Google Wallet's PIN Verification Cracked (Again), No Root Access Required
Yesterday, a security firm called vZelo demonstrated a vulnerability within Google Wallet, cracking its PIN verification system using brute force, giving Wallet access to anyone who had the exploit. It was also revealed that the hack only worked on rooted devices, and Google swiftly reported that a fix for the bug was already being worked on.
Adding to Google Wallet's security worries, a new hack was posted online today, claiming to give access to Google Wallet (sans PIN) on non-rooted devices, requiring just a few steps to gain user information (and funds).
The Smartphone Champ reported on the newly-discovered flaw, explaining just how the exploit works:
The security flaw is painfully easy to do and requires no extra software nor does it require root. All a person who wants to access your Google Wallet has to do is go into the application settings menu and clear the data for the Google Wallet app. After doing that your Google Wallet app will be reset and will prompt for you to set a new pin the next time you open it. The problem here is that since Google Wallet is tied to the device itself and not tied to your Google account, that once they set the new pin and log into the app, when they add the Google prepaid card it will add the card that is tied to that device. In other words, they’d be able to add your card and have full access to your funds.
At the moment, all users of Google Wallet are technically at risk, though both exploits require any nefarious user to be holding your phone in order to gain access to information/funds. Google has yet to say anything about the new vulnerability or when it may be remedied, but we'll be here to cover any new developments as they emerge.
Source 9to5Google Via AndroidPolice
Relevant Content
New tutorials from Helloandroid
Recent Apps
Android on Twitter
-
@Idevicegazette (iDevice Gazette)
GSM-to-Skype bridge lets you lose those roaming fees http://bit.ly/lbRJeh #android
9 years 41 weeks ago -
@tommy_banane (tom b.)
RT @AndroidFavorite: #Android New Desktop Android Market Is Live, Adds Several New Features http://zorr0.nl/lFwXNz
9 years 41 weeks ago -
@dwilliams5 (Dennis Williams)
just completed a runtastic run of 3.02 km in 40 min 11 s with #runtastic #Android App: http://tinyurl.com/5tvrpe3
9 years 41 weeks ago -
@S_Pinz (Spinz!)
RT @Androidheadline: Out of box #LG Optimus 3D got Quadrant 2420 score. Thanks @blink_c #io2011 #android http://twitpic.com/4whkdz
9 years 41 weeks ago -
@tayaitapps (Taya IT)
Next Google TV Looks A Lot Like Android http://t.co/dvlTim3 via @alleyinsider #google #apple #android #tv #honeycomb
9 years 41 weeks ago
Poll
Useful resources
Android Development Projects
- App para Taxis
- build ios and android app
- Native UAE / Emirati Arabic Speaking Freelancer Required! (UAE / Emirati Arabic Dialect/Accent)
- Unlock Huawei P9 Lite bootloader -- 2
- Botón Antipánico para Dispositivo Movil
- MOBILE APP DEVELOPER
- Criar um app ou algo semelhante
- Fix a simple file in android
- Develop an Ios and android video chat app with user profiles
- Live video streaming dating app needed