Does Google Wallet Securely Manage Sensitive Data?


Despite a growing number of Android users owning a handset capable of NFC transmissions, there’s still only a fraction of them able to officially access Google Wallet. We’ve looked at some work-arounds for bringing the mobile payment system to your phone, and the app’s availability should only increase as time goes on. Once you’re all up-and-running with Google Wallet, can you trust that it’s keeping your data secure? A new report on how the app manages its data shows both some hits and some misses.

You’d expect your credit card number to be stored with the highest security in mind, and that’s indeed the case with Google Wallet. The app records the card number only to the NFC chip’s secure storage, so not even a rooted phone will give up the info.

The potential problems arise with all the other little bits of data that are still accessible. With access to your phone, either physical or via the proper malware, an attacker could learn the last four digits of your card number, your name, your email address, and card expiration date. Combine that with a record of transactions you’ve made, and that cache of data is starting to look like quite the ammo for a social engineering or identity theft attempt.

It would definitely be in Google’s interest to store all this data encrypted on the phone, if only to make it that much more difficult to surreptitiously access. That said, this threat feels a bit overblown. We keep so much data on our phones anyway, that anyone with access is likely going to be able to learn a whole lot more about us than just these details stored in Google Wallet.

Source: Via Forensics


Share This Post
What's your reaction?
Love It
Like It
Want It
Had It
Hated It
About The Author
Stephen Schenck
Stephen has been writing about electronics since 2008, which only serves to frustrate him that he waited so long to combine his love of gadgets and his degree in writing. In his spare time, he collects console and arcade game hardware, is a motorcycle enthusiast, and enjoys trapping blue crabs. Stephen's first mobile device was a 624 MHz Dell Axim X30, which he's convinced is still a viable platform. Stephen longs for a market where phones are sold independently of service, and bandwidth is cheap and plentiful; he's not holding his breath. In the meantime, he devours smartphone news and tries to sort out the juicy bits Read more about Stephen Schenck!