EMV (Europay, Mastercard, Visa)
The global standard for smart payment card technology, including contactless NFC payments. EMV Contactless specifications define the communication between payment terminals and NFC-enabled cards or phones.
What Is EMV?
EMV (Europay, Mastercard, and Visa) is the global standard for smart payment card technology that defines how chip-based payment cards and terminals communicate. In the NFC context, EMV Contactless specifications govern how contactless payment transactions are processed when a consumer taps their card, phone, or wearable on a POS terminal. EMV is managed by EMVCo, a consortium owned by the six major payment networks: Visa, Mastercard, American Express, Discover, JCB, and UnionPay.
EMV Contactless Architecture
The EMV Contactless specifications build on the ISO 14443 physical layer and add payment-specific application protocols. The architecture consists of four specification levels:
| Level | Name | Function |
|---|---|---|
| Level 1 | Entry Point | Physical interface, collision detection, protocol activation |
| Level 2 | Kernel | Card-scheme-specific transaction processing |
| Level 3 | Application | Business logic, risk management |
| Level 4 | Configuration | Terminal parameters, scheme-specific settings |
Each payment network defines its own Level 2 kernel: Visa payWave (Kernel 3), Mastercard PayPass (Kernel 2), American Express ExpressPay (Kernel 4), and so on. A POS terminal must implement all kernels for the card schemes it supports.
Transaction Flow
An EMV Contactless transaction follows a standardized sequence within milliseconds of the tap-to interaction:
- Polling. The terminal polls for NFC-A and NFC-B devices at the operating frequency of 13.56 MHz.
- Entry point. The terminal activates the card and reads the Proximity Payment System Environment (PPSE) to discover available payment applications.
- Application selection. Based on the PPSE response, the terminal selects the preferred payment application using its AID.
- Kernel processing. The scheme-specific kernel manages the exchange of transaction data, risk assessment, and cryptogram generation.
- Outcome. The kernel returns an outcome (approved, declined, try another interface) that the terminal acts upon.
Offline vs Online Authorization
EMV supports both offline and online transaction authorization. In offline mode, the card or secure element independently validates the transaction against stored risk parameters (spending limits, transaction counters). If the transaction exceeds offline limits or the risk parameters require it, the terminal performs online authorization by connecting to the card issuer's backend.
Contactless transactions below the cardholder verification method (CVM) limit typically proceed with no cardholder verification (NoCVM). Above the CVM limit, the terminal requests a PIN or device-based authentication (fingerprint, Face ID). These limits vary by country and card network.
EMV and NFC Security
Every EMV transaction generates a unique Application Cryptogram (AC) using symmetric (AES or 3DES) or asymmetric cryptography. This cryptogram proves the card's authenticity and the transaction's integrity. Even if an attacker intercepts the transaction data, the cryptogram cannot be reused for a different transaction, making replay attacks ineffective.
EMV Contactless vs Chip-and-PIN
EMV Contactless uses the same underlying security as chip-and-PIN transactions but optimizes for speed. The contactless interface skips the time-consuming chip-and-PIN insertion and PIN entry process, completing most transactions in under 500 milliseconds. This speed advantage is the primary driver of contactless payment adoption worldwide.
Related Terms
Related Content
NFC vs RFID: Detailed Comparison
Getting Started…ndef ) No equivalent standard Contactless payment Yes (via emv , hce ) Limited (proprietary) NFC Forum certification…
React Native NFC Guide
Programming…authentication or reading structured application data from emv or DESFire cards, use NfcTech.IsoDep : await…
NFC Security Deep Dive
Security…logic (GPS cross-check for high-value transactions) - emv transaction limits enforced by issuers Cloning and…
NFC Relay Attack Explained
Security…Research teams have demonstrated relay attacks against EMV contactless payments with total latency under 200 ms —…
NFC for Payments
Industry…transaction in under 500 ms. The technology behind this is emv Contactless — a global standard developed by Europay,…
NFC in Public Transit
Industry…proprietary closed-loop transit systems and the open-loop EMV contactless standard that is transforming urban ticketing.…
NFC in Retail
Industry…Contactless Payments at POS Retail point-of-sale NFC uses EMV contactless payments. The POS terminal is an nfc-reader…
ISO 14443 Protocol Deep Dive
Advanced…card response bytes. Layer Structure Application (EMV, NDEF, DESFire application) ↕ ISO 14443-4 (T=CL transport:…
Frequently Asked Questions
The NFC glossary is a comprehensive reference of technical terms, acronyms, and concepts used in Near Field Communication technology. It is designed for developers, product managers, and engineers who work with NFC and need clear definitions of terms like NDEF, APDU, anti-collision, and ISO 14443.
Each glossary term is cross-referenced with related NFC chips, standards, and other terms. For example, the term 'AES-128' links to chips that support AES encryption (NTAG 424 DNA, DESFire EV2/EV3), and the term 'ISO 14443' links to all chips compliant with that standard.
Yes. NFCFYI provides glossary definitions in 15 languages including English, Korean, Japanese, Chinese, Spanish, Portuguese, Hindi, Arabic, French, Russian, German, Turkish, Vietnamese, Indonesian, and Thai. Use the language selector in the header to switch languages.