An NFC metal card is one of the more divisive pieces of crypto hardware. To some people it looks like a gimmick — a credit-card-shaped accessory in a space that already has hardware wallets and seed phrases. To others it is the single most practical security upgrade they have made, because it replaces a fragile paper backup or a phone-only setup with something you can carry in a wallet, drop on concrete, and tap to authorize an action in under a second. Both reactions are reasonable. The catch is that "Web3 wallet with an NFC metal card" describes at least two fundamentally different products, and choosing well means understanding which one you are actually buying.
This guide walks through why a metal card exists at all, the two design philosophies behind the cards on the market, the durability and chip specs that genuinely matter, how the WATS card works, and an honest comparison so you can pick by threat model rather than by marketing. WATS makes one of these cards, and I will place it honestly — including where a different approach fits you better.
Why an NFC metal card at all
Two problems push people toward a physical card. The first is durability. A seed phrase written on paper is a single point of failure that water, fire, fading ink, and a curious roommate can all destroy. People hide them, forget where, and then panic. A metal card moves the physical artifact into a format that survives a washing machine and a dropped phone, and that you are far less likely to misplace because it lives where your other cards live.
The second is the tap interaction itself. Typing a long passphrase or confirming a transaction by squinting at a tiny hardware-wallet screen is friction, and friction is where mistakes happen. Tap-to-act is a UX most people already trust from contactless payments and transit gates. Holding a card to the back of a phone is fast, hard to fumble, and naturally requires the physical object to be present — which is the whole point. Compared with a phone-only wallet, where everything that protects your funds lives inside one device, a card adds a second, offline factor you physically control.
So the appeal is real. But "the card" can mean two very different things, and that distinction matters more than any spec sheet.
Two design philosophies
Every NFC metal card you can buy today sits in one of two camps. Neither is strictly better than the other — they are built for different threat models, and conflating them is the single most common mistake buyers make.
Philosophy A: the key-storage cold card
In this model, the card is the wallet. The private key is generated on the card, never leaves it, and the card itself signs transactions offline when you tap it. Tangem is the best-known example. The chip holds the secret; your phone is just a screen and a relay to the network. The strength here is obvious: the key never touches an internet-connected device, so remote malware has nothing to steal, and there is famously no seed phrase to write down at all.
The trade-offs are the flip side of that strength. The card is now a critical key holder, so people typically buy a set of two or three and store them separately as backups — losing every copy can mean losing access. Your interaction surface is whatever the companion app supports, and a cold card is, by design, a focused signing device rather than a full multi-product wallet. If your mental model is "an offline vault I tap to sign," this philosophy is exactly right.
Philosophy B: the authentication companion
In this model, the card does not hold your private key. Instead it authenticates access and enables tap-to-sign, while the keys stay inside the non-custodial wallet apps on your devices. This is the WATS approach. Tapping the card is a hardware confirmation factor layered on top of the app's own protections — a second thing you must physically possess to authorize sensitive actions — rather than the place your secret lives.
The trade-off is the mirror image of Philosophy A. Because the card is not your only key, losing it is an inconvenience rather than a catastrophe: you keep operating from the wallet apps and order a replacement. But it also means the card alone is not an air-gapped cold vault — its security is part of a larger system that includes the apps and, in the WATS Hot Wallet, dual-custody key splitting (more on that below). If your mental model is "a durable hardware factor that makes my everyday wallet harder to compromise without becoming a single point of failure," this philosophy is the better fit.
The honest summary: a cold card optimizes for keeping the key offline at the cost of making the card itself precious. An authentication companion optimizes for resilience and everyday use at the cost of not being a standalone air-gapped vault. Pick the trade you actually want.
Durability and specs that actually matter
Spec sheets for these cards can read like alphabet soup, so here is what each item is really telling you. These are the documented WATS card specs; they are also a useful checklist for evaluating any metal card.
- IP68 water and dust resistance — rated for submersion at roughly 1.5 m for 30 minutes. In plain terms: surviving rain, spills, and an accidental trip through the laundry.
- MIL-STD-810 — a US military environmental-testing standard covering temperature and physical stress, with an operating range around −40°C to +85°C. This is the difference between "survives a hot car and a cold mailbox" and "warps."
- EMI / radiation shielding — guards the embedded chip against electromagnetic interference, so the card keeps working reliably near other electronics.
