Google is fighting concerns with the security of Google Wallet — an app that converts mobile phones into credit cards — by addressing known issues and pushing on with its launch partners, MasterCard and Sprint.
In a phone interview with The Daily Caller Nate Tyler, Google Global Communications personnel, said, “We feel very strongly that we’ve created a secure product.”
Tech enthusiasts at The Smartphone Champ, however, have identified at least one way in which a person can get access to Google Wallet. If the phone is stolen, the thief can enter the application settings menu, clear the data for Google Wallet and attach the app to a new account. After that, the hacker can create a new pin and log into the account in order to gain access to the funds.
Even on a non-rooted phone, which limits access and should protect the phone from inexperienced users, the app can be hacked, reports Security Watch. A thief can root the phone and steal the funds from Google Wallet.
Google responded to the security breach by temporarily disabling the use of prepaid cards making them not available to users.
Two days later, Google was re-issuing cards claiming they fixed the problem, but the “fix” was having users contact Google to reactivate their Wallet accounts. This means that the technical issue still remains.
Though hackers may be able to access the funds and make purchases, Tyler said, there is no way to retrieve credit card information because only the last four digits of the card number are shown.
A “secure element” chip that’s embedded in the software will securely store all payments, Tyler said.
With these security vulnerabilities surfacing, Verizon, who got heat from its users for “blocking” the app on its phones, may be feeling vindicated.
Verizon had already decided not to feature the app on its phones due to security concerns.
A press release sent out by Verizon in December said that in order for the application to be featured, the app would have to be integrated into a “new, secure, and proprietary hardware element in our phones.”
Security was not the only reason why Verizon chose not to feature the app on its new line of phones.
Verizon said in the statement that “Verizon does not block applications,” but Tyler said that Verizon did in fact ask Google not to include the functionality on the system.
With Verizon not wanting to feature the app on the phones, Google was set to be launch partners with Sprint.
Sprint is the first and only carrier of the application up until this point because, Tyler said, Google decided to build an app and just make it available to get it out on the market.
A Sprint rep said that though the company is proud to be the first carrier of the mobile payment app, it “does not preclude Sprint from offering other mobile payment capabilities to our customers.”
A mobile payment application wouldn’t work without a credit card company involved, so Google launched with MasterCard. After the app has been out for a while, Tyler said, Google will reach out to other banks.
Citi MasterCard is the only credit card company currently available on Google Wallet, but it also offers Google prepaid cards. Users can add money from any one of their credit cards to these prepaid cards.
The application, he said, is compatible with all major credit cards, not just MasterCard, but that option is not available at the moment.
That means that Visa credit card holders may be able to use the app in the future. A representative from Visa told The Daily Caller that the company is licensed to Google.
The press release sent out by Visa on September 19 reads, “The agreement sets the stage for Visa-issuing banks worldwide to enable Visa account holders to add their credit accounts to Google Wallet.”
Nothing has changed, the rep. said, but Google just decided to launch with MasterCard.
Google is free to deploy Visa’s payment application in their wallet and, according to the representative, has plans to do so.
Along with Google, Visa is also licensed to Verizon’s mobile payment plan, ISIS.
A Verizon representative described ISIS as, “a program that will offer mobile payment options and [is] coming in trial markets later this year.”
Visa uses what’s called “Visa payWave.” PayWave is a payment feature that allows users to wave their card in front of a card reader instead of swiping it.
The application is powered by Near Field Communication (NFC) and it, like ISIS, is simply a payment app – it does not monitor the account like Google Wallet.
Visa is also planning to launch its own virtual wallet. The rep said the company wants to build something that will be a part of electronic and mobile commerce to reach out to more users.