In my today’s post I want to have a deeper look into the topic security concerning Google’s newest invention- The Google Wallet (You can find further information about this future wallet in my Blog post the week before!).
But how secure will this method be? Do hackers have an easy game? Are thieves benefited? This bunch of question is buzzing through my head and I think I’m not the only one.
At first it has to be taken into consideration that only a small part of people are able to use this invention yet. Some preconditions have to be ‘fulfilled’.
- You live in New York or San Fransisco (in these 2 cities it is launched yet),
- Sprint is your wireless provider,
- you have the smartphone Nexus S
- and you are shopping at one of the rare retailers that provide the service.
Therefore, I found a really helpful FAQ-set, created by cnet. Questions like ‘How does this work exactly?’ , ‘What if I forget my PIN?’ , ‘What if I lose my smartphone?’ or ‘Could criminals create fake NFC reader interfaces like they do ATM skimmers?’ are answered there.
Summarizing these frequently asked questions you should know that the whole data is encrypted and stored on a chip on your smartphone which Google named the ‘Secure Element’
As you can read on the Google Wallet Web site you should think
[…]of the Secure Element as a separate computer, capable of running programs and storing data. The Secure Element is separate from your Android phone’s memory. The chip is designed to only allow trusted programs on the Secure Element itself to access the payment credentials stored therein. The secure encryption technology of MasterCard PayPass protects your payment card credentials as they are transferred from the phone to the contactless reader.
After loosing your PIN you have to reset the Wallet but Google is designing a more user friendly reset mechanism right now. And if you have lost the whole smartphone someone needs to know at first the PIN to access your phone (as far as you have locked your phone) and furthermore the PIN to assess the financial information. After entering a wrong PIN too many times the ‘Secure Element’ is disabled and cannot be used any longer for payments.
Furthermore it is said that Goolge provides
much better protection for the consumer over the standard plastic credit cards broadly available in the market today.
According to Tony Bradley (PCWorld), Oliver Lavery, Director of Security Research and Development for nCircle answered the question if it is crazy to entrust Google with your financial information with no.
I don’t think it’s crazy to trust credit card data to Google Phones. While there have been high profile breaches like Sony and Epsilon recently, these were breaches in systems where security wasn’t a front-and-center concern. I think we can be reasonably confident in the security design of a system designed to manage financial transactions.
As far as I’m concerned I do agree. When I’m using my credit card the data is being read, analysed, transferred and stored. With the Goolge Wallet it is the same. I Don’t think that there is need for additional security. But of course you should always be careful and pay attention to whom you provide your financial data. I would say that Google Wallet and Security are rather friends than foes. But to become Lovers additional guarantee for security has to be accomblished !
At the end you should check out some helpful hints to stay save in the web: