Android’s NFC Nightmare: Payment Data Theft on the Rise

NFC relay fraud is trending, but not in a good way. Over 760 Android apps have been caught using NFC and HCE to swipe payment data like it’s going out of style. This surge in NFC relay attacks since April 2024 shows cybercriminals are tapping into “Tap-to-Pay” transactions for their own gain.

3P
Published: November 3, 2025 2:30 pmAdded: November 3, 2025 at 6:48 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like your Android phone is auditioning for a new role—as a pickpocket! With over 760 apps playing fast and loose with NFC and HCE, it’s clear that cyber criminals are tapping (pun intended) into new ways to steal your hard-earned money. Better hold onto your digital wallets, folks, because your phone might be plotting against you!

Key Points:

  • Over 760 Android apps have been identified misusing NFC and HCE to steal payment data.
  • NFC relay fraud has surged since April 2024, targeting financial institutions globally.
  • Malicious apps impersonate trusted institutions to lure victims into installing them.
  • Apps operate with paired “scanner/tapper” tools or as standalone data collectors.
  • Cybercriminals remotely control the apps via command-and-control servers.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?