Google Wallet (Pay) Security - What the Actual ?!?
Discussion
So I have just installed Google Wallet (formerly Pay) on my Android 12 phone for the first time.
Once you have unlocked your phone via any method there is no second level of security required before you can open the Google Wallet app & tap to make an NFC payment! No security settings within the app at all to enable to allow access to the app.
Even Paypal requires authentication before opening their app. To say my gast is flabbered would be an understatement.
So basically someone could "borrow"/steal your phone whilst unlocked & tap away to their heart's content until payments get blocked.
Am I missing something really obvious here - more than likely
Once you have unlocked your phone via any method there is no second level of security required before you can open the Google Wallet app & tap to make an NFC payment! No security settings within the app at all to enable to allow access to the app.
Even Paypal requires authentication before opening their app. To say my gast is flabbered would be an understatement.
So basically someone could "borrow"/steal your phone whilst unlocked & tap away to their heart's content until payments get blocked.
Am I missing something really obvious here - more than likely
One is an un-secured app on an Android phone & one is a piece of plastic in my wallet firmly wedged in my pocket.
Let me re-phrase your question - why do my Paypal & online banking apps have their own security to open the apps where Google Wallet doesn't at all? - just seems backwards.
Let me re-phrase your question - why do my Paypal & online banking apps have their own security to open the apps where Google Wallet doesn't at all? - just seems backwards.
Edited by Digger on Sunday 15th January 19:10
b
hstewie said:
hstewie said: I think their reasoning would be that there's a balance between security and convenience and if someone has stolen your unlocked phone you probably have plenty of other things to worry about.
Yes - I'm inclined to agree with that view but how long does it take to use fingerprint-unlock for a second time?Oh well - guess I can learn to live with this.
BoRED S2upid said:
Digger said:
One is an un-secured app on an Android phone & one is a piece of plastic in my wallet firmly wedged in my pocket.
And your phone will be in the other pocket. Zero difference in security. My Google asks for a second fingerprint when over £100. Otherwise, the phone locks itself quite quickly due to the overall settings. I think the chances of someone getting my phone off me, keeping it unlocked and then getting someone to use it is pretty low.
But you are right; asking for a second print every time wouldn't be complicated but more inconvenient.
But you are right; asking for a second print every time wouldn't be complicated but more inconvenient.
98elise said:
Why? You don't have have a second verification on contactless cards, or even a first.
It's a service you choose to use so if it's not secure enough for you, don't use it.
I’m not comparing it to cards. Who cares about those? Haven’t used them for years. I’m comparing Google to the other large provider in the space. If apple don’t think it upsets the user exp enough then it probably doesn’t. It's a service you choose to use so if it's not secure enough for you, don't use it.
okgo said:
98elise said:
Why? You don't have have a second verification on contactless cards, or even a first.
It's a service you choose to use so if it's not secure enough for you, don't use it.
I’m not comparing it to cards. Who cares about those? Haven’t used them for years. I’m comparing Google to the other large provider in the space. If apple don’t think it upsets the user exp enough then it probably doesn’t. It's a service you choose to use so if it's not secure enough for you, don't use it.
People have different wants and needs, and you have a choice. Choose a service that gives you what you want.
Edited by 98elise on Monday 16th January 11:32
Fonzey said:
The phone doesn't even need unlocking at all for amounts under £45.
I'm far more likely to lose a bank card than a phone. I can live with this, it's a convenience:marginal risk ratio I fully support.
Really?I'm far more likely to lose a bank card than a phone. I can live with this, it's a convenience:marginal risk ratio I fully support.
Bit surprised by that though thinking about it logically I'm not sure why as someone could do that with my debit card.
I use Apple Pay for most things and far as I know that needs unlocking for any payment however small.
bhstewie said:
hstewie said: Really?
Bit surprised by that though thinking about it logically I'm not sure why as someone could do that with my debit card.
I use Apple Pay for most things and far as I know that needs unlocking for any payment however small.
Apart from TfL if you enable the ‘express travel’ option. Then you can use your iPhone on Oyster readers without unlocking it. Bit surprised by that though thinking about it logically I'm not sure why as someone could do that with my debit card.
I use Apple Pay for most things and far as I know that needs unlocking for any payment however small.
Gassing Station | Finance | Top of Page | What's New | My Stuff