How To Hack The Mobile Wallet
Charlie Miller, principal research consultant at computer security firm Accuvant, demonstrated how to it was possible to attack three handsets – Samsung's Android-powered Nexus S and Galaxy Nexus, and the Nokia N9, which runs on the Linux-based MeeGo OS. Using tools which forced the phones to visit websites containing attack software, which was used to look at and steal data stored on the device.
By exploiting multiple security weaknesses in the technology, Miller can transmit code from another handset or a chip, which then opens malicious files or webpages which exploit known vulnerabilities in software on the phone, or even the OS itself.
This could prove something of a spanner in the works of mobile payment and wallet projects using the technology – especially given that one of the most commonly cited obstacles to mainstream adoption is concern over its security.