updated 10:25 pm EST, Wed February 8, 2012
Google working quickly to fix bug
Researchers at security firm Zvelo have released details surrounding a Google Wallet vulnerability that is claimed to leave a user's PIN data exposed. Engineers were reportedly able to develop a crack that quickly determines a user's four-digit PIN, which serves as an essential security layer to prevent the NFC system from transmitting card data without authorization.
Although the vulnerability is viewed as a significant security threat, it only affects devices that have been rooted. Users with rooted handsets are also easily protected if they simply utilize a passcode for the unlock screen.
Zvelo suggests Google quickly reacted after becoming aware of the problem, updating the software code to protect the PIN, however the revision still needs to be approved by the hardware manufacturers.
The researchers suggest that Google's method of patching the vulnerability may effectively transfer PIN security into the hands of banks that use the NFC payment systems.