Google to launch new secure Android Pay system

With the development of Apple Pay and yesterday's announcement of Samsung Pay, it seems the industry is really pushing towards mobile payment systems. After all is does make a lot of sense to be able to pay with the device you are most likely to have on you - your phone, instead of a rather outdated plastic card. Google is definitely not one to shy away from progress and is also considering a mobile payment solution and a big one indeed.

The news comes from an interview with Sundar Pichai, Google's SVP of Product today, at MWC. He disclosed the company's intention to bring new, secure payment options to the Android OS. Needless to say this is a huge step forward, as a potential payment system, integrated straight into AOSP could and probably will spread like wild fire.

What Goggle intends to do is go down a slightly different road that Apple and after yesterday's Galaxy S6 announcement, Samsung as well. Rather than developing a dedicated cardless payment service, the tech giant will develop what is essentially the base software for such a system and offer it as another API inside Android. This could empower countless third-party developers to implement their own payment systems, using Google's basis and guidelines.

Right off the bat, there are a lot of security concerns with this plan and Sundar did manage to mitigate some of them in the interview. Open-source and Android API spell trouble in a lot of people's minds, but what Google intends to do is employ modern techniques, such as one-time security tokens to authorize payments. What this means is that if a transaction gets compromised by a third person, the offender will only get access to a one-time token that can't be used to carry out a further payments. This is a pretty standard approach, but does not answer all of the security concerns, mainly what happens if you lose your phone, or even worse, what could a potentially malicious piece of software do with your bank information without your knowledge.

The fact of the matter is that the first concern is pretty much valid with today's payment cards as well so you can rest assured that existing security measure for your card will be carried over and perhaps even improved, if your phone were to ever replace your debit card.

The second problem is a little bit trickier and there are a lot of issues that Google needs to address in order to secure the system properly from all sorts of attacks. Perhaps even more importantly, the tech giant needs to make Android Pay convincing enough for users to entrust their bank date with it.

Sundar explained that that sensitive info will be stored locally only, but implementing support for additional protection, such as a fingerprint sensors is also on the roadmap for the payment API.

This new Android endeavor will not affect Google Wallet, which has been around for quite some time and is enjoying formidable popularity and is also the main payment gate for most of Google's paid services, including the Play Store. That system is absolutely different in what it does and might even be complimented by the new Android Pay API.

No information on availability was disclosed during the interview, but Android users and developers can look forward to the new functionality and we are sure to find out more at Google I/O in May.

Source