Technologies for mobile payments are popping up, including Square and PayPal Mobile. Google Wallet may be the furthest along, although early security concerns (which have now been addressed by Google Wallet) illustrate the need for these new technologies to pay careful attention to how sensitive information is being stored on mobile devices.
Google Wallet uses Secure Element. This chip is embedded in a smartphone, SD card, or credit-card smartcard and encrypts payment information. Google’s website says MasterCard PayPass secures credentials as the transaction is made. Ramirez says the probability of information being intercepted by a third party in the middle of a transaction is very unlikely because of how wireless networks communicate with each other. “It’s infeasible because of the fact that you can’t have two channels communicating to each other at the same time,” he says. However, a study by security company viaForensics found that Google Wallet stored information, such as the smartphone user’s name, credit-card information, email address and the last four digits of a credit card, which was obtainable by root-accessing a device. Root-accessing allows unrestricted access to information that’s stored on a device. Andrew Hoog, who is a co-founder of viaForensics, says his company notified Google of its findings. Nate Tyler, who is a spokesperson for Google, tells Consumers Digest that the Google Wallet app has been updated to delete transaction information permanently after a purchase. Ramirez reminds mobile payment users to safeguard their data by setting separate pass codes for their smartphone and mobile payment account. Consumers also should cancel their credit card if their smartphone is lost or stolen. When it comes to loyalty-based payment apps, such as Starbucks, Hoog reminds consumers to download the company’s official app for the best security. “Look for names that are reputable,” he says. via News | Analysts: Mobile payment options to grow in 2012 | Consumers Digest.