In the world of mobile technology, NFC refers to "near field communications". It is a series of technologies which use radio frequencies to communicate tiny bits of data over ultra-short distances. In the typical scenario, an RFID tag must be within 4 centimetres of a reader device for communication to occur.
Though the technology has existed for decades, recent advances have finally allowed smartphones to act as both the tag and the readers.
Tags come in two variants; passive tags contain no power source of their own, and hold very small data payloads, usually less than 256 bytes. Industry is able to produce these tags in very minute sizes - as thin as a piece of paper and smaller than a fingernail.
Active tags require a power supply and are able to hold substantial amounts of information (up to 4K bytes)
Most smartphones being produced in 2013 include the chipsets required for NFC solutions. The significant holdout is, of course, the Apple iPhone.
When a Tag is passed through the electrical field generated by the Readers' antenna, a unique signature pattern can be detected. The payload of this pattern is a tiny message. Industry standards currently allow for 5 types of messages: Text , URI, Smart Poster, Signature, Handover
In Writer mode, the process remains the same, but new data will be added to the card.
Security in an NFC devices relies on a tiny onboard protected datastore called the "Secure Element". Access to this area is restricted by cryptographic keys. The Secure Element can be either embedded in the device by the manufacturer, or added by 3rd parties via an SD slot or the SIM card. Most solutions use methods A) and C)
The current industry norm involves a "man-in-the-middle" security strategy using a 3rd-party "Trusted Services Manager" (TSM). For a credit card solution, the TSM holds crypto keys from the bank (card issuer) as well as the cellular carrier (owner of the SIM-based Secure Element).
Writing wallet-type software applications to interact with items stored in the Secure Element requires working closely (and contractually) with the TSM and/or carrier.
Software Links: SEEK-for-Android (Secure Element Evaluation Kit)