Google Wallet, your Android becomes your wallet/ID/tickets/offers and more, but does it use ARM TrustZone yet?

Posted by Charbax – May 27, 2011

Google wants to replace your wallet, your passport, your ID, to be used for ticketing, for local offers, coupons, deals and more. But is it secure yet?

We need this pin code mode and it needs to be fully 100% secure. But is it yet secure in this first implementation with NFC on the Nexus S 4G? Does Google yet use some type of deep hardware level security like the ARM TrustZone Mobile Payments platform?

We need this pin code screen to show up full screen, and there needs to be some kind of light diode indicator confirming that you are in 100% secure mode. That kind of pin code screen needs to come up to confirm every login, every payment, every money transfer. If they can do that in the way ARM is suggesting with TrustZone, this should make of this system a fully secured way to replace wallets, ID, Passports, tickets, coupons and more.

I want to login to my Google Account using my phone's pin code security system. I want this system to replace all login username/passwords on the web. This system needs to become the new interface for a new type of OpenID system. Google released in February an SMS based secure login service that they offer to all Google Account holders today. But SMS is not seamless, it's not really usable, the pin code screen needs to popup on your smartphone right there as you are trying to login, authenticate your access or to pay for something. That pin code authentication mechanism could perhaps be replaced by some kind of bio-metric authentication, or a kind of screen lock mechanism. Think of it like that calculator that you use for your security for your net banking, it needs to be the same integrated right into your phone.

Here's the 1-hour video of this Google Wallet announcement, embedded to start at time-code 22 minutes (you can rewind and watch the whole thing if you want) where Rob von Behren talks about the NXP PN65 based Secure Element solution, which sounds like this is true hardware based security!