viaForensics claims Google Wallet has security issues

December 13, 2011

Views: 43

Google Wallet famously won't work on the slick Galaxy Nexus, which may bother some folks when that phone finally lands in the US. However, if you are the security-conscious sort that may not be a big deal to you in the wake of a recent report by a security firm called viaForensics that is claiming that the Google Wallet app isn't secure enough. American Banker reports that viaForensics found that app stores enough data on the phone itself that a well-crafted email from a nefarious sort could fool many users into giving up more credit card details.

ViaForensics reports that the Google Wallet app doesn't store the entire credit card number, but it stores data on purchases, the last four digits of the credit card number, and transaction history on the phone. The company thinks that malware would be able to get to the data store on the phone. Google responded by saying that viaForensics used a rooted smartphone in its testing and that the app is secure.

However, we have seen malware in the past that could bypass Android security; the malware was called Droid Dream. ViaForensics says that the data stored on the phone also offers details on card balances and payment due dates. The company says that the data it stores should not be stored unencrypted on the handset.

[via SlashGear]

Tags: , ,

  • snkossey

    I just had my Google account hacked and my credit card info used by someone to fraudulently purchase a bunch of Android apps.  I am super upset about this and there is nowhere on the Google site to advise them of this.  There is an e-form that I would have to submit each purchase, but there were like 30 of them so this would take all day.  I have deleted my cards and closed my account but am still very worried that my information is still accessible.  So much for increased security through Google!