Click to Skip Ad
Closing in...
  1. Best Prime Day TV Deals
    16:38 Deals

    Best Prime Day TV deals: Samsung, LG, Vizio, and more

  2. Amazon Deals
    07:57 Deals

    10 deals you don’t want to miss on Sunday: Rare Nest Thermostat deal, $6 Kasa smart plugs, Instant Pot accessories, more

  3. Prime Day Laptop Deals
    15:18 Deals

    Prime Day 2021: Best laptop deals

  4. Best Prime Day Phone Deals
    18:12 Deals

    Best Prime Day phone deals: Apple iPhone, Samsung Galaxy and more

  5. Amazon Deals
    07:56 Deals

    10 deals you don’t want to miss on Saturday: Early Prime Day blowout, $50 off AirPods Max, $20 Blink Mini cam, more

Google Wallet doesn’t properly protect personal data, security firm says

December 13th, 2011 at 11:05 PM

Security firm ViaForensics recently said Google Wallet does not properly protect personal data, including credit card balance information, on a rooted Nexus S smartphone. Google Wallet is an NFC-based mobile payment system for Android that is accepted by a number of retailers in the United States. It is currently only officially available on the Nexus S and Nexus S 4G. “While Google Wallet does a decent job securing your full credit cards numbers, the amount of data that Google Wallet stores unencrypted on the device is significant,” ViaForensics said in a recent report. “Many consumers would not find it acceptable if people knew their credit card balance or limits.” Read on for more.

ViaForensics also worries that hackers could use the unprotected information to successfully attack someone using social engineering. A hacker, for example, might call and verify your address, when you last used your credit card, the last 4 digits of your card and the expiration date and ask for your full credit card number.

Only a subset of users — those with rooted devices — should be worried, however. “The ViaForensics study does not refute the effectiveness of the multiple layers of security built into the Android OS and Google Wallet,” Google said in a statement provided to CNET. “This report focuses on data accessed on a rooted phone, but even in this case, the secure element still protects the payment instruments, including credit card and CVV number. Android actively protects against malicious programs that attempt to gain root access without the user’s knowledge. Based on this report’s findings we have made a change to the app to prevent deleted data from being recovered on rooted devices.” Google also said that another security issue revealed in the ViaForensics report has already been addressed in a software update.

[Via CNET]


Popular News