Published in News
Google wallet is security risk
by Nick Farrell on13 February 2012
Could be nicked by people on Vespas
It looks like a Google wallet is just as easy to pick as a leather one from an American tourist in outside the Colosseum.
Your average tea leaf does not have to sneak past coppers on his Vespa, snatch a handbag before driving off into Roman traffic in a cloud of purple smoke. According to Security researcher Joshua Rubin, who is a senior engineer with zvelo there is a vulnerability in the Google mobile payments platform.
The software allows people to make payments by waving their phone at a check-out terminal, instead of using a credit card and they are being seen as the next big thing. Rubin developed an app dubbed Wallet Cracker that he says can break the four-digit PIN required to launch the Google Wallet app.
Google knows about the problem and the search engine has agreed to work quickly to resolve it, he said. But Google said that while that was true, the zvelo study was conducted on their own phone, on which they disabled the security mechanisms that protect Google Wallet by 'rooting' the device.
Google said that people should not install Google Wallet on "rooted" devices and that they should set up a screen lock as an additional layer of security if they use the software.