I’d assume so, but more importantly, for both, there’s a cryptographic signature being performed by the card. The credentials never leave the card — there’s a private key on the card, and what goes out is a signature on the transaction, which is useless for doing other transactions.
That’s not true for all cards, at the very least. Skimming wirelessly by RFID is or was a thing. The whole backbone of the credit card system is designed to expect the number.
I’d assume so, but more importantly, for both, there’s a cryptographic signature being performed by the card. The credentials never leave the card — there’s a private key on the card, and what goes out is a signature on the transaction, which is useless for doing other transactions.
That’s not true for all cards, at the very least. Skimming wirelessly by RFID is or was a thing. The whole backbone of the credit card system is designed to expect the number.