-
After 15+ years, we've made a big change: Android Forums is now Early Bird Club. Learn more here.
[Verizon] Google Wallet Security Concerns
- Thread starter zetroc
- Start date
-
- Tags
- galaxy nexus
n0ve
Android Expert
Guessing you saw how Google wallet detects rooted phones w/ the " unsupported device" message?. At first I thought that meant I couldn't use it, but it does work, they are just warning you because of credit cards being sensitive information and somewhat of a way to keep people from rooting. In my opinion it is not that big of a risk but I wouldn't keep my entire credit card collection on there, gift cards and maybe an atm or two...Regardless u can use it while rooted...
rooted or stock you should be running a "lock" (not "face" either pin or pattern) if you want use Wallet.
The "risk" difference between rooted and stock is pretty much a red herring, since if they have physical access to your phone unlocked your screwed either way...
I recommend running a app with remote wipe (lookout,where's my droid, etc)
The "risk" difference between rooted and stock is pretty much a red herring, since if they have physical access to your phone unlocked your screwed either way...
I recommend running a app with remote wipe (lookout,where's my droid, etc)
I am more concerned with how accessible my sensitive data is to apps and what not. I'm not worried if my phone is lost, I know the inherent risk there. I mean more when I run/install apps, and with apps that have Super User access... does that mean they can access my sensitive data?
iowabowtech
root@android:/ #
It's a tricky question indeed and one that may be quite difficult to answer I have a feeling. Could a malicous app be written to somehow pull the card info? I'm not sure. You can't even access the card number from the app or online logged in to your own Google account from what I can tell. When I try to edit the card after being logged into Google with my password (from the PC) it still only shows the last 4 digits. If somebody could crack the encryption on the NFC chip and somehow access it, then maybe it could be bad. I'm honestly not sure if that is feasible or not but until somebody can prove otherwise, the thought of it does linger.
If there were ever an offending app written for this purpose, I think it would certainly have to be granted superuser access. So I think I'll be extra vigilant in granting SU from here forth.
Yeah, malicious apps are my concern: I figure if someone can get past my face unlock, and the pattern unlock, AND the Wallet PIN, then they're master hackers. But in the meantime, I'm running to the nearest internet-connected device and locking down Wallet AND the whole phone with Lookout.
You would think though, that any app requiring SU access would be heavily scrutinized by Android experts smarter than me and looking at the apk code.
That, and the fact that Android is such a novelty out here in the country, make me feel fairly secure in using it at the handful of places that have a PayPass terminal. I just make sure to lock the app as soon as the transaction's complete.
You would think though, that any app requiring SU access would be heavily scrutinized by Android experts smarter than me and looking at the apk code.
That, and the fact that Android is such a novelty out here in the country, make me feel fairly secure in using it at the handful of places that have a PayPass terminal. I just make sure to lock the app as soon as the transaction's complete.
iowabowtech
root@android:/ #
With some minor reservations in the back of my mind, that's pretty much my philosophy too Chief. Right now I think the most common sense plan is to NOT be among the first to try a new "root only" app.