I’ve read lately about the launch of Google Wallet and how it may revolutionize how we make payments. Instant payments by putting the phone near a terminal and by keying in my PIN? Sounds good. As exciting as it may be to try out new technologies, if it has to do with my wallet though, I think things through twice or more.
Things to Consider
First off, you need to have an Android phone. Android, while a beautiful piece of software, is the most attacked mobile software in the planet. It’s the most used one now that it has surpassed its main competitor (Apple) and there are no signs of it slowing down. I don’t mean to say that anything running on Android is bad or risky but just keep the “most attacked” angle in mind for now.
Second, it uses NFC, a technology not very unlike RFID. That’s the information-emitting little chip you put on your dog so the vet can easily identify him. It’s also the little chip on your passport broadcasting your data and the one that your credit card uses (if you have a U.S. credit card, that is). It’s a technology that, while extremely useful, provides a very juicy target for the bad guys. A bad guy with a big antenna pointed at my dog can read her ID number from afar. Okay, that’s not the worst scenario I can picture.
Mobile Platforms: Now a Target
Well, I’ve been to a hacker conference or two. Perhaps a lot more and I can tell you that this thing *will* be a hacker’s target. I don’t mean to scare you off, I’m sure that the good guys have properly done their job and that Google will patch things up if they fail, even slightly. With this, I mean to say that if you ever thought that the bad guys weren’t looking right, left, and center to mobile platforms for future ways of attacking, now you can be sure they are.
They don’t target platforms just because it’s fun but because there’s money involved… and there is now. We’ve been seeing the Android platform under increasing attack for about a year and this news will only accelerate that trend. This puts us, antivirus vendors, in red alert mode for new attacks on Android. At the end of the day, we want to protect you and your wallet.
Enjoy the Google Wallet technology and the convenience it provides but check your bank statements more often (which you should anyway). If you’re feeling especially paranoid about this but still want to try it out, you can always get a prepaid credit card to pay with. That will give you enough security to feel more at ease.