Google Wallet Goes Beta

By this summer, users of the Google Nexus S smartphone will be able to do all their shopping without ever opening their physical wallet—or so Google hopes.

The previously announced Google Wallet has gone into beta. Google predicts that by 2014 half of all smartphones will ship with NFC chips installed. They hope that Google Wallet will be on most if not all of them.

For security, Google has made the NFC chips dormant unless the application is open. This removes the scenario where you brush up against someone on the subway and electronically capture their credit card information. The app requires a PIN to open and is sandboxed, reducing the risk from cybercriminals leveraging vulnerabilities in the Android OS to attack the wallet.

They also made the application such that it shows different cards, allowing the user to select which card to use for a given purchase, although (for now) only Citibank Mastercard and a Google card are available as options.

Google has filled in all the banks, partnering with Citibank (acquirer/bank), MasterCard (card brand), First Data (card processor), and Sprint (carrier). To overcome the acceptance aspect, Google Wallet will be accepted where ever MasterCard PayPass is currently accepted. By piggybacking on existing technology, Google has trumped other electronic wallet solutions that might require the merchant to purchase a new terminal by offering at least 30,000 merchants at the start. Competitors will have difficulty matching that adoption.

From the Google blog

Because Google Wallet is a mobile app, it will do more than a regular wallet ever could. You'll be able to store your credit cards, offers, loyalty cards and gift cards, but without the bulk. When you tap to pay, your phone will also automatically redeem offers and earn loyalty points for you. Someday, even things like boarding passes, tickets, ID and keys could be stored in Google Wallet.

First out of the gate, and with a potentially large acceptance base at the outset, Google Wallet stands a decent chance to succeed against rival solutions such as Isis (AT&T, T-Mobile, and Verizon Wireless) and Visa, which is working with Bank of America, Wells Fargo, U.S. Bancorp and JPMorgan Chase.

Still, it will be interesting to see if anyone finds a way to "wake up" the application in order to surreptitiously read or clone credit card information. Indeed Google's use of hardware encryption might be a likely target for thieves; cybercriminals might be able to find a way to extract the encryption keys remotely and unlock the wallet app.