Every NFC chip has a 4- or 7-byte UID, and usually manufactures guarantee that the 7-byte UID is unique. Also authentic chips manufactured by NXP Semiconductors have a 32-byte ECC signature that is also easy to read.
A simple NFC reader in a phone or in a vending machine can read this data, do SHA256 hash on it, and that would be a private key for blockchain operation. For example, a shopkeeper would see the public key, and send some deposit tokens or fidelity points to an associated EOSIO account. A vending machine can automatically deduct some amount from such an account.
One issue is that most NFC cards in your wallet have a 4-byte UID. It gives only 4 billion possible combinations, so a private key would be cracked within a day. Most chips that are used are Mifare Classic chips which have a very poor security schema. The data on such a chip can be cracked and modified within minutes, or at maximum an hour.
The newest generation NTAG213/215/216 chips by NXP Semiconductors have 7-byte UID, and are accompanied with vendor ECC signature. This would produce a much more reliable private key. Also an application can write and lock some random seed in the memory sectors of the chip.
Here’s a simple demo of reading the UID and vendor signature and producing a private key. The program prints out a corresponding public key:
EDIT: I applied two Motorola Android phones of different generations to the reader, and it showed the UID differing in one byte only. Not really good for any practical use.
