Attention B2B Marketers: Access 30 Million IT Decision Makers with a Custom Lead Generation Program Click to Learn More!
Welcome Guest | Sign In

Google Zips Up Wallet

By Richard Adhikari
Feb 15, 2012 7:00 AM PT

In the wake of two security flaws reported in its Google Wallet mobile payment system last week, Google has clamped down on the system and is scrambling to come up with a fix.

Google Zips Up Wallet

One of the two flaws affects only rooted devices.

But it's the second that troubles Google more. That flaw lets anyone operating the victim's phone gain access to the victim's prepaid card in Google Wallet simply by going into the device's applications settings folder, clearing the data for the mobile payment service and setting up a new PIN.

"On Friday, we disabled the ability to provision cards," Google spokesperson Sierra Lovelace told TechNewsWorld. "A permanent fix will be rolled out soon."

Google's restriction on provisioning prepaid cards will only impact new cards and refills, the company's Lovelace pointed out. "If you had already provisioned the prepaid cards, you can use them as usual," she said.

Flaw's Fallout

This flaw is "a fairly trivial problem in some respects," Nick Holland, a senior analyst at the Yankee Group, told TechNewsWorld. "People don't tend to store a great deal of money in prepaid cards."

However, the repercussions of this flaw may be far greater because "consumers have got their own wallets with them anyway -- and they're likely to go back to using their traditional credit cards again," Holland suggested.

Google's partners for Google Wallet include Visa, American Express, MasterCard, Discover, Sprint, Citibank, American Eagle and other store chains.

The partners appear to be unfazed by problems with Google Wallet. "I haven't seen any of our partners respond publicly," Google's Lovelace said.

Swimming With the Sharks

It's the competition that might give Google a real headache over the security flaws in Wallet.

AT&T Mobile, Verizon Wireless and T-Mobile have set up the ISIS, consortium to get into the NFC payment space.

NFC, or near field communications, is the technology used in Google Wallet for mobile payments.

ISIS has garnered support from companies like HTC, LG, Motorola Mobility, Research In Motion and Samsung.

However, that threat is somewhat mitigated because Samsung is a major player in the Android space, and offers the Galaxy Nexus, which incorporates Google Wallet. As for Motorola Mobility, it's been purchased by Google.

Further, ISIS "might never get off the ground, so [its threat] could be a moot point," the Yankee Group's Holland pointed out. "They've put back their pilot date, to Q4 now."

Still, Google needs to remain focused. PayPal's coming on strong as a real threat, with Ingenico agreeing in January to integrate the PayPal payment card solution into its point-of-sale solutions.

Further, PayPal has lined up two store chains -- Office Depot and Home Depot -- to use its POS solutions. Customers only need to use their telephone number and a PIN. PayPal plans to offer the service in 20 major retail chains by the end of the year.

Verizon Wireless has ruled out including Google Wallet in the version of the Samsung Galaxy Nexus it will offer later this year, stating its decision has to do with security.

Light at the End of the NFC Tunnel

Eventually, NFC will take off, the Yankee Group's Holland opined.

"We're putting the cart in front of the horse here, because we're trying to get people to use NFC payments out of the box when it's technology they're not used to," Holland said. "They need to get training wheels first."

Google might have to move to a cloud-based wallet, which will let it scale and be platform-agnostic, Holland suggested.

"I still believe in NFC, but I think you'll have a little more of cloud-based initiatives, and it could be through your tablet, your Xbox, or your set-top box, for example," Holland stated.

Facebook Twitter LinkedIn Google+ RSS
What should be done about UFOs?
World governments should cooperate to address a potential planetary threat.
The DoD should investigate -- they could signal a hostile nation's tech advances.
The government should reveal what it already knows.
The government probably has good reasons for secrecy and should be trusted on this.
Wealthy corporate space-age visionaries should take the lead.
Nothing. Studying UFOs is a waste of resources.
Keep the stories coming. People love conspiracy theories, and it's fun to speculate.