Hi,

Just a few comments about NFC security with respect to NFC skimming and other vulnerabilities. I am the developer of Satochip (https://satochip.io),  a hardware wallet based on a smartcard. Our devices support NFC (e.g. for mobile integration).

All communications with the card uses a secure channel which is encrypted and protected against replay attacks (among other). This means that even if a flipper 'sniff' the communication,  it will only get encrypted data. If it records a communication and ty to replay it (repeating same data), it will also not work.

Moreover any sensitive operation such as signing a transaction is protected by a PIN code, and this PIN is also sent encrypted to the card. In any case, the private keys are never exported outside of the chipcard!

The firmware running on the card is open-source and available on Github, so you can check in details what is being exchanged and verify that it is secured: https://github.com/Toporin/SatochipApplet

We also provide 2 other products based on smartcards:
* Satodime (satodime.io): a bitcoin bearer card to store bitcoin like a physical note with the private key stored on the card
* SeedKeeper (seedkeeper.io): a backup solution for your seeds