Google Wallet PIN Security Cracked (Video)


It looks like Google Wallet’s PIN security has been cracked on rooted devices, although if your Android device is not rooted then the security on the Google Wallet Pin seems to be fine.

The PIN for Google Wallet is stored encrypted on your Android devices, and a method has been discovered to reveal the SHA256 hex encoded PIN information, which enables the PIN to be discovered, the crack was discovered by the guys from Zvelo.

Google Wallet

Google has been apparently been notified about the issue, and is working on a fix, although this may involve some changes to the way Google Wallet works, and also the terms of service of Google Wallet, the video below shows the crack in action.

This is only going to be a problem if you actually lose your Android device, and if it is rooted, although if you have a passcode on your Android device lock screen then it should be harder for anyone to crack Google wallet.

You can find out more information about the security crack on Google Wallet, and what it means if you have a rooted Android device over at Android Central.

Updated 11th February 2012

Google has now releases a further statement on Google wallet and the security involved with it, you can see full information over at the Google Commerce Blog.

First, Google Wallet is protected by a PIN — as well as the phone’s lock screen, if a user sets that option. But sometimes users choose to disable important security mechanisms in order to gain system-level “root” access to their phone; we strongly discourage doing so if you plan to use Google Wallet because the product is not supported on rooted phones. That’s why in most cases, rooting your phone will cause your Google Wallet data to be automatically wiped from the device.

 


  • http://blogbizbuzz.com Joan-BlogBizBuzz

    There a bound to be many flaws needing to be ironed out going into this new market. Great to see it was found, everyone is going to have to learn how to be vigilant. My personal feeling is that you are no safer using an ATM.