Google just can’t seem to catch a break these days. With the less than ideal feedback on its new Facebook rival, Google Plus, along with several other unveilings over the past couple of years, it seems as though the search engine giant is good at, well, being a search engine giant. Now, Google Wallet is taking an embarrassing hit and announced it was suspending all of its prepaid debit and credit card capabilities. This is all due to what it’s calling a security flaw. Here’s how it went down.
On Saturday, Google to the web and announced there was a flaw in Google Wallet. This design error would allow unauthorized users to gain access to a customer’s prepaid debit or credit card, reconfigure the settings so that the owner would not even be able to access his account, all the while, allowing the thief to spend his victim’s money with few cares of getting caught (that speaks volumes about the flaw itself). In a Saturday press release, Osama Bedler, who is the vice president for Google Wallet and Payments, said that the company is committed to finding a permanent fix, but that in the meantime, this “precautionary step” was put into place to protect consumers.
Interestingly, it was a blogger who calls himself the Smartphone Champ who stumbled across the vulnerability. It appears only to affect prepaid credit cards and debit cards. The blogger wrote that by opening up the “Settings” in an Android smartphone and then deleting all of the Google Wallet settings, any unauthorized user with good timing could “hijack” the balance on those prepaid cards. And if you’re thinking that sounds too simple – it is and therein lies the problem. This doesn’t appear to be some sophisticated code hacker who’s looking for a bit of anonymous praise; this is one of those weaknesses that your 12 year old could probably figure out.
Not Only the Champ
On Friday, Zvelo made public its own Google Wallet vulnerability. Apparently, cracking all of those PINs isn’t challenging, either. The security firm said the PINs weren’t treated as “secure elements”, which are part of all smartphones. The apps consumers place on their phones are designed to “land” where they need to in terms of security features. Instead, these elements were placed in the operating system of the Androids.
Perhaps the one saving grace is the fact a thief would have to gain phsycial address of your phone. Remember too this hack doesn’t seem to affect traditional credit cards.
Should You Worry?
Here’s the kicker: the hack works on those phones that were modified by their owners. Many of us can relate to doing a bit of modifying our smartphones for better system control. Of course, those who risk this understand their warranty is void and useless once they do open up their phones. The vulnerabilities are proof of just how bad things can go.
If you have compromised your warranty, one easy – albeit temporary – fix is found simply by kicking in your screen lock. If a hacker does not have that password, then he can’t gain access. Granted, few like the screen lock, but it might be worth getting into the habit – at least until these security flaws can be addressed and remedied.
Google has reassured consumers that it will have these flaws taken care of as soon as possible. If you have compromised your warranty and you have a prepaid card in your Google Wallet, your best bet is to disconnect the bank or credit card account, put into place your screen lock and closely monitor your account. Also, this might a great time to think about applying for one of those traditional credit card offers. There are several cash back card offers on the market today and any fraudulent activity doesn’t leave you vulnerable for shouldering the charges.
The Blue Cash Everyday by American Express is a fine example of how well the credit card companies have raised the bar in their efforts of wooing new consumers. You’ll earn a $100 cash back bonus after charging your fist $1,000 and there’s also no annual fee.
The Discover More card has that ever-important fraud protection offering as well as a no annual fee.
- How Does Google Wallet Virtual Card Fare?
- Not All Prepaid Debit Cards Are Created Equal
- Charge Cards for Today’s Contemporary Wallet
- Prepaid Debit Cards: the Pros and Cons
- Endless Possibilities With Blue Cash from AMEX
- International Fraud Prevention Month
- MasterCard Profits Up Courtesy of Credit Card Use