No need for a second pin. The NFC or wallet service will have security built in for sure. Entering pins would defeat the purpose of a fast transaction. The idea of a pin seems very unlikely to me.
If it's phone theft you're worried about then just lock your phone.
You think that you're going to take your phone and just point it at something and let it take cash out without you doing anything?
The Security benefit of digital wallets is THE PIN. People in Europe already have this on Credit Cards.. only the US is effed up and stupid.
I want to find any digital wallet company that has the balls to take responsibility for fraudulent activity without a secured app / transaction especially if it's independent of the bank.
I can see the support calls.
USER: "Someone put $1,000 of purchased on my phone and my bank account is empty"
BANK: "Sorry it's direct bank debit, any debits have to be authorized so you must have authorized it."
USER: "WTF? It's your fault!"
BANK: "Sorry. Any withdrawal from your bank has to be authorized."
USER: "Well I authorized DigiWallet. They have access to it"
BANK: "Then call DigiWallet and see if you can recover your losses there is ZERO NADA other recourse"
Hang Up.
USER: "Someone put $1,000 of purchased on my phone and my bank account is empty"
DIGIWALLET IN YOUR LALA LAND: "Luckily for you we cover any losses through fraudulent use of our App. You'd be surprised how often people leave their phone unlocked.. we might save some losses if we secured the transaction... but what the hell, right? Who cares? We're underwritten by Llosers of London"
Bottom line
People will need:
A passcode for the Phone
At minimum one of and likely both:
You will need a passcode for the App
You will need a passcode/PIN for the transaction
One technology exists that does all this in one. Clue?
WAVE and pay
What really pisses me off? I have passwords with punctuation... ever tried to do that on a phone? It's like a 20 button press frickin nightmare to put in a 6 char password.