Google Wallet is the credit card payment system that has been recently launched by Google. Based on Near Field Communication (NFC), this system is said to have some serious advantages over physical credit cards we normally use because it allows for its users pay for their purchases only by entering the pin on the phone in the store. This system is available only in the United States now. It can be used only by Samsung Nexus S 4G smartphone users and only on two wireless providers, Sprint and AT&T. However, there is a great possibility of security vulnerabilities too that pose a great risk to Google Wallet users by allowing attackers to gain the access to this system without any user’s permission asked.
Among all the good things that have been mentioned about it on the web, security experts have also noticed some weaknesses. One of them is that Google decided to use only a four digit pin what may seem to be convenient only in the beginning of using this system. The greatest risk of this is that hackers can easily guess these numbers. In addition, researchers from Zvelo blog have also discovered that Google saves the pin in the encrypted form on the smartphone. With a help of the brute forcing software, this vulnerability allows to decrypt the information in no longer than a second after its run. According to the latest news, Google hasn’t fixed this vulnerability found on Google Wallet yet.
So, if you have started to use this system on your smartphone, pay attention to these things in order to keep your pin secure:
- Lock Screens. Enable this function to increase security on your smartphone.
- USB Debugging. Disable it to protect your data on mobile device and avoid being accessed without first passing a lock screen.
- Full Disk Encryption. Enable it in order to prevent USB Debugging from bypassing the lock screen.
- Avoid rooting your phone. Avoid this on your smartphone to prevent a thief.
- Update. This will guarantee that your device is filled with the latest official software.