Google Wallet PIN on rooted Android devices at risk
If you are an Android smartphone user who is taking advantage of Google Wallet on a smartphone that is rooted, you need to be aware of a potential major issue. As you know, when you're making a purchase with your Google Wallet must enter your PIN number to complete the transaction. A reputable security firm called Zvelo has alerted Google that it has discovered the PIN is at risk.
That opens the chance that nefarious types could steal your PIN number securing your Google Wallet account. The issue apparently stems from the fact that PIN information is actually stored on the phone without being secured with the NFC chip. According to Zvelo, "this completely negates all of the security of this mobile phone payment system."
The good news if you're one of the people that could be affected by this vulnerability is that you can fix it yourself. Apparently, what you need to do is add a lock screen security pattern or a PIN to your smart phone and disable USB debugging. It is probably a safe assumption that Google is at work on a fix itself.
[via Android Community]