Why no news of Google Wallet tokenization upgrade?

Menel · Oct 30, 2014

Oletros said:
My God, read your ****ing links and read the ****ing Google FAQ.

As it is clear what is your role in this thrad i stop here, believe what you want, reality won't change

ok.. so instead of discussion, you just want to be vulgar. Another for my ignore list.

diamond.g · Oct 30, 2014

Menel said:
Show proof to your claim.

I've posted links showing how it is not involved, which is a known, and the entire reason why I started this thread asking why not from Google. Ars answered this, in the form of basically: 'google wanting to continue mining their sheep for data'. Sad, but expected I suppose.

Here is another.

http://www.aviso.io/apple-pay-brings-new-problems-acquirers/

When you read this article, make sure you follow the directions...

For example

VISA's Token Service didn't even itself launch until this past October... How was Google using this service which DID not exist? And such they have had to use a proxy card account?

Google Wallet does support tokenization, but Google uses a cloud-based tokenization process.

https://www.google.com/search?espv=2&gs_ivs=1&q=Google+took+inspiration#q=google+wallet+tokenization

Menel · Oct 30, 2014

diamond.g said:
Google Wallet does support tokenization, but Google uses a cloud-based tokenization process.

https://www.google.com/search?espv=2&gs_ivs=1&q=Google+took+inspiration#q=google+wallet+tokenization

Thats still not, and irrelevant to the new secure March 2014 EMVco Tokenization Standard...

To continue the quote you conveniently snipped.

Google Wallet does support tokenization, but Google uses a cloud-based tokenization process. That reintroduces other security risks since payment data is being stored on Google's servers as opposed to locally on the device-level.

diamond.g · Oct 30, 2014

Menel said:
Thats still not, and irrelevant to the new secure March 2014 EMVco Tokenization Standard...

To continue the quote you conveniently snipped.

I didn't snip it to be malicious, I figured we all knew that Google was storing tokens in the cloud. And storing it in the cloud does introduce security risks. I wasn't refuting that. I was finding a link that stated that Google uses tokenization. Link (with my google search I used) found...

Does the EMVco standard exclude cloud storage of tokens?

gotluck · Oct 30, 2014

Yes if google gets hacked we are screwed, and due to the nature of the android oem situation, google seems to have given up on the apple pay style of payments. I believe the 'old google wallet' had the implementation you are looking for.

Honestly I trust googles web services security more than apple's as far as hacks from exterior sources are concerned, but surely that is biased.

I doubt the situation will change and apple pay is better from a security standpoint. Inferring that wallet is insecure is ridiculous though.

Menel · Oct 30, 2014

diamond.g said:
I didn't snip it to be malicious, I figured we all knew that Google was storing tokens in the cloud. And storing it in the cloud does introduce security risks. I wasn't refuting that. I was finding a link that stated that Google uses tokenization. Link (with my google search I used) found...

Does the EMVco standard exclude cloud storage of tokens?

Yes it does, because it doesnt involve a Token Service Provider, see post 24 https://forums.macrumors.com/posts/20256209/

Oletros · Oct 30, 2014

Menel said:
Yes it does, because it doesnt involve a Token Service Provider, see post 24 https://forums.macrumors.com/posts/20256209/

FAAAALLLLSEEE, it is a Token Service Provider, stop spreading FUD, read what what is about and learn.

You even don't know what a TSP, you're here just to bash what you hate.

----------

diamond.g said:
Google Wallet does support tokenization, but Google uses a cloud-based tokenization process.

https://www.google.com/search?espv=2&gs_ivs=1&q=Google+took+inspiration#q=google+wallet+tokenization

Don't waste your time with him

kdarling · Nov 2, 2014

minimo3 said:
I wouldn't quite call the transaction method Google Wallet uses tokenization, its probably better described as a virtual card.

After thinking about it, what EVMCo uses is also better described as a "virtual card".

That's because an account token isn't just any old number. It has to follow regular bank card number rules to be accepted and routed correctly. Thus an account token has to look like a real card number, even if it's actually only a virtual one.

So basically, Apple Pay is more secure (fingerprint auth, credit card info is never stored anywhere) ...

The token-to-account info is of course stored somewhere in both cases.

In the case of MC/Visa, it's stored in their token vault servers.

In the case of Google Wallet, well, we don't know. It could be stored at Google in their own token vault, at Bancorp in their vault, or even with a respected third party like First Data, which multiple banks (and Google) have used as a Token Service Provider.

As for being "more secure"... to whom? We're not responsible for fraudulent purchases in either case.

but Google Wallet is more flexible because you can add any credit / debit card (with Apple Pay the bank has to be on board)

Yep. For example, many of us use Chase Presidential Plus Mastercards, which Apple Pay doesn't support yet. That makes it a non-starter for us.

Search

Search

Why no news of Google Wallet tokenization upgrade?

Menel

Suspended

diamond.g

macrumors G4

Menel

Suspended

diamond.g

macrumors G4

gotluck

macrumors 603

Menel

Suspended

Oletros

macrumors 603

kdarling

macrumors P6

Our Staff