TMCnet Feature Free eNews Subscription
February 14, 2012

The Google Wallet Hacked Phone Proves NFC Flaws

By Daniel Brecht, Contributing Writer

In 2011, Google introduced its new mobile payment system, better known as “Google Wallet.” The system is currently available as an app on the Samsung’s (News - Alert) Nexus S 4G smartphone from Sprint and works with MasterCard PayPass, which is a "contactless" way to pay.

Even though the Google (News - Alert) Wallet mobile app was designed to store a user's credit card and prepaid card information, it appears not safe enough for mobile phone payments. As pointed out by Zvelo, a company that specializes in developing technologies and endpoint security, the Google (News - Alert) Wallet mobile app had exposed the personal identification number (PIN) of a Google Wallet account.

Even though the Google Wallet app program has shown its weakness, Google was able to come up with a permanent fix to the security flaw. The Google Wallet hacked phone proves there are also security issues with near-field communication (NFC) technology, issues that may be in its design and implementation payment systems, which do not help prevent consumers from attacks and fraud attempts.

The problem with NFC is that it can allow a remote attacker to steal the PIN, as it did with the Google Wallet mobile app, and malicious hackers might have the chance to break into another person’s account within seconds. It appears the flaws in current NFC handsets are slowing down the widespread and fast adoption of contactless payments.

Ever since the launch of Google Wallet in 2011 and the breakthrough of NFC-compatible handsets, which allows users to wave their smartphones near a reader module to make a purchase, users fear that money transactions are neither safe nor secure. What was once thought as an easy and fast method to make payments for goods and services, transactions, money transfers and mobile payment services- just by tapping a cell phone to a payment terminal, may not be the safest means for consumers right now.

While the Google Wallet mobile application and NFC technology will prevent users from carrying around plastic credit cards and folded wallets, people are still wary of cell phone-based credit card payment systems. There have been too many negative reports that prove short-range two-way communication between endpoints is susceptible to near-field communication (NFC) threats. To correct such problems companies would need to install some sort of monitor system on NFC-enabled devices to look for suspicious transactions that take place; this could protect users against fraud and abuse if their mobile phones were hacked. Of course, this feature would be in addition to authentication using a PIN before transactions are completed.

People can expect the next generation of NFC-enabled devices will include real-time anti-fraud alerts; this should help people overcome their fear of using their cell phones to make payments. 

Daniel Brecht has been writing for the Web since 2007. His interests include computers, mobile devices and cyber security standards. He has enjoyed writing on a variety of topics ranging from cloud computing to application development, web development and e-commerce.

Edited by Rich Steeves
» More TMCnet Feature Articles
Get stories like this delivered straight to your inbox. [Free eNews Subscription]


» More TMCnet Feature Articles