Google has started provisioning electronic wallets again having fixed the more trivial security flaw in its product - though determined hackers will still get in. Google suspended the supply of Wallets after it emerged that simply clearing the application data resulted in the protecting PIN being reset, so now anyone trying to …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Wednesday 15th February 2012 16:16 GMT Aaron Em

Doesn't concern me at all

We need NFC why again?

1 1
1. Wednesday 15th February 2012 17:07 GMT ItsNotMe
  
  Re: Doesn't concern me at all
  
  Yes it does.
  
  Here is why you need it...
  
  1)
  
  2)
  
  3)
  
  Now just use it...OK?
  
  2 1
2. Wednesday 15th February 2012 17:10 GMT DrXym
  
  Re: Doesn't concern me at all
  
  You need NFC so thieves can see that not only do you have an expensive phone but it also holds money.
  
  3 1
3. Wednesday 15th February 2012 17:11 GMT Anonymous Coward
  
  Re: Doesn't concern me at all
  
  To get better targeted ads of course.
  
  Imagine how much more relevant the ads will be once Google gets insight into your offline shopping.
  
  3 1
4. Wednesday 15th February 2012 17:14 GMT Anonymous Coward
  
  It's cool
  
  All Google employes are doing it and posting their purchases on their trendy social network, G+
  
  3 1
Wednesday 15th February 2012 16:51 GMT Robert Carnegie

So if someone gets your "Wallet", they can spend your "money".

That actually doesn't surprise me greatly. It sounds familiar. In fact, I have heard of something very like it being done on purpose, and by outright criminals.

1 0
1. Wednesday 15th February 2012 17:14 GMT Anonymous Coward
  
  Re: So if someone gets your "Wallet", they can spend your "money".
  
  But... If someone gets my wallet, they can't use my chip and pin cards because the pin isn't anywhere in the wallet. (Ok, actually it is heavily encrypted on the card itself, but realistically no-one is getting that.)
  
  1 2
  1. Wednesday 15th February 2012 17:36 GMT Graham Dawson
    
    Re: Re: So if someone gets your "Wallet", they can spend your "money".
    
    Yet somehow, when my chip and pin card was nicked a few years back, the crims were able to buy a baker's dozen of mobile phone without haviing the pin.
    
    1 0
    1. Wednesday 15th February 2012 21:07 GMT Anonymous Coward
      
      @Graham
      
      So either:
      
      1) You recorded your PIN and they found it
      
      2) They shoulder surfed your PIN
      
      or
      
      3) They used the magstripe
      
      Very few places in EU/UK allow use of the magstripe these days.
      
      0 1
      1. Wednesday 15th February 2012 22:42 GMT Daf L
        
        @AC
        
        Or... just maybe, they bought them over the phone or online! A sophisticated criminal?
        
        Also the PIN isn't your bank card PIN it is just a pseudo security lever which is a lot more than your normal wallet has - which is the point. We're talking about bonk cards not bank cards - same on the phone.
        
        You do bonking with you wallet completely unprotected, you bonk with you phone with protection but not very good protection.
        
        0 0
        
        Thursday 16th February 2012 20:51 GMT Graham Dawson
        
        Re: @AC
        
        That's right AC, I'm a complete blithering idiot who writes down an easily memorable number and lets people steal my card after standing creepily close to me.
        
        You think I'm an idiot? Bite me.
        
        1 0
Wednesday 15th February 2012 17:12 GMT TonyHoyle

More secure?

"electronic wallet remains a good deal more secure than its physical counterpart."

Show me a credit card that can be brute forced in seconds in the comfort of your own home.

Until that hole is fixed, it Google Wallet remains too insecure to be taken seriously IMO.

2 1
1. Wednesday 15th February 2012 17:45 GMT sisk
  
  Re: More secure?
  
  A credit card is 'brute forced' the instant a thief lays his hands on it, even quicker than a Google Wallet. The difference is that most people are less likely to leave their credit card laying around than they are their phone.
  
  0 1
2. Wednesday 15th February 2012 17:46 GMT Ian Yates
  
  Re: More secure?
  
  I think he was referring to a physical wallet.
  
  IIRC, the Google Wallet still has the maximum transaction and maximum wallet load limits, so it's the same as carrying (say) £200 around.
  
  Presumably, being an electronic (and trackable) process supported by various banks, you're also covered in the case of it being stolen and used.
  
  Also, why would they need to brute-force your credit card? Plenty of places still take signature (and don't check) or support "card-holder not present" transactions where the CCV and address (which is probably also in your wallet) is considered a security check.
  
  I doubt I'll use Google Wallet myself, but it doesn't strike me as being any less secure than the alternatives.
  
  1 1
  1. Wednesday 15th February 2012 19:10 GMT DrXym
    
    Re: Re: More secure?
    
    You'd be covered for any purchases on your NFC phone but I doubt the offer would extend to replacing the physical phone that thieves only stole because it could be used to buy stuff.
    
    0 0
Wednesday 15th February 2012 17:47 GMT sisk

Fixed for you

"...though determined crackers will always get in."

0 0
Wednesday 15th February 2012 20:58 GMT Anonymous Coward

Fuck Google and their Wallet.

It'll end in the same rubbish bin as Wave, no wonder they have the same logo.

1 1