Google has taken great pains to secure its Google Wallet mobile payment service, employing a secure NFC chip to store credit card information. Security experts discuss ways malicious apps might attack Wallet.
, the search engine's efforts to enable
mobile payments using near-field communication technology from smartphones, has
a number of challenges it must overcome to succeed.
obviously the general lack of interest in mobile payments via smartphones at a
time when the vast majority of people happily use wallets. The second-biggest
barrier to wholesale adoption may be consumers' concern about the security
Google Wallet provides for their credit card information.
So how does
Google promise to protect sensitive user data? Believe it or not, the key is an
NXP PN65K chip in the Samsung Nexus S 4G smartphone (the only Google
Wallet-enabling phone to date).
"Secure Element," which stores users' credit card digits, is isolated
from the phone's operating system and hardware and uses cryptography (PKI [Public
Key Infrastructure] and Triple-DES [Data Encryption Standard]) and memory
protection, making it tough to crack.
authorized programs like Google Wallet can access the Secure Element to trigger
a transaction. Moreover, Google Wallet cannot read or write data from the
Secure Element's memory.
also requires a 4-digit PIN, which is the only way to
transmit payment credentials. That's not something even today's credit cards
require to process. This step also prevents bad guys from brushing by you in a
crowd to grab your info via NFC, noted McAfee security researcher Jimmy
As for whether
any malicious application could access a user's credit card on the Secure
Element, Google assures that Android enforces strict access policies so that
malicious applications wouldn't have access to data stored by Google Wallet.
thinks Android might be the best entry point for a perpetrator because Android
applications are relatively easy to reverse-engineer.
He believes an
attacker has a good chance of extracting the authentication key from the Google
Wallet application and creating a malicious application that emulates the
official Wallet application to fool the Secure Element chip into giving up a
here, the attacker can collect account information for sale or for attempts at
cloning the data to new NFC cards," Shah wrote in a blog post
Security CTO Kevin Mahaffey agrees with Shah that some sort of malicious application
that can compromise the Google Wallet application or the provisioning process.
Alternatively, an application could exploit the software in the Secure Element,
enabling a hacker to grab credit card info.
wonders whether the PIN will be here to stay or will go away if Wallet becomes
widely adopted. If the PIN is abandoned, Mahaffey said a user could then be
susceptible to a man-in-the-middle attack, or the ghost-and-leech attack Shah
attack, a perpetrator can use an NFC reader to swipe consumers' credentials
when they make a purchase via their phone. The defense against this attack,
Mahaffey noted, is the PIN.
Chief Products Officer Alisdair Faulkner said the fundamental challenge between
the security of today's credit cards and Google Wallet is that Wallet is on the
same environment in which someone else's malicious application is able to get
at that data.
analogy I would use is that I can put my credit card in my wallet, but my
driver's license isn't going to try and communicate with it in any way,"
Faulkner told eWEEK.
that you have stored value, that is going to be something that criminals are
going to attack."
before in history have we had this kind of financial data and credentials
stored on a device, which we know fundamentally can never be trusted."