Google has issued a response to the recent security issues that were raised with its Google Wallet mobile payments system last week, claiming that the service is safe and even more secure than physical cards.
We revealed on ThursdayÂ thatÂ a team of developers at zvelo had demonstrated how the PIN verification system could be easilyÂ overriddenÂ on rooted Android devices. Things then got worse when, as The Verge reported, it emerged that stolen phones could have pre-paid credit accessed by simply clering data andÂ re-installingÂ the app.
The response is posted to Googleâ€™s Commerce blogÂ and itÂ essentially explains that the security issues are down to rooting devices. As the company said in its initial comment to us, it â€śstrongly discouragesâ€ť users to modify their Android device as â€śthe product is not supported on rooted phonesâ€ť.
However, Google has taken action in response to the second issue:
To address an issue that could have allowed unauthorized use of an existing prepaid card balance if someone recovered a lost phone without a screen lock, tonight we temporarily disabled provisioning of prepaid cards. We took this step as a precaution until we issue a permanent fix soon.
Mobile payments are set to be huge, as the blog post explains, and the company claims that its users can confident that the mobile payment system â€śprovides defenses that plastic and leather simply donâ€™tâ€ť.
The real takeaway from these events is not just that mobile payments is not perfect, it is that the basic security settings on smartphones are hugely important. Android devices should have the lock screen password setting enabled, which would prevent these issues, while users of other phones should also be sure to set up security measures to keep data safe.
Todayâ€™s smartphones are beginning to be used for payment, but emails, SMS messages, social networking accounts and a whole raft of other details and services can easily be accessed from devices that are left unsecured.
Nonetheless, the last few days have been difficult for Google Wallet and it is certainly a major concern that pre-paid accounts could be accessed so easily by anyone. Google is working to fix the issue and its message is loud and clear about using the service with rooted devices.