Currently, NFC phones are coming in the handheld market, providing facilities to perform m-transactions. Obviously, this type of operation requires special security precautions. Indeed, a malicious code could intercept and hijack the system, even if there is a smart card. For example, the amount of the payment displayed in the terminal can be hijacked by an attacker to fool the user, or user's credential can be stolen thanks to a keylogger (and thus malicious codes can perform unwanted m-transactions automatically). This paper describes a security mechanism based on a graphical Turing test to prevent m-transactions submission by malwares. Firstly it introduces current m-transactions solutions. Then it explains the security mechanism that we propose to tackle the problem of untrusted handheld devices. It also underlines a proof of concept we implemented, to test its feasibility on a SIM card. Finally, it gives information on performances corresponding to the implementation that we made.