NFC Archives

AppWizard

April 21, 2026

Trojanized Android App Fuels New Wave of NFC Fraud

A new variant of the NGate malware family has emerged, using a trojanized Android application to capture payment card data and personal identification numbers (PINs). This modified version of HandyPay, a legitimate NFC relay app, has been distributed since November 2025, primarily targeting users in Brazil. The malware intercepts NFC payment card data and allows fraudulent transactions. Two distinct malware samples have been observed, delivered through phishing infrastructure that impersonates a Brazilian lottery site and a Google Play listing for a card protection tool. The trojanized app captures NFC data, requests the victim's card PIN, and transmits this information to attacker-controlled infrastructure. It requires minimal permissions, leveraging its role as the default payment application to evade detection. Evidence suggests that generative AI tools may have been used in its development, indicated by emoji markers in debug logs. ESET has reported its findings to Google, and Google Play Protect can detect known versions of the malware. The developer of HandyPay is investigating the misuse of its application.

AppWizard

April 21, 2026

NGate Android malware uses HandyPay NFC app to steal card data

A new variant of the NGate malware targets Android users by disguising itself within a trojanized version of the HandyPay app, which is a legitimate mobile payment processing application. This malware, documented since mid-2024, siphons payment card information through the mobile device's near-field communication (NFC) chip and sends the stolen data directly to attackers, who create virtual cards for unauthorized purchases or cash withdrawals from NFC-enabled ATMs. The new variant has been injected with malicious code into the HandyPay app, which has been available on Google Play since 2021. The code includes emojis, indicating the possible use of a generative AI tool in its development. The shift from previous iterations, which used an open-source tool named NFCGate, to HandyPay is likely motivated by financial considerations and the need for evasion, as HandyPay is more affordable and requires fewer permissions. This NGate variant has been active since November 2025, primarily targeting Android devices in Brazil. It employs two main distribution methods: a counterfeit app named “Proteção Cartão” hosted on a fraudulent Google Play page and a fake lottery website that redirects users to WhatsApp to download the malicious APK. Upon installation, the app prompts users to set it as their default NFC payment application, requests their card PIN, and instructs them to tap their card on the phone for reading, transmitting all collected information to an attacker's email address. To protect against such threats, Android users are advised to avoid downloading APKs from outside Google Play, disable NFC when not in use, and use Play Protect to scan for threats.

AppWizard

April 21, 2026

NGate NFC malware targets Android users through trojanized payment app

NFC-based payment fraud targeting Android users in Brazil has been linked to a campaign using a trojanized version of the HandyPay app, part of the NGate malware family, since November 2025. The malware is distributed through a counterfeit website mimicking a lottery and a fraudulent Google Play page. The operators chose HandyPay for its low cost and minimal permissions required. The malware requests users to set it as the default NFC payment app, allowing it to capture payment card PINs and relay NFC card data to attackers. ESET Research identified this campaign and discovered logs from compromised devices containing sensitive information. The trojanized app has never been on the official Google Play store, and ESET has notified Google and the HandyPay developer about the issue.

AppWizard

April 21, 2026

New NGate Android malware variant uses NFC app to steal card data

A new variant of the NGate Android malware exploits a legitimate NFC payment app, HandyPay, to steal users' card information and PINs, enabling unauthorized contactless transactions. This malicious version of HandyPay, which has been available since 2021, was identified by ESET researchers and is distributed through a fraudulent lottery website and a fake Google Play page. The malware captures sensitive information by prompting users to enter their payment card PIN and tap their card against the device, sending the data to an attacker-controlled phone and exfiltrating the PIN to a command-and-control server. The campaign employs social engineering tactics and requires minimal permissions, relying on users to enable app installations from unknown sources. The attackers use a centralized infrastructure for malware distribution and PIN collection, with evidence of compromised devices in Brazil. The shift to modifying a legitimate application is motivated by financial incentives, as it offers similar functionality at a lower cost compared to underground tools. Users are advised to avoid installing apps from unofficial sources and to ensure the legitimacy of applications before entering sensitive information.

AppWizard

April 10, 2026

Tap n’ go: Android’s rumored ‘Tap to Share’ UI might’ve just broken cover

A new report highlights Google's "Tap to Share" feature, which includes a redesigned sharing menu that aligns with Android 16 aesthetics. Users will initiate the transfer process by overlapping their devices, which will emit a glow to indicate successful completion. The user interface features a straightforward sub-menu with three selectable options for sharing. The upcoming Galaxy S26 series will have dual antennas to support this feature. The process may utilize NFC technology, with potential future iterations using Wi-Fi or Bluetooth. The design of the sub-menu has been refined to match Android 16's visual elements.

