:format(webp)/cdn.vox-cdn.com/assets/947445/google-wallet_1020.jpg)
Google Wallet security holes threaten both rooted and stock devices
-
March 20, 2012
Current Google Wallet customers given $5 on pre-paid cards for all the provisioning hassles
If you opened up Google Wallet today, you may have noticed there's an extra $5 sitting on your pre-paid card. It turns out it's not a glitch, it's compensation from Google Wallet in exchange to the provisioning hassles the service has been experiencing this year
-
March 8, 2012
Google re-enables pre-paid card re-provisioning in Google Wallet, with password-based security
Google has changed Google Wallet to allow users to set up their existing pre-paid cards directly on the phone without calling into Google.
-
March 5, 2012
Google Wallet app now notifies rooted users that they're not supported
According to Droid Life, users on rooted phones are now presented with a warning that their device is not a supported Google Wallet device, though the app will still function perfectly fine. Unfortunately, it's not a proper fix — the hole that allowed hackers to crack the security PIN that protects Wallet is still alive and well.
-
February 15, 2012
Google Wallet restores prepaid cards, patches re-provisioning security hole
Google has updated its blog post about the Google Wallet prepaid card security hole, letting us know that it's re-activated provisioning and also put out a fix for the original problem
-
February 11, 2012
Google Wallet reassures customers of safety, turns off prepaid card provisioning
Following discoveries that both rooted and stock Android phones are vulnerable to attack, vice president of Google Wallet and payments Osama Bedier posted a letter defending the service and reassuring customers that it is still safer than traditional payment methods.
-
February 9, 2012
Second Google Wallet security vulnerability confirmed, affects all users
The Google Wallet can trivially be tricked into providing access to the default Pre-Paid card attached to every account. Google is working on a fix, but in the meantime all users should set a lockscreen password.
-
February 8, 2012
Google Wallet PIN cracked on rooted Android devices
The security of the PIN that protects Google Wallet transactions has been compromised — though most users won't need to worry about the issue for now, as it only applies to users who have rooted their Android smartphone. The key issue is that the PIN is stored on the device itself instead of in the secure NFC element, although it is in an encrypted format