Feeds

back to article Google tightens its Wallet after PIN reset goof

Google has started provisioning electronic wallets again having fixed the more trivial security flaw in its product - though determined hackers will still get in. Google suspended the supply of Wallets after it emerged that simply clearing the application data resulted in the protecting PIN being reset, so now anyone trying to …

COMMENTS

This topic is closed for new posts.

Doesn't concern me at all

We need NFC why again?

1
1
Bronze badge
Coat

Re: Doesn't concern me at all

Yes it does.

Here is why you need it...

1)

2)

3)

Now just use it...OK?

2
1
Silver badge

Re: Doesn't concern me at all

You need NFC so thieves can see that not only do you have an expensive phone but it also holds money.

3
1
Anonymous Coward

Re: Doesn't concern me at all

To get better targeted ads of course.

Imagine how much more relevant the ads will be once Google gets insight into your offline shopping.

3
1
Anonymous Coward

It's cool

All Google employes are doing it and posting their purchases on their trendy social network, G+

3
1
Bronze badge

So if someone gets your "Wallet", they can spend your "money".

That actually doesn't surprise me greatly. It sounds familiar. In fact, I have heard of something very like it being done on purpose, and by outright criminals.

1
0
Anonymous Coward

Re: So if someone gets your "Wallet", they can spend your "money".

But... If someone gets my wallet, they can't use my chip and pin cards because the pin isn't anywhere in the wallet. (Ok, actually it is heavily encrypted on the card itself, but realistically no-one is getting that.)

1
2
Silver badge

Re: Re: So if someone gets your "Wallet", they can spend your "money".

Yet somehow, when my chip and pin card was nicked a few years back, the crims were able to buy a baker's dozen of mobile phone without haviing the pin.

1
0
Anonymous Coward

@Graham

So either:

1) You recorded your PIN and they found it

2) They shoulder surfed your PIN

or

3) They used the magstripe

Very few places in EU/UK allow use of the magstripe these days.

0
1
Bronze badge
Facepalm

@AC

Or... just maybe, they bought them over the phone or online! A sophisticated criminal?

Also the PIN isn't your bank card PIN it is just a pseudo security lever which is a lot more than your normal wallet has - which is the point. We're talking about bonk cards not bank cards - same on the phone.

You do bonking with you wallet completely unprotected, you bonk with you phone with protection but not very good protection.

0
0
Silver badge

Re: @AC

That's right AC, I'm a complete blithering idiot who writes down an easily memorable number and lets people steal my card after standing creepily close to me.

You think I'm an idiot? Bite me.

1
0

More secure?

"electronic wallet remains a good deal more secure than its physical counterpart."

Show me a credit card that can be brute forced in seconds in the comfort of your own home.

Until that hole is fixed, it Google Wallet remains too insecure to be taken seriously IMO.

2
1
Silver badge

Re: More secure?

A credit card is 'brute forced' the instant a thief lays his hands on it, even quicker than a Google Wallet. The difference is that most people are less likely to leave their credit card laying around than they are their phone.

0
1

Re: More secure?

I think he was referring to a physical wallet.

IIRC, the Google Wallet still has the maximum transaction and maximum wallet load limits, so it's the same as carrying (say) £200 around.

Presumably, being an electronic (and trackable) process supported by various banks, you're also covered in the case of it being stolen and used.

Also, why would they need to brute-force your credit card? Plenty of places still take signature (and don't check) or support "card-holder not present" transactions where the CCV and address (which is probably also in your wallet) is considered a security check.

I doubt I'll use Google Wallet myself, but it doesn't strike me as being any less secure than the alternatives.

1
1
Silver badge

Re: Re: More secure?

You'd be covered for any purchases on your NFC phone but I doubt the offer would extend to replacing the physical phone that thieves only stole because it could be used to buy stuff.

0
0
Silver badge
Coat

Fixed for you

"...though determined crackers will always get in."

0
0
Anonymous Coward

Fuck Google and their Wallet.

It'll end in the same rubbish bin as Wave, no wonder they have the same logo.

1
1
This topic is closed for new posts.