Following discoveries that both rooted and stock Android phones are vulnerable to attack, vice president of Google Wallet and payments Osama Bedier posted a letter today defending the service and reassuring customers that it is still safer than traditional payment methods. He cites that Google Wallet is protected by both an in-app PIN and a screen lock (if you have one set up), and in order to maintain security, he recommends that all Google Wallet users keep their phones unrooted, since it's not hard for a thief to access your Wallet PIN on a rooted phone. Additionally — to help keep stock devices safe following the latest finding that funds could be accessed by simply wiping the application's settings — the team has temporarily turned off provisioning of prepaid cards, preventing you from setting up a new card (old ones should still work just fine).
In the statement the executive also reminds users that Google will help you out if you lose your phone — you can call them up (855-492-5538) and have the app disabled. In the meantime, be sure to turn a screen lock on your phone, will you?