Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    I’ve read lately about the launch of Google Wallet and how it may revolutionize how we make payments. Instant payments by putting the phone near a terminal and by keying in my PIN? Sounds good. As exciting as it may be to try out new technologies, if it has to do with my wallet though, I think things through twice or more.

    Things to Consider

    First off, you need to have an Android phone. Android, while a beautiful piece of software, is the most attacked mobile software in the planet. It’s the most used one now that it has surpassed its main competitor (Apple) and there are no signs of it slowing down. I don’t mean to say that anything running on Android is bad or risky but just keep the “most attacked” angle in mind for now.

    Second, it uses NFC, a technology not very unlike RFID. That’s the information-emitting little chip you put on your dog so the vet can easily identify him. It’s also the little chip on your passport broadcasting your data and the one that your credit card uses (if you have a U.S. credit card, that is). It’s a technology that, while extremely useful, provides a very juicy target for the bad guys. A bad guy with a big antenna pointed at my dog can read her ID number from afar. Okay, that’s not the worst scenario I can picture.

    Mobile Platforms: Now a Target

    Well, I’ve been to a hacker conference or two. Perhaps a lot more and I can tell you that this thing *will* be a hacker’s target. I don’t mean to scare you off, I’m sure that the good guys have properly done their job and that Google will patch things up if they fail, even slightly. With this, I mean to say that if you ever thought that the bad guys weren’t looking right, left, and center to mobile platforms for future ways of attacking, now you can be sure they are.

    They don’t target platforms just because it’s fun but because there’s money involved… and there is now. We’ve been seeing the Android platform under increasing attack for about a year and this news will only accelerate that trend. This puts us, antivirus vendors, in red alert mode for new attacks on Android. At the end of the day, we want to protect you and your wallet.

    Enjoy the Google Wallet technology and the convenience it provides but check your bank statements more often (which you should anyway). If you’re feeling especially paranoid about this but still want to try it out, you can always get a prepaid credit card to pay with. That will give you enough security to feel more at ease.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon

    • Pingback: Crooks Are Looking at Your Mobile Wallet | Simply Security()

    • Pingback: Los ciberdelincuentes van detrás de su cartera móvil »

    • David Sancho (Senior Threat Researcher)

      Hi Marquisa. Whether you trust it or not, it’s a personal choice, so I absolutely understand. I would give it a try myself with a prepaid credit card because I hate carrying around coins, but again: personal choice. Thanks for sharing your opinion.

    • Paolomer Corleone

      This is a great info and I can use it on my job. Kudos Malware Blog for continuously sharing threat news.

    • Marquisa

      The first thing I thought about when I read about Google Wallet was the fact that so much Android malware has hit the scenes lately.

      I check all app permissions religiously and I’ve uninstalled a few apps recently due to updates having shady permission changes.

      I already watch my purse like a hawk because I’m afraid some sticky hand is going to reach in and snatch my wallet. I can’t imagine what kind of paranoia would kick in if I started using Google Wallet.

      I think I may have to pass on that one..


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice