swipe>unlock
password> 123456
AppX>locate, open
Permission?>Y/N
Its not frictionless either way. NFC cannot be trusted. You need to aknoweldge Y/N prior to letting anything write data onto a phone. Too much risk otherwise.
You don't need to location AppX, the Android Intent system (Android being the only consumer mobile platform with an NFC implementation at the moment) can respond to the data in the NFC tag and open the appropriate app.
I'm not claiming it's frictionless, but just that there's less friction than a QR code.
Its not frictionless either way. NFC cannot be trusted. You need to aknoweldge Y/N prior to letting anything write data onto a phone. Too much risk otherwise.