NFC mobile currency transfer

What is claimed is: 1 . A computer-implemented method, comprising: receiving, by a server, a first cryptogram from an application executing on a first device, the first cryptogram generated by an authentication applet of a contactless card associated with a first account; incrementing, by the server, a counter value associated with the contactless card to generate a first counter value associated with the contactless card; generating, by the server, a first diversified key based on encrypting a master key of the contactless card and the first counter value; verifying, by the server, the first cryptogram based at least in part on decrypting the first cryptogram using the first diversified key; receiving, by the server from the application, a request to transfer funds from the first account to a second account; receiving, by the server, a second cryptogram generated by the authentication applet of the contactless card; incrementing, by the server, the first counter value to generate a second counter value associated with the contactless card; generating, by the server, a second diversified key based on encrypting the master key and the second counter value; verifying, by the server, the second cryptogram based at least in part on decrypting the second cryptogram using the second diversified key; and authorizing, by the server, the request to transfer funds from the first account to the second account based on the verification of the first and second cryptograms. 2 . The method of claim 1 , wherein the contactless card includes the authentication applet and a transaction applet, wherein the authentication applet is distinct from the transaction applet. 3 . The method of claim 1 , wherein the first and second cryptograms comprise message authentication code (MAC) cryptograms, the method further comprising: processing, by the server, the request to transfer funds from the first account to the second account. 4 . The method of claim 1 , further comprising: receiving, by the server from the application executing on the first device, an indication that the first account has been authenticated based on received input comprising one or more of a username and a password for the first account, or biometric credentials for the first account; and receiving, by the server from an application executing on a second device, an indication that the second account has been authenticated based on received input comprising one or more of a username and a password for the second account, or biometric credentials for the second account. 5 . The method of claim 1 , further comprising: determining, by the server, that the second cryptogram is received within a threshold amount of time of receiving the first cryptogram, wherein the server authorizes the request further based on the determination that the second cryptogram is received within the threshold amount of time. 6 . The method of claim 5 , further comprising: starting a timer by the server responsive to receiving the first cryptogram from the first device, wherein the server determines that the second cryptogram is received within the threshold amount of time of receiving the first cryptogram based on the timer. 7 . The method of claim 1 , wherein: verifying the first cryptogram comprises determining that a customer identifier yielded by decrypting the first cryptogram matches a customer identifier associated with the first account; and verifying the second cryptogram comprises determining that a customer identifier yielded by decrypting the second cryptogram matches the customer identifier associated with the first account. 8 . The method of claim 1 , wherein the first and second counter values are synchronized between the contactless card and the server. 9 . A non-transitory computer-readable storage medium, the computer-readable storage medium including instructions that when executed by a processor, cause the processor to: receive a first cryptogram from an application executing on a first device, the first cryptogram generated by an authentication applet of a contactless card associated with a first account; increment a counter value associated with the contactless card to generate a first counter value associated with the contactless card; generate a first diversified key based on encrypting a master key of the contactless card and the first counter value; verify the first cryptogram based at least in part on decrypting the first cryptogram using the first diversified key; receive, from the application, a request to transfer funds from the first account to a second account; receive a second cryptogram generated by the authentication applet of the contactless card; increment the first counter value to generate a second counter value associated with the contactless card; generate a second diversified key based on encrypting the master key and the second counter value; verify the second cryptogram based at least in part on decrypting the second cryptogram using the second diversified key; and authorize the request to transfer funds from the first account to the second account based on the verification of the first and second cryptograms. 10 . The computer-readable storage medium of claim 9 , wherein the first and second cryptograms comprise message authentication code (MAC) cryptograms, the method wherein the instructions further configure the computer to: process, by the server, the request to transfer funds from the first account to the second account. 11 . The computer-readable storage medium of claim 9 , wherein the instructions further configure the computer to: receive, from the application executing on the first device, an indication that the first account has been authenticated based on received input comprising one or more of a username and a password for the first account, or biometric credentials for the first account; and receive, from an application executing on a second device, an indication that the second account has been authenticated based on received input comprising one or more of a username and a password for the second account, or biometric credentials for the second account. 12 . The computer-readable storage medium of claim 9 , wherein the instructions further cause the processor to: determine that the second cryptogram is received within a threshold amount of time of receiving the first cryptogram, wherein the request is further authorized based on the determination that the second cryptogram is received within the threshold amount of time. 13 . The computer-readable storage medium of claim 12 , wherein the instructions further cause the processor to: start a timer responsive to receiving the first cryptogram from the first device, wherein the determination that the second cryptogram is received within the threshold amount of time of receiving the first cryptogram is based on the timer. 14 . The computer-readable storage medium of claim 9 , wherein: verify the first cryptogram comprises instructions that when executed by the processor cause the processor to: determine that a customer identifier yielded by decrypting the first cryptogram matches a customer identifier associated with the first account; and verify the second cryptogram comprises instructions that when executed by the processor cause the processor to: determine that a customer identifier yielded by decrypting the second cryptogram matches the customer identifier associated with the first account. 15 . The computer-readable storage medium of claim 9 , wherein the first and second counter values are synchronized between