I love my Google Wallet, have you seen my phone?

Good Wednesday Morning Readers!

Today’s topic, the digital wallet, and how it can hurt you more than it can help you.

In the techie community, security is similar to a teeter totter.  There is a balance between usability and security.  On the one hand, consumers want a device or an application that makes their life easier, while on the other hand, they want their data to be secured.  In May 2011, Google released an application for the Nexus S phones called “Google Wallet.”  This application stores credit card and banking data of the customer so that they can just waive their phone over the new “pay pass” readers found at more and more retail stores, convenience stores, and gas stations.  The pay pass system isn’t new, as a matter of fact, it has been used in Europe and Asia for many years with great success.  Now, the security built into the application sounds great… it encrypts the first 12 numbers of your credit card number, but nothing else is encrypted, including name, credit limits or balance information, expiration date, last transactions, etc…

How many times have I written about the social engineers out there, 3, 5, 8 times?  Tell me, how many of you would fall for a phone call with a person verifying to you the last four digits of your card, the expiration date, and say the last two transactions you made?  You see, the information that is not protected by the Google Wallet app is a gold mine for a scammer or even an ID thief.

Until Google releases a fix for this, I suggest not using the wallet app.  I also suggest not using any type of “wallet” style app on your phone… Why? People lose their phones.  People don’t properly secure their phones.  People have too much faith in the security of their “secure” devices.

I know I sound harsh, and I accept that.  How many of you have a lock on your phone?  What I mean when I say lock… a password!  If you don’t have a password on your phone, and you use a “wallet” app, you may as well kiss your backside goodbye if you lose your phone.  If you are a proponent of convenience, and you want to use a wallet app like Google Wallet or even ISIS when it is released, please, I beg you, lock your phone with a password, and put restrictions on it the security of your device.  Make it so that if someone fails after 5 attempts, the phone is wiped out, erased, etc…

Thank you for reading, and remember:

Protect your information, protect yourself; the coffee is brewing people, it is time to wake up!!!