NFC-TAN is Display-TAN without display, and with NFC instead of BLE.

The main adavantage of NFC-TAN as compared to Display-TAN and every other Online Banking method are the costs: nearly zero costs for the bank in case they have already NFC enabled bank cards.

The disadvantage of NFC-TAN as compared to Display-TAN: it is less secure and it does not work with iPhones.




NFC-TAN Mobile Banking is less secure than Display-TAN because a Man-in-the-Middle attack by a trojan on the smartphone is possible. On the other hand, NFC-TAN Mobile Banking much more secure than SMS-TAN or App-TAN Mobile Banking, because the secret key cannot by accessed by a trojan, see this comparison (pdf slide).


NFC-TAN is compliant to the recent EU Directive PSD2 (from Oct. 2015, to be complied to latest: 2018):

NFC-TAN profits from the fact that PSD2 - for whatever reason - does not require a secure re-visualization of the transaction data.


March 2013, press announcement GFT: ''Smartphone meets debit card: NFC-TAN makes transactions secure and straightforward''

March 2013, Computerworld NL: ''Zo beveiligt NFC internetbankieren''


Aug. 2013, UBS Bank (CH): UBS Mobile Banking (NFC only for login)

March 2015, NFC World: '' Korea shifts to NFC authentication for mobile banking''

July 2015, LLoyds Bank (GB): ''Lloyds trials tap to bank mobile banking service''

Unfortunately these implementations were done without us. The fact that others independendly have the same idea just shows: NFC-TAN is a natural and convincing principle.


Borchert (2009): Secure encryption for online accounts through a device with a camera, display and short-range radio as an intermediary between the computer and secret

Borchert, Günther (2013): Online Banking with NFC-enabled Bank Card and NFC-enabled Smartphone