Google Wallet Flaw Allows Digital Pickpocket
A new and troubling, vulnerability in Google Wallet has been exposed. Unlike a low-risk security issue identified yesterday, today's security flaw is described as painfully easy.
Security firm Zvelo yesterday discovered a vulnerability in Google Wallet, Google's NFC payment system, that allows anyone holding analready-rooted smartphone running Google Wallet to access the Google Wallet PIN.
Such a vulnerability allows a hacker to use a Google Wallet-enabled smartphone to maker purchases using the credit card information tied to the NFC chip. However, Google points out that this is a low-risk situation, because it only works if the smartphone has already been rooted (by the owner), and credit card information, while useable, is still secure.