La safety of the information has become a growing concern for everyone. From simple users to tech experts, data protection is in focus. Recently, a critical vulnerability was discovered in the Android operating system, putting the credit card information of millions of users at risk. Identified as CVE-2023-35671, this vulnerability affects all devices running Android 5.0 or higher, thus broadening the scope of the problem. Let's see the details.
Topics of this article:
How credit card vulnerability works
Vulnerability is closely linked to function lock and unlock screen of Android, a feature designed to improve security and privacy. However, when this feature is enabled, a security breach is created. Even if you have set the security options as “Require PIN code before unlocking"and "Request device unlock for NFC“, your sensitive credit card data can easily be compromised.
In practical terms, a malicious individual equipped with an NFC reader could access all of your credit or debit card details. This is particularly worrying if you have linked your card to Google Wallet and you've set it up for contactless payments, an increasingly common practice today. Below is the video showing the vulnerability on Android linked to credit cards.
What this means for users
The discovery of this vulnerability prompted Google to take rapid action, classifying the problem as “serious” and starting to work on a solution. However, the security patch that fixes this issue is only included in the September 2023 update and will only be available for devices running Android 11 or newer versions. This leaves a wide range of vulnerable devices, especially those with older versions of the operating system or those that will no longer receive updates from the manufacturer.
How to protect yourself
While we wait for Google to release a security patch for all devices, a temporary solution could be there deactivation of the “ functionScreen lock" on Android devices. This feature, while useful for maintaining privacy and security in certain situations, paradoxically becomes a weak point due to the vulnerability in question. By deactivating the “Screen lock“, users can reduce the risk of credit card data exposure. However, it is important to note that this measure is a temporary solution and does not replace the need for a full security patch.
Therefore, it is advisable to use this option with caution and in combination with other security measures, such as updating apps and the operating system, using a VPN and regularly scanning your device for malware.
Through | Red Hot Cyber
