Android phones equipped with the NFC feature can be used to read tags to automate a task for home automation. In this case, the setup used is a Zigbee/Z-Wave Hub such as the Samsung Smartthings Hub and 3 apps – NFC Trigger, Tasker, and SharpTools. When all 3 apps are programmed together, it is possible to trigger the routine for the home automation task.
It is not expected to be a security risk at all because the NFC tag does not store any personal information. It only stores a trigger routine that tells the smartphone what tasks to run. In this case, when the NFC tag is tapped, it triggers actions and routines to run on the smartphone to do home automation tasks, such as unlocking door locks, turning off the lights, etc.
The smartphone must be logged in to the Samsung Smartthings app in order to function properly, and the phone itself likely is secured by Iris Scan, or PIN.
So the NFC Tag is useless to a thief.