The malware analytics group called zVelo, says that Google Wallet PINs might be vulnerable to theft if your phone is rooted. The video below shows their research where you can see a simple .apk (app file) being installed onto a rooted phone, from there it can access PIN information. This shows the risk of Apps on Rooted devices sending PIN info elsewhere or allowing people access to your Google Wallet should your phone fall into the wrong hands. There is not a lot of chance in this happening as for one the App developers would have to get them onto your phones and know who you are to take advantage of the situation, but it is worth mentioning this issue
zVelo contacted Google and they confirmed that this vulnerability does indeed exist. A fix was worked out which involved moving the PIN verification into the SE (secure element) of the NFC chip in your phone. This was a relatively easy fix but it could move the responsibility of PIN protection to the banks rather than Google, something that zVelo is not a fan of.
Do you plan on using Google Wallet and what's your thoughts?