- NTAG 216 chip, NFC Forum Type 4 — a widely supported, standards-compliant NFC tag with enough memory for the authentication data the card needs. "Type 4" means broad phone compatibility.
- AES-128 encryption — a strong, standard symmetric cipher securing the contactless handshake between card and app.
- ISO/IEC 14443 at 13.56 MHz — the same contactless standard and frequency your bank card and transit pass use, which is why tapping just works against the back of a modern phone.
- CR-80 form factor — the standard credit-card size and shape (about 85.6 × 54 mm), so it slots into any normal wallet. A steel card runs around 22 g; a polycarbonate version around 5 g.
One thing worth stating plainly, because the marketing in this category often blurs it: a chip spec like NTAG 216 with AES-128 describes a robust, encrypted NFC tag. It is not the same as a private-key vault, and the WATS card is not marketed as one. Be skeptical of any card whose claimed security tier does not match what it actually does.
How the WATS card works
The WATS NFC Metal Card is firmly in Philosophy B: it is a tap-to-authenticate companion, and your keys stay in the non-custodial WATS apps. In practice there are two everyday uses. First, you tap to authenticate — a physical confirmation that you, holding the card, are present to unlock or approve access. Second, you use NFC tap-to-sign with the WATS mobile app: when you authorize a transaction, tapping the card to the phone provides a hardware confirmation step on top of the app's biometric unlock.
Because the card does not store the private key, it is not a single point of failure. It complements the wallet rather than replacing it. It is also worth separating this from dual custody, which is a distinct WATS feature: the WATS Hot Wallet splits control across a user key and a WATS key, so neither party can move funds alone. Dual custody is about how keys are held; the card is about adding a physical factor to access and signing. They reinforce each other, but they are not the same mechanism — and the card does not change who holds the keys.
If you want the full technical breakdown of the chip, the handshake, and exactly what happens if you lose the card, see WATS NFC Metal Card security, explained, and the product page at /nfc-card.
Comparing the two approaches
This table is deliberately qualitative — no prices, no invented benchmarks. It is meant to map each philosophy to the question that actually decides which one you want.
| What matters to you | Key-storage cold card (e.g. Tangem) | Authentication companion (e.g. WATS) |
|---|---|---|
| Design philosophy | The card is the wallet; it signs offline | The card authenticates access and enables tap-to-sign |
| Where the private key lives | On the card, never leaves it | In the non-custodial WATS apps, not on the card |
| What chains and actions you get | What the companion cold-card app supports | The full WATS app surface across EVM, Solana and TON |
| If you lose the card | Critical — rely on your backup card(s) | Inconvenience — keep using the apps, order a replacement |
| Physical durability | Metal, built to last | IP68, MIL-STD-810, EMI-shielded, NTAG 216 / AES-128 |
| Best mental model | An offline vault you tap to sign | A durable hardware factor for an everyday wallet |
Bottom line
Pick by threat model, not by which card looks shinier. If your priority is keeping a private key fully offline and you are comfortable treating the card as a precious, backed-up artifact, a key-storage cold card like Tangem is the right tool, and you should buy a set and store the copies apart. If your priority is a durable hardware factor that hardens an everyday non-custodial wallet — without making the card a single point of failure, and with the breadth of the WATS apps and dual-custody security behind it — then an authentication companion like the WATS card fits better.
Neither approach is the "smart" choice and the other the naive one. They answer different questions. The mistake is buying one while expecting the behavior of the other. If you want to go deeper, compare the products directly in WATS Wallet vs Tangem, or read the security deep-dive at WATS NFC Metal Card security, explained.
FAQ
Does the WATS metal card store my private keys?
No. The WATS card is a tap-to-authenticate companion. Your keys stay in the non-custodial WATS apps. The card adds a physical confirmation factor for access and tap-to-sign; it is not key storage and not a standalone cold wallet.
If I lose the WATS card, do I lose my funds?
No. Because the card is not your only key, losing it does not move funds. You keep operating from the WATS mobile app and Chrome extension, and you can order a replacement card. Follow the WATS docs for the exact steps.
Is a key-storage cold card more secure than an authentication companion?
It depends on your threat model. A cold card keeps the private key fully offline, which is excellent against remote malware but makes the card a critical artifact to back up. An authentication companion prioritizes resilience and everyday use as one factor among several. They optimize for different risks rather than one being universally safer.