Google Wallet vulnerability not just for rooted phones

Google Wallet vulnerability not just for rooted phones

A second Google Wallet vulnerability has been found today, hot on the heels of the previous reports of a PIN number exploit.  Initially thought to only be a flaw in rooted phones, this new vulernability affects and and all users running Google Wallet.

According to TheSmartphoneChamp it is very easy to get around the PIN number from the NFC payment application.  It’s as simple as clearing the data under application settings. Let’s pretend you just lost your phone for a moment, shall we?   Upon opening the app afterward, the user is asked to enter a new PIN. Once a new PIN has been created the bad guy can add a Google Prepaid Card tied to the handset and then potentially access available funds.  In other words, it’s like as if someone had found your real wallet and was then using the money or cards to pay for things.

Google was already aware of the initial problem but we get the feeling they will be issuing an update in short order.  Even though it affects a limited number of users, it’s scary to think how easy it is to get around at this time.

User your noodle, boys and girls.  If you don’t have a password-protected home screen or PIN number keeping you safe then you’ll want to add a layer of security to your apps.

About author

Scott Webster
Scott Webster 6607 posts

Scott has been running AndroidGuys since 2007 and loves nothing more than reading up on the latest smartphone rumors. His other mobile efforts can be found on Android Update (CNET) where he covers Google's mobile platform.

You might also like

News and Rumors

Google Drive for Android receives update

Google Drive is around from a long time now, and it’s for sure an amazing offer by the search giant. Google updated Google Drive for Android, and added some new

News and Rumors

Sprint offers guranteed $200 device trade-in for T-Mobile defectors

Sprint on Friday announced a new promotion which puts T-Mobile squarely in its sights. Starting today, and running through April 9, Sprint will guarantee a minimum of $200 instant trade-in

News and Rumors

SpectorSoft eBlaster Mobile for Android Lets Parents Remotely Monitor Child’s Phone

Concerned parents can keep an eye on calls, texts, pictures, and web history from wherever they are with this remote monitoring app.

90 Comments

Leave a Reply