First, we reported that anyone using Google Wallet on a rooted device, was easily susceptible to getting their security PIN hacked. This was due to the fact that phones running an Ice Cream Sandwich ROM did not have true NFC capabilities. Next, we came to figure out (the very next day) that even devices running true NFC technology were getting their security PINs hacked as well. So what is the solution? Well suspending prepaid cards of course.
Google had decided to disable the prepaid feature on February 10th, just a day after the infamous video by The Smartphone Champ blog, by exposing the vulnerability of Google Wallet.
[quote]The problem here is that since Google Wallet is tied to the device itself and not tied to your Google account, that once they set the new pin and log into the app, when they add the Google prepaid card it will add the card that is tied to that device. In other words, they’d be able to add your card and have full access to your funds.[/quote]
Thoss words are from a blogger with the name Hashim, who basically sums up how easy it is to access your funds. Osama Bedier, vice president of Google Wallet, said that all users should use a pin code or pattern so their devices are not easily accessible. They still temporarily disabled provisioning the prepaid cards, until they find a more plausible solution.
Come on my Android friends, let’s just stick to those presidential flashcards we have been using our whole lives. Let’s at least keep our money away from the digital world. At least as much as we can.
Source: Ars Technica