After the company was forced to suspend prepaid card use through its mobile purchasing service, Google recently announced that it had fixed a major bug that would have allowed hackers to rip off consumers.
Earlier this week, hacks were discovered by two separate entities that would have allowed cybercriminals to repurpose consumers’ Google Wallet accounts, especially if they were tied to certain types of accounts. The first hack, which was discovered by a security firm, might have allowed hackers with a certain amount of skill the ability to access a Wallet user’s PIN code, essentially giving them access to the account.
The second, though, was considered more worrying because it could have been performed by anyone. By gaining access to a user’s accounts and resetting their PIN, they could have used an existing prepaid card to gain access to that account. This would have posed a problem particularly for consumers who lost their phones and did not keep those handsets protected with a lock screen code.
As a result of the second problem, Google temporarily suspended the use of prepaid card accounts through Wallet, but has since issued a fix and reopened that type of account for use. Meanwhile, it continued to state its belief that Wallet is secure overall, and safer than using traditional credit or debit cards to make purchases.
“Mobile payments are going to become more common in the coming years, and we will learn much more as we continue to develop Google Wallet,” said Osama Bedier, vice president of Google Wallet and Payments. “In the meantime, you can be confident that the digital wallet you carry provides defenses that plastic and leather simply don’t.”
[Credit Cards: Research and compare credit cards at Credit.com.]
And while it said that it was not aware of any instances of consumers’ Wallet accounts being taken over by crooks, it set up a toll-free hotline for those who lost their phone or believe their account was compromised.
The reason digital payment systems that allow consumers with near-field communications-enabled smartphones to make purchases are safer than traditional card use is in the way those systems store and encrypt information. On a regular magnetic strip card, that information is not encoded and can be stolen and copied with relative ease. With digital systems, the information can usually be accessed only by entering a code when using the service to make a purchase.