts on devices. - Hak5: Deep discounts during Hacked November Sale. - Yubico: 30% off YubiKey 5 NFC and 5C NFC security keys.

AppWizard

November 4, 2025

Hackers Hit Android Users, Drain Bank Accounts Remotely Through 760 Apps: Report

Cybersecurity experts have identified over 760 malicious applications that exploit Near Field Communication (NFC) technology to target Android devices, compromising sensitive user data and financial information. These apps often disguise themselves as legitimate banking and government services, convincing users to set them as default NFC payment methods. Once installed, they can intercept critical information such as login credentials and card details, which is then transmitted to hackers via Telegram channels. The campaign, which began in April 2024, affects users in countries including Russia, Poland, the Czech Republic, Slovakia, and Brazil, impersonating banks like Santander and VTB. Stolen data is sent to over 70 command-and-control servers managed by automated Telegram bots.

AppWizard

November 3, 2025

Android Apps misusing NFC and HCE to steal payment data on the rise

Researchers from Zimperium zLabs have identified over 760 Android applications exploiting Near-Field Communication (NFC) and Host Card Emulation (HCE) technologies to illegally acquire payment data. Since April 2024, there has been a significant increase in NFC relay fraud, affecting banks, payment services, and government portals globally, including Russian banks and various European financial institutions. The malware operates as paired “scanner/tapper” toolchains or standalone data collectors, exfiltrating sensitive EMV data and transmitting it to Telegram channels. Operators control these applications via command-and-control (C2) servers, allowing for fraudulent transactions with minimal user involvement. More than 70 C2 servers and numerous Telegram bots have targeted over 20 institutions worldwide, primarily focusing on Russian banks. The rise of “Tap-to-Pay” transactions has made NFC a target for cybercriminals, with harmful applications exploiting Android’s NFC permissions to steal payment data. Zimperium has provided Indicators of Compromise (IOCs) related to this campaign for safeguarding systems.

AppWizard

October 30, 2025

NFC Relay Attack: 700+ Android Apps Harvest Banking Login Details

Researchers at zLabs have identified over 760 malicious Android applications that exploit Near Field Communication (NFC) technology to steal banking credentials and facilitate fraudulent transactions. This cybercrime campaign has expanded from isolated incidents in April 2024 to a widespread operation targeting financial institutions in countries including Russia, Poland, the Czech Republic, Slovakia, and Brazil. The malware utilizes social engineering tactics by impersonating around 20 legitimate banking institutions and government services, such as VTB Bank, Tinkoff Bank, and the Central Bank of Russia. The malware ecosystem is supported by over 70 command-and-control servers and private Telegram channels for data exfiltration. Attackers deceive victims into granting dangerous NFC permissions, allowing the malware to intercept payment data during contactless transactions. Some campaigns use paired applications for data extraction and fraudulent purchases, while others focus solely on data exfiltration. The malware maintains communication with its command-and-control infrastructure, enabling real-time relay attacks to conduct transactions using victims' payment credentials. The rapid spread of this NFC-based payment malware highlights the adaptability of cybercriminals as contactless payment technologies become more common. Financial institutions are urged to enhance fraud detection systems, mobile device manufacturers should tighten NFC permission controls, and users are advised to be cautious when granting NFC access to applications.

AppWizard

October 30, 2025

More Than 700 Malicious Android Apps Using NFC Relay to Exfiltrate Banking Credentials

Cybersecurity researchers at zLabs have identified over 760 malicious Android applications that exploit Near Field Communication (NFC) and Host Card Emulation (HCE) technologies to steal payment data and facilitate fraudulent transactions. Since April 2024, these applications have evolved into a coordinated global operation targeting financial institutions in countries such as Russia, Poland, the Czech Republic, Slovakia, and Brazil. The threat actors have established around 70 command-and-control servers and use Telegram bots for data exfiltration. The malicious apps impersonate about 20 legitimate entities, focusing on Russian banks and international institutions like Santander and Google Pay. They utilize various strategies to compromise payment credentials, including scanner and tapper tools, and employ simplified interfaces resembling legitimate banking portals. The malware activates a Host Card Emulation service during NFC payment events for real-time data relay. To evade detection, the threat actors use name masquerading, code obfuscation, and software packing techniques. This campaign represents a significant escalation in NFC-based financial fraud, highlighting the risks associated with NFC payment privileges.