"For one, your credit card number & such never leave your phone during a transaction - so no need to worry that the store taking your payment stores your CC info"
People seem to be focusing on the security at the moment of the actual transaction here, but that's a misleading view. The concern should be the security of the entire system overall, not just at the point of sale.
You may need to worry less about skimmers grabbing your details at the store, but in exchange you need to worry more about hackers grabbing the details from your phone, and about the security and trustworthiness of the extra entities (Apple, Google, the payment processor used, etc.) that you're bringing into the transaction.
In that sense, bonk-to-pay appears to expand the attack surface rather than reduce it.