Click to Skip Ad
Closing in...
  1. Best Memory Foam Mattress
    12:31 Deals

    When 75,000 Amazon shoppers rave about a $130 memory foam mattress, you need to check it o…

  2. Best Wireless Charger For iPhone
    13:04 Deals

    3-in-1 wireless charging station for Apple devices is down to $17 at Amazon

  3. Philips Sonicare Deals On Amazon
    08:45 Deals

    These Philips Sonicare deals on Amazon will brighten any smile

  4. Amazon Smart Home Deals
    08:08 Deals

    5 smart home devices on Amazon you’ll wonder how you ever lived without

  5. 4K Projector Amazon
    13:45 Deals

    Last chance to save $150 on XGIMI’s mind-blowing new 4K projector

Google Wallet doesn’t properly protect personal data, security firm says

December 13th, 2011 at 11:05 PM

Security firm ViaForensics recently said Google Wallet does not properly protect personal data, including credit card balance information, on a rooted Nexus S smartphone. Google Wallet is an NFC-based mobile payment system for Android that is accepted by a number of retailers in the United States. It is currently only officially available on the Nexus S and Nexus S 4G. “While Google Wallet does a decent job securing your full credit cards numbers, the amount of data that Google Wallet stores unencrypted on the device is significant,” ViaForensics said in a recent report. “Many consumers would not find it acceptable if people knew their credit card balance or limits.” Read on for more.

ViaForensics also worries that hackers could use the unprotected information to successfully attack someone using social engineering. A hacker, for example, might call and verify your address, when you last used your credit card, the last 4 digits of your card and the expiration date and ask for your full credit card number.

Only a subset of users — those with rooted devices — should be worried, however. “The ViaForensics study does not refute the effectiveness of the multiple layers of security built into the Android OS and Google Wallet,” Google said in a statement provided to CNET. “This report focuses on data accessed on a rooted phone, but even in this case, the secure element still protects the payment instruments, including credit card and CVV number. Android actively protects against malicious programs that attempt to gain root access without the user’s knowledge. Based on this report’s findings we have made a change to the app to prevent deleted data from being recovered on rooted devices.” Google also said that another security issue revealed in the ViaForensics report has already been addressed in a software update.

[Via CNET]


Popular News