Passive Near Field Communication (NFC) devices, such as contactless smart cards, use NFC to communicate with other devices without any physical connection or an internal battery source, deriving power inductively via the radio field generated by the NFC reader device. Today, many Point-of-Sale (PoS) terminals, credit cards, and also mobile devices are NFC-capable and facilitate contactless payments. Although the communication range is typically limited to a few centimeters, NFC attacks exist that exploit such contactless communication channels.This paper focuses on NFC relay attacks and shows that a practical relay attack on public transport PoS terminals, using off-the-shelf mobile devices and hardware, is feasible. Finally, countermeasures are discussed with the main finding that currently the best countermeasure against relay attacks is to physically shield an NFC device.