Google late Friday night disabled the ability to provision new Google Preaid Cards, fallout from the discovery of a flaw in the Google Wallet app. The gist is that if someone were to find your phone, they could reset the Google Wallet PIN and gain access to your Google Prepaid Card. In a separate incident, rooted phones were found to be vulnerable to a brute-force crack.
And so, Google has temporarily disabled provisioning of prepaid cards as an interim step, and it says it will have "a permanent fix soon."
Google also reminds us that rooted devices are by definition not as secure as un-rooted phones and "we strongly discourage [rooting] if you plan to use Google Wallet because the product is not supported on rooted phones."
In addition, Google provides toll-free phone support 24 hours a day if you have concerns or questions about Google Wallet. In other words, just like with a traditional credit card, call if you lose it. Or have issues. Or just need a friend.
Protecting your payments with Google Wallet
Over the last few days we've received questions and concerns about issues related to the security of Google Wallet. People are asking if Google Wallet is safe enough for mobile phone payments. The simple answer to this question is yes. In fact, Google Wallet offers advantages over the plastic cards and folded wallets in use today.
First, Google Wallet is protected by a PIN — as well as the phone’s lock screen, if a user sets that option. But sometimes users choose to disable important security mechanisms in order to gain system-level “root” access to their phone; we strongly discourage doing so if you plan to use Google Wallet because the product is not supported on rooted phones. That’s why in most cases, rooting your phone will cause your Google Wallet data to be automatically wiped from the device.
Second, we also take concrete actions to help protect our users. For example, to address an issue that could have allowed unauthorized use of an existing prepaid card balance if someone recovered a lost phone without a screen lock, tonight we temporarily disabled provisioning of prepaid cards. We took this step as a precaution until we issue a permanent fix soon.
And just like with any other credit card, you can get support when you need it. We provide toll-free assistance in case you lose your phone or someone manages to make an unauthorized transaction.
Mobile payments are going to become more common in the coming years, and we will learn much more as we continue to develop Google Wallet. In the meantime, you can be confident that the digital wallet you carry provides defenses that plastic and leather simply don’t.
Posted by Osama Bedier, Vice President, Google Wallet and Payments
We may earn a commission for purchases using our links. Learn more.
It's time to stop using SMS for two-factor authentication
Not all 2FA is equal. Using SMS to get a code might not be "better than nothing" after all.
Fresh Surface Duo renders are here, reportedly coming to AT&T
Microsoft hasn't exactly been camera shy with the Surface Duo, but a new set of renders have leaked that offer an even closer look at the device. Alongside the leaked images, the leaker says Duo will be headed to AT&T in the U.S.
24 hours with the Galaxy Note 20 Ultra: Big, beautiful, and backwards
It's still too early to give any conclusive thoughts on the Galaxy Note 20 Ultra, but Samsung's latest flagship is already proving to be a tremendous phone in more ways than one.
The Xperia 1 is still our favorite phone for shooting video
If video recording is your thing, then look no further than the Sony Xperia 1 — it offers a large screen, three great cameras, and extremely robust manual video controls.