WingNews logo WingNews GitHub [2]
top | item 38552476

Ask HN: Google Pay hacked, what could be the cause?

5 points| rugger | 2 years ago | reply

Today my debit card has been charged with a series of unauthorized transactions made in Brazil (and I am located in Europe). My bank quickly froze the card, but the first transaction (~USD200) they are refusing to cancel and refund because, as they say:

1) it was made via Google Pay 2) Google Pay is secure and cannot be hacked because it requires physical device authorization.

The issue I'm curious about - what could be the path the hacker used to make the payment?

This is not a issue of getting hold of the debit card number number/CVV, which is of course possible. The transaction was made via Google Pay. To be authorized, it would require either physical access to my mobile (obviously, I was not present in Sao Paolo today). Or this would require a physical login into my browser (Chrome). Which would require authorizing login from a new device, from new location etc. (and I did not get any warnings about that in my email).

Needless to say, I was not involved in fraudulent transaction at all: no SMS codes, no calls, no requests to authorize anything etc.

I am genuinely puzzled how could such an authorized Google Pay transaction happen and how can anyone protect themselves against attacks like this.

1 comment

order
[+] pestatije|2 years ago|reply
i think contacting google pay is worth considering