Europol has warned that Android phones may have been used to access sensitive data tied to Google’s Tap and Go service.
The alert comes in Europol’s annual Internet Organised Crime Threat Assessment report. Europol is the EU’s law enforcement agency, which helps members states’ police forces co-ordinate operations and intelligence.
It has been reported that hackers have managed to compromise NFC transactions and able to carry out fraudulent payments.Users who deactivate their cards are still at risk, as this process does not always stop thieves from using them.
officials have stated that they are unsure exactly how the attacks are being carried out and how common they are.Europol reported that this reason could be possible. Several vendors in the dark net offer software that uploads compromised card data on to Android phones in order to make payments at any stores accepting NFC payments.
but they were still unsure whether the payments were triggered being by customised apps or via Google’s own Android Pay software.
Android features are suspected for attack because Google did not prevent from third-party apps using a device’s NFC chip but apple did not allow this.
However, smart wallets are totally dependent on a customer’s mobile for purchases. As such, Europol and law enforcement officials have called for manufactures of smartphones and touchless payment terminals to “take action to design out security flaws”.