Lord777
Professional
- Messages
- 2,576
- Reaction score
- 1,577
- Points
- 113
After the advent of Apple Pay, Android developers also decided to tackle the issue of creating a convenient and secure payment application that would allow transactions to be made via a smartphone. It is based on the already well-known technology of contactless payment (occurs through the exchange of data through the built-in NFC module of the gadget). Bank cards with the possibility of contactless payment work approximately on the same principle. Convenience of transactions through the phone can be considered the main advantage of the new technology from Android. But what about security?
Android Pay protection
In the application, you can add any bank, credit and discount cards. In this case, the device forms the so-called "Token-Card" - a digital copy of a real one with virtual details. Physically, data is stored inside the device, so it is problematic to access it from the outside.
The application uses a two-tier protection mechanism. External security tools are designed to prevent theft of this data. If your phone with Android Pay is lost or lost, using special applications, you can remotely change your password, destroy all personal information. You can also block virtual card data by contacting the bank's support service.
Internal protection involves encrypting data directly during transactions, confirmation and control of operations. Security is provided by additional identification (fingerprint, pattern or PIN, which must be entered to confirm the operation).
As in the case of contactless payment cards, the Android payment system allows you to conduct transactions up to $ 15 without unlocking the screen and authenticating. Larger amounts are debited only after confirmation. Operations are available only if there is an Internet connection, since a one-time key for confirming the transaction is generated in the Google cloud storage. Which, by the way, is also an element of additional protection.
Disadvantages of Android Pay
Users believe that the main disadvantage of the system is the impossibility of making transactions without an Internet connection, which the main competitors are able to do. But in terms of security, it is rather a plus. Also, Android Pay “does not work” with ATMs, so you cannot use it to withdraw cash if the card is not at hand.
Also, not all banks work with Android Pay yet. The application does not yet support MAESTRO and Visa ELECTRON cards issued by some banks, does not work with Visa cards from some banks.
Due to security issues, the application cannot be used on older smartphones with OS version lower than 4.4, gadgets without an NFC chip and devices with superuser rights (Root access).
Pros:
Minuses:
In general, although this payment system is inferior in terms of convenience and functionality to competitors, in terms of security it does not have major vulnerabilities. It is unlikely that it will be possible to copy virtual data, as is the case with a bank card, and transactions can be confirmed with a fingerprint, which is impossible for an attacker to do, even if he finds out the pattern or PIN.
The security of Android Pay suffers only because of the operating system itself, its prevalence and open source code. Recently, more and more viruses and spyware have been appearing on Android. Therefore, you should be extremely careful with the installed applications. The payment system client itself can be downloaded only from the standard Google Play application.
Android Pay protection
In the application, you can add any bank, credit and discount cards. In this case, the device forms the so-called "Token-Card" - a digital copy of a real one with virtual details. Physically, data is stored inside the device, so it is problematic to access it from the outside.
The application uses a two-tier protection mechanism. External security tools are designed to prevent theft of this data. If your phone with Android Pay is lost or lost, using special applications, you can remotely change your password, destroy all personal information. You can also block virtual card data by contacting the bank's support service.
Internal protection involves encrypting data directly during transactions, confirmation and control of operations. Security is provided by additional identification (fingerprint, pattern or PIN, which must be entered to confirm the operation).
As in the case of contactless payment cards, the Android payment system allows you to conduct transactions up to $ 15 without unlocking the screen and authenticating. Larger amounts are debited only after confirmation. Operations are available only if there is an Internet connection, since a one-time key for confirming the transaction is generated in the Google cloud storage. Which, by the way, is also an element of additional protection.
Disadvantages of Android Pay
Users believe that the main disadvantage of the system is the impossibility of making transactions without an Internet connection, which the main competitors are able to do. But in terms of security, it is rather a plus. Also, Android Pay “does not work” with ATMs, so you cannot use it to withdraw cash if the card is not at hand.
Also, not all banks work with Android Pay yet. The application does not yet support MAESTRO and Visa ELECTRON cards issued by some banks, does not work with Visa cards from some banks.
Due to security issues, the application cannot be used on older smartphones with OS version lower than 4.4, gadgets without an NFC chip and devices with superuser rights (Root access).
Pros:
- a large number of supported devices;
- multilevel payment protection;
- loyalty programs and cashbacks.
Minuses:
- work only with original firmware;
- lack of a built-in data protection system by the operating system.
In general, although this payment system is inferior in terms of convenience and functionality to competitors, in terms of security it does not have major vulnerabilities. It is unlikely that it will be possible to copy virtual data, as is the case with a bank card, and transactions can be confirmed with a fingerprint, which is impossible for an attacker to do, even if he finds out the pattern or PIN.
The security of Android Pay suffers only because of the operating system itself, its prevalence and open source code. Recently, more and more viruses and spyware have been appearing on Android. Therefore, you should be extremely careful with the installed applications. The payment system client itself can be downloaded only from the standard Google Play application.
