Google Wallet users warned of possible security breaches.
Researchers are warning users of the Google Wallet that there could be ways to crack passwords intended to keep thieves out, according to CIO. Companies should take extra measures, including SSL certificates, on top of PCI compliance and other security methods to help keep customers safe when using things such as Google Wallet.
Zvelo Labs researcher Joshua Rubin said Google has been alerted to the possible security problem and is trying to fix it.
"Google Wallet allows only five invalid PIN entry attempts before locking the user out," Rubin said in a blog post. "With this attack, the PIN can be revealed without even a single invalid attempt. This completely negates all of the security of this mobile phone payment system."
With unproven technologies such as this, both businesses and customers need to be aware of potential problems that can pop up. McAfee security researcher Jimmy Shah told CIO that once attackers attain a PIN, they have access to any credit card information stored in that app.
Computerworld reports that Google is temporarily disabling the use of prepaid Google Wallet cards on phones after the security breach discovery by Zvelo. While PCI compliance is important, businesses should also remember that payment security needs to come from other places, as well, and needs to be consistently adjusted for the times.