Plus your card is half-way back to your wallet before the first call is even made when you swipe it, but with the chip, you can't retrieve your card from the machine until the transaction is done. Even if the transaction took exactly the same amount of time, the chip method takes longer because your execution thread is blocked waiting for a resource to be released.

A more interesting question for me is: why are NFC credit cards so much faster than chip ones? Presumably they require the same kind of round trip challenge-response with their internal chip, but I have heard they're much faster.

Pretty sure NFC transactions are "offline", i.e. the round trip to the bank happens after the card has left the reader.

Often the round trip to the bank happens after the card has left the reader but before the txn is authorised (i.e. the device prints a receipt, customer gets the product or service), that's still an online transaction.

Sometimes.

Paying for the bus for me is offline, whereas in a supermarket it's processed online

That's probably optional, I usually get an Amex push notification from NFC transactions right after they occur (before I have time to put my phone back in my pocket).

From experience in two European countries, this is not always the case. I have both a Visa and MC cards which can be used in contactless mode for transactions of any size, up to the card limit. For low amounts (<40EUR) the PIN is not requested. For larger transactions I have to enter the PIN, but I don't need the chip.

In the UK, Contactless is PIN free, hence the low floor limit. Anything over that amount (£30 typically) requires Chip+PIN, and remote authentication.

Just from my personal experiance in Switzerland I think this is mostly the case, but not always. I have a contactless Visa with a rather low limit that I use for small day to day purchases. I only use it contactless and most of the time I can go over the monthly limit if I only use it contactless. Sometimes if I do this it will still be declined by a shop due to «insufficient funds», so some contactless terminals must be calling home. At this point the Card stops working at any terminal, even the contactless kind. I have to wait for the next month and use it the Chip and Pin way once to make it work again.

AFAIK (please correct me if I'm wrong) NFC is more akin to magnetic strip than chip cards are. i.e. a virtual number is created for each transaction that is tied to the merchant / time of use. so, you get an id from the merchant (i.e. direct communication between you and reader) you get a virtual number from you credit card provider (1 internet trip), and you give that virtual number to the reader), then phone is back in pocket while it does its thing.

Samsung pay even cuts out any knowledge of the reader, just gives a virtual number to the credit card mag reader.

NFC uses the same protocol and transaction flows as contact chip EMV. Only designed-in difference with regards to speed of processing is that card contains additional application that returns AID that should be used instead of terminal trying AIDs it knows blindly. Another thing is configuration. NFC typically has many "slow" transaction flows disabled (ie. anything that requires the card to be still present after some other interaction, be it pin entry or reply from payment processor).

If we're talking about contactless EMV cards (Phone NFC may be otherwise), then they do pretty much the same thing crypto-wise as in a contact transaction, the chip receives the transaction from the terminal.

The main practical difference is that you can't update the on-card data depending on the transaction outcome, since the card isn't there any more.

Some of them are just like swiping your card - e.g. they just pass the same data as a swipe in one pass and go.

The other kind, AIUI, are indeed the same as the chip transactions, with all that entails.

e: Other posts seem to say that all the contactless transactions are offline, which means no multiple expensive round trips upstream either way, so nevermind.

Can you give an example of how the heck an EMV transaction could require 5 round trips ?

IIRC it should come down to 0 or 1 roundtrips, depending on the amount and risk profile - in most cases you do an offline authorization where only the chip is involved to verify the txn, PIN(if applicable) and limits; and if you can't do that, then you send an online authorization, get a response, and that's it. There's extra communication afterwards in the workflow, but that happens after the customer has left and has no impact on customer-observed latency.

Next question then becomes why it needs those additional trips? Authorization is already done on the chip, it should only need to verify the amount is available.

+1. Not to mention each party will have their own VPN's so internal hops to the right machines. That said - these days even swipe reads have multiple payment processing flows especially for co-branded cards.