Google Pay alternative for NFC Payments?

Google Pay / GPay has always been quite insecure in my eyes; for being an app that boasts about using the “best security methods” it lacks a system to lock the app.

Banking apps and other payment or sensitive info related apps use PINs, passwords, and biometrics (fingerprint/retina/face scan). Google Pay only requires the user to have the NFC active and a lock screen on your phone (and some reviews even say that the lock screen doesn’t have to be unlocked to pay!). Not only that, but the app has an “on switch” for the NFC, but not an “off switch”!

Meaning that:

  • as long as the phone is unlocked (or maybe not), it’s easy for crooks to get to your money: one only needs a capable NFC phone or scanner; contactless frauds are on the rise
  • whenever you pay, you show everyone your unlocked phone
  • having NFC active for other uses is a liability whenever Google Pay is on your device

Do compatible NFC payment alternatives exist? That requires the app to be actively open and possibly even contain additional security features?

I’m pretty sure that this highly depends on your Location, Bank and other stuff.

My Bank in Germany has their own App for paying through NFC. It can be set up to work with the device locked, unlocked or only when the app is open. You can set wether you want a pin, fingerprint or no authentication and depending on the amount you pay.

I personally keep financial stuff off my phone. My Card itself can be used to pay contactless. That’s convenient enough for me. I really don’t need my smartphone to pay for stuff. The card can be used to pay without a pin entry up to 25€. It will ask for your pin over that and will ask if you make more than one payment in a short period of time. That’s secure enough for me.

But it’s the standard convenience<>security tradeoff. Want the convenience of paying with your phone? You’ll loose some security. No way around that. I tested Samsung pay at one point and it worked fine, but the same issues you pointed out already applied. Other then Samsung, Google, Apple and your Banks App (if it exists), i’m not aware of any other Alternatives. And all of those are similarly secure or insecure.