AppWizard

April 3, 2026

This is the best Google Pay feature you’re not using in India

Google Pay's Tap to Pay feature, launched in 2020, allows contactless payments using NFC technology. Initially compatible with only two banks, it now works with most major debit and credit cards in India. Users can add their cards to Google Pay, and payments can be made by selecting the card and tapping the phone near a point-of-sale machine. The feature supports most Visa and MasterCard cards issued in India, while American Express cards are excluded. There are no transaction limits, and a PIN is required for high-value transactions. The setup process involves adding card details and authenticating via SMS. Tap to Pay can also be used internationally, except in China.

AppWizard

February 25, 2026

Numo Launches Bitcoin Tap-to-Pay App For Merchants

Numo has introduced a tap-to-pay point-of-sale app that allows merchants to accept Bitcoin payments without additional hardware, utilizing the Cashu open-source ecash protocol. The app is available for free as an open-source Android download, with plans for a Google Play Store release. It uses NFC technology for quick transactions, enabling customers to pay via a Cashu wallet interacting with an NFC tag on the merchant's device. Payments are settled in Cashu ecash, which can be automatically transferred to a merchant's Lightning address once a specified balance is reached. Numo also supports Lightning invoices and offers features like inventory management, payment history tracking, offline payment support, and tipping options. The app has no platform fees and is developed under the MIT license, aiming to simplify Bitcoin payments for merchants. Cashu employs blind signatures for privacy-preserving custodial payments and connects independent mints over the Lightning Network.

AppWizard

January 6, 2026

How Android Apps Are Adapting To The Rise Of Cross-Platform Digital Payments

Android developers are adapting to a rapidly changing global payments landscape, driven by user demand for seamless experiences across platforms, shifting regulatory frameworks, and the rise of cross-border transactions through mobile applications. This evolution is particularly relevant for international sectors like igaming, which often utilize alternative payment methods under offshore licensing. Developers are focusing on streamlined in-app experiences by adopting payment frameworks that enhance security and expedite verification processes. Over the past two years, payment standards have diversified, leading to the implementation of unified payment layers in Android apps to accommodate various tokens, cards, mobile wallets, and region-specific methods. The number of global mobile payment users is projected to reach 5.6 billion by 2025, highlighting the need for cross-platform support. Mobile wallets, NFC, and universal payment APIs are being integrated more deeply into the Android ecosystem, allowing for instant recognition of users' preferred wallets. Streaming platforms are adopting cross-platform billing strategies, while travel apps are implementing flexible frameworks to adapt to regional regulations. In online gaming, there's a focus on diverse payment options to meet international audience expectations. By 2026, Android applications are expected to feature more cohesive payment interfaces, increased biometric verification, and dynamic updates of payment methods based on user location and device capabilities.

AppWizard

December 10, 2025

New details about Android’s NameDrop alternative surface with bright animations

Google is developing an alternative to Apple's NameDrop feature for Android, aimed at simplifying and enhancing the sharing of contact information. This feature, referred to as "Gesture Exchange," utilizes NFC technology and may include engaging animations during the sharing process. Recent findings indicate that it has been activated in a Play Services beta, allowing users to share details like phone numbers, names, emails, and profile pictures by placing one phone on top of another. Additionally, there will be interactive menus to help users select what information to share and to inform them about the details received from the other device.

Tech Optimizer

December 2, 2025

The Cyber Monday 2025 Cybersecurity, IT, VPN, & Antivirus Deals

As Black Friday 2025 approaches, various early deals are available across multiple sectors. Password Manager Deals: - Passwork: 50% discount on all plans. - LastPass: - 50% off Premium & Families - 10% off Teams - 20% off Business - 30% off Business Max Plans - Dashlane: 60% discount on all personal plans. VPN Deals: - NordVPN: Up to 77% off a 2-year subscription; basic plan at .99/month (74% discount). - SurfShark: Up to 88% off with three free months on a 2-year subscription. - ProtonVPN: Up to 70% off, depending on subscription length. Antivirus Software Deals: - Malwarebytes: 50% off 1-year or 2-year subscriptions to Standard, Plus, and Ultimate plans. - Avast: Up to 70% off antivirus software. - ESET: 50% off ESET Home antivirus software. - Bitdefender: 30% off subscriptions for GravityZone products. Personal Information Privacy Deals: - Incogni: 55% off personal information removal plans with coupon code BFDEAL25. - DeleteMe: 30% off privacy protection plans with coupon code BFCM30OFF25. IT and Security Courses Deals: - PuralSight: 60% off individual plans with coupon code BLACKFRIDAY60. - Udemy: Cyber Week sale with courses available for .99. - ISC2: 10% off cybersecurity training and courses from November 28 to December 5. Security & IT Black Friday Deals: - Firewalla: Sitewide discounts and additional savings on devices. - Hak5: Hacked November Sale with significant discounts. - Yubico: 30% off YubiKey 5 NFC and 5C NFC security keys.