PaymentsJournal
No Result
View All Result
SIGN UP
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
PaymentsJournal
  • Commercial
  • Credit
  • Debit
  • Digital Assets & Crypto
  • Digital Banking
  • Emerging Payments
  • Fraud & Security
  • Merchant
  • Prepaid
No Result
View All Result
PaymentsJournal
No Result
View All Result

Google Wallet PIN Hack Still Works, But …

By Mercator Advisory Group
August 14, 2012
in Analysts Coverage
0
0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn
B2B Payments' Can Fintech Finally Connect Business Payments to the Digital Wave? - PaymentsJournal

The same white-hat hacker who broke the PIN handling of Google Wallet 1.0 has discovered that the same, or a very similar, hack works against the new and improved, cloud-oriented Google Wallet 2.0. This issue only occurs on rooted Android handsets, so it is easy to have some sympathy with Google’s stance that it cannot secure Wallet on a phone whose security has been compromised. But the issue does persist and it is possible for a phone to fall into someone else’s hands who, themselves, will root the device and be able to compromise the PIN code.

As with all electronic payment methods, the security of Google Wallet is still a work in progress. Google has much bigger challenges for Wallet. It needs Verizon Wireless, AT&T Mobility, and T-Mobile (the Isis triumvirate) to allow Google Wallet access to the secure element on the devices it controls. And that’s not likely for the time being.

While the PIN hack is a concern, it is not a fatal flaw by any means. Indeed, between its launch and the new version, Google Wallet has changed its card handling model in a way that may enhance security. If nothing else, this is not a security issue to get excited about. Just don’t root your phone.

From Security Watch:

“This new update changes Google Wallet from a way to store and pay directly with your payment cards to a NFC Google Checkout service,” wrote Intrepidus senior consultant Max Sobell in a blog post.

But with less data stored locally, the threat landscape is shrunk.

“I would say that one-off fraud is much safer because all payments now go through Google’s ‘virtual’ card, and then are passed off to your credit card within Google’s environment,” Intrepidus senior consultant Max Sobell told Security Watch. “In previous Wallet builds, your credit card details were going through the NFC interface unencrypted to the Point of Sale terminal.”

Click here to read more from Security Watch.

0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Get the Latest News and Insights Delivered Daily

    Subscribe to the PaymentsJournal Newsletter for exclusive insight and data from Javelin Strategy & Research analysts and industry professionals.

    Must Reads

    digital cards

    Beyond Plastic: Why Digital Cards Are the Future of Credit

    July 8, 2025
    What Premium Card Overhauls by Chase and Amex Reveal About the Credit Card Market

    What Premium Card Overhauls by Chase and Amex Reveal About the Credit Card Market

    July 7, 2025
    Rewire Acquires Imagen, Looking at Prepaid Cards for Migrant Workers

    Smells Like Team Spirit: What Makes Cobranded Credit Cards Work

    July 3, 2025
    uk banking outages

    New Continuous Strategies for Battling Account Takeovers

    July 2, 2025
    Fraud Monitoring

    What to Expect When Nacha’s Fraud Monitoring Rules Take Effect

    July 1, 2025
    payments

    Don’t Just React to What’s Next in Payments—Anticipate It

    June 30, 2025
    consumer debit

    As Payment Types Proliferate, Debit Cards Still Go Strong

    June 26, 2025
    Embedded Payments

    How Embedded Payments Is Optimizing the Expense Management Process

    June 25, 2025

    Linkedin-in X-twitter
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Commercial
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Digital Banking
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter
    • About Us
    • Advertise With Us
    • Sign Up for Our Newsletter

    ©2024 PaymentsJournal.com |  Terms of Use | Privacy Policy

    • Commercial Payments
    • Credit
    • Debit
    • Digital Assets & Crypto
    • Emerging Payments
    • Fraud & Security
    • Merchant
    • Prepaid
    No Result
    View All Result