Android 10 Hack allow apps to capture NFC and RFID card from wallets
The malicious code can perform 2 type of copying and cloning contactless cards.
The code can run inside of other apps and scan the environment every 5 min if something is found the cards info are store and prepare for the payment moment
The malicious code run from other phone targeting specific cards
The captured data is sent through live socket to other app that can performs an payment.
How it is works, to perform an payment the bad guys need 2 android phones with Android 10 - Operating system installed. One guy will stay in the store cash register ready to pay and other in the same time was 30 seconds to scan wallets with his phone.
Here are the apps:
ANDROID 10 - NfcProvisioning