Google Wallet is an Android app which will allow users of Android phones that have Near Field Communication (NFC) chips to simply tap their phones on specially enabled electronic payment pads to pay for their purchases. The Google Wallet Android app is available in an open source community (called Marketplace :() and given recent Android app malware exploits, you’d be hard pressed to find a good reason why consumers will ‘trust’ Google Wallet.
Google Wallet uses something called ‘Secure Element’. A user’s data is protected and saved away from the main Android operating system and hardware, so if anyone who attempts to find a way into your device will not be able to access it. At the user level the NFC chip/antenna turns off when the phone screen is black. The protocol also uses a PIN code for transactions which are also further protected by settings that prohibit transactions without the app being launched. This appears to be very secure right now. The back-end of processing and storage of credit card data is protected by the PCI-DSS (Payment Card Industry Data Security Standards), so this isn’t the security weakness.
So how secure is Google Wallet?
Android smartphones have a separate chip that stores the sensitive card data, which is encrypted and the chip is tamper proof. But then what comes is the real weak link – the Android app (as mentioned above). All you have to do to open the app is remember a PIN – how many people uses “1234” or “6789” or something like a data of birth?
Update: Google say they have developed ‘password logic’ whereby they will detect and reject obvious weak passwords i.e. “1234”. If the Google Wallet becomes widely adopted, then there are some security researchers who wonder whether Google will retain the PIN. If the PIN was abandoned then this would open a whole new can of worms (pun unintentional).
What if Android malware writers could spoof the Google Wallet? It’s possible once you have access say via the PIN to access the data and reverse engineer the Google Wallet app to extract the key. Creating a malicious app that emulates the Wallet app to fool the secure element chip to give up the user credentials is possible. The attacker can then collect information for sale or for attempts at cloning the data to new NFC assets.
Right now Android is the weak link (if you were to use Google Wallet as the template) – not iPhone or Blackberry. The biggest question right now has to be – will users accept financial data and credentials stored on the same device? While RFID/NFC can certainly provide bulletproof cryptographic protection, most deployments still choose proprietary technology instead. The NFC chips in upcoming phones support both the old and the new standards. Right now, if you are reading this, you are probably saying to yourself “I’m not so sure”.
Safe surfing folks!