Android vulnerability: credit cards at risk
The discovery of a serious vulnerability in the Android operating system puts the security of credit cards at risk
A serious security flaw has been discovered on Android that allows access to credit card data via NFC devices such as Flipper Zero. The vulnerability has been identified as CVE-2023-35671 and affects devices running Android 5.0 and later. The fix is only available for recent versions of Android. Older or unsupported devices will not receive a security patch.
A new vulnerability has been discovered in the Android operating system, putting credit card information on Android devices at risk. The vulnerability, identified as CVE-2023-35671, affects all devices running Android 5.0 and later.
The problem related to the "Screen Pinning" function
The vulnerability is related to the "Screen Pinning" feature on Android. Even if security options such as "Require PIN code before unlocking" and "Require device unlock for NFC" are enabled, bank card data can be stolen when the feature is enabled for any application.
The threat to bank cards linked to Google Wallet
A person equipped with an appropriate NFC reader can receive all the details of a credit or debit card connected to Google Wallet, if the device is temporarily handed over or screen pinning is enabled on Android. Even if the vulnerability does not allow payments to be made, access to card data poses a risk to the user's privacy.
The fix and limitations
Google deemed the vulnerability serious and released a security patch included in the September 2023 update. However, only newer versions of Android, starting with Android 11, will receive the fix. Devices running older versions of Android or without official manufacturer support should avoid using the "Screen Pinning" feature to protect credit card information.
Follow us on Facebook for more pills like this09/17/2023 02:08
Editorial AI