Last week, Gemalto, the world's largest maker of cell phone SIM cards, admitted it was the target of "sophisticated attacks" by American and British spy agencies. This week, the company is asking brands to trust it with mobile payments.

On Tuesday, Gemalto and Tapit, a mobile ad-tech firm, are launching an app that allows consumers to buy a myriad of internet-connected items with one touch from a smartphone. It's feasible thanks to near-field communication (NFC) chips in "tens of thousands of products," said company co-founder Andrew Davis. In the past, the Australian startup has worked mostly with content discovery: shoppers could tap a Samsung tablet with their smartphone, for instance, and be directed to a mobile web site on the product. Mr. Davis said the company works with 60 brands.

Now, it is turning that capability into mobile commerce, allowing customers to charge the purchases through Gemalto's billing services. The offering is starting with small purchases and according to Tapit "the payment is done directly via carrier billing which is completed through the browser."

It is launching in Australia and the U.K., but Mr. Davis said the company plans to arrive in the U.S. in June.

It may have to deal with a hit to Gemalto's reputation. Last week, the website The Intercept, using information from whistleblower Edward Snowden, reported that the NSA and its British counterpart had tapped into Gemalto's system and lifted encryption data from its SIM cards. In a release, the company said the breach "probably happened," although it specified it only affected phones on older, less-secure 2G networks.

A representative from Gemalto, which bills itself as "the world leader in digital security," did not return requests for comment.

Tapit noted that its new payment service works with a different business division of Gemalto. "They are the biggest SIM provider, they are the most secure, and I'm sure they will be targeted many times in the future," Mr. David said. "But we couldn't ask for a better partner."