Regarding security concerns:
NFC is a type (subset) of RFID (radio frequency identification) that's limited to a range of about 4 inches. In other RFID applications, the range can be a lot longer.
Some credit cards already support RFID/NFC, although I've yet to come across a merchant that allowed me to wave my card near some machine to make a payment.
The security concern is that for very cheap (around $10) on ebay, you can get an RFID/NFC scanner that can retrieve the info from your credit card (or future smartphone) by bumping your wallet pocket or purse. As long as the scanner is within 4 inches for NFC protocol, it can get your data.
What data is available? Traditionally on a magnetic stripe card, there's three tracks of data:
Track 1 typically contains the cardholder's name as well as account number and other discretionary data. This track is used by the airlines when securing reservations with a credit card, like at the kiosks where you check in.
Track 2 typically contains the cardholder's account, encrypted PIN, plus other discretionary data. This is the track that most ATMs and payment processing verification scanners use.
Track 3 is typically not used, but the partition is there for non-standard use.
Current RFID chips in credit cards store both Track 1 and Track 2 data. With a scanner, you can get this information and then use a magnetic stripe WRITER (about $300) to put the info on a formatted magnetic stripe card. Thieves typically format a stolen card and write info to it so that what's shown on the card doesn't necessarily match what's on the stripe. But it's what's on the stripe that counts at the point of sale.
So, instead of having to physically take your wallet via pickpocketing, a thief now just needs a $10 scanner and get kinda close to you - perform the bump without actually taking anything, and they will have your CC info. They then write the info to a blank magnetic stripe and will have a clone of your card. If the person at the point-of-sale terminal doesn't check the card for name, signature, etc, the thief gets away with a transaction.
Here's a good video explaining how your info could be taken without your knowledge (start the video at around 0:19):
YouTube - How to hack RFID-enabled Credit Cards for $8 (BBtv)
Note that the video mentions that you can shield your signal by lining your wallet/purse with stainless steel.
In another video I watched (possibly on TV, like Dateline or something), there was a similar setup where the hacker was able to conceal everything under his clothes and just walk near people. Then under hidden camera, he would approach his victims and read out all their CC numbers, names, expiration dates, and the people were just shocked.
We've debated somewhat on the security of these. I for one don't think it is something I would use personally. I've used the mobile boarding pass (where you show the barcode) and it was a major PITA at the airport. Won't do that again. I know people have mentioned what's the difference when you have this info in your wallet. IDK about the rest of you, but I make damn sure my wallet is with me at all times. My phone on the other hand, meh. Friends use for pictures, I leave it sitting somewhere. I don't go to class and pull my wallet out and set it on the table.
