After a series of two vulnerabilities were discovered that targeted Google Wallet, Google’s mobile and digital wallet app on the company’s Android smartphones, Google has now decided to disable the prepaid credit card feature on the app.
Recently, two discovered vulnerabilities found on the Google Wallet leading some to question about the readiness of digital wallets at this time. Under the first vulnerability, a hacker can reveal the user’s PIN number to access the Google Wallet app on a Google Nexus S 4G (Sprint) or Google Galaxy Nexus. The second vulnerability merely bypasses the app’s PIN number. The hacker can wipe the application data and then open the app and establish a new PIN, and still have access to the established pre-paid Google MasterCard credit card, but not any other saved credit cards or gift cards as that information would be wiped along with the application data.
Since the discoveries were made, Google has now disabled provisioning of pre-paid cards on its Google Wallet Android app in the interest of security. Additionally, Google advises users against rooting their Android smartphones, stating, “we strongly discourage [rooting] if you plan to use Google Wallet because the product is not supported on rooted phones.”
With Google Wallet, users can associate the app, for payment, with a number of gift cards or a Citi MasterCard. Google also gives users the option of establishing a pre-paid credit card and re-load the card when funds are diminished.
The app makes use of NFC, or near field communications, technology. Rather than swiping a plastic credit card through a magnetic reader, users can pay for physical goods at retail stores by waving their NFC-enabled smartphone next to an NFC reader. In this manner, Google anticipates that smartphones and wallets would converge and eventually credit cards would become obsolete as users would only need to carry their smartphones to make and initiate payment.