1. kidcul's Avatar
    I have a Motorola Droid Turbo. I have never locked the phone. I downloaded ANDROID PAY app last night. It required a screen lock to secure credit card
    I agreed and set up a pattern screen lock. I got tired of unlocking phone every time. I went to disable the screen lock and I am NOT ABLE to do that. The security settings for NONE and SWIPE have been grayed out and are no longer an option. I have removed ANDROID PAY and still have issue. I have spent 35 minutes with Verizon and unable to cure the problem.
    I DO NOT WANT TO DO A FACTORY RESET! any ideas I am open to.
    01-19-2016 09:17 AM
  2. N4Newbie's Avatar
    Go to Settings -> Security. Scroll to near the bottom and find "Clear credentials"

    That should do it.
    D._Manley and kidcul like this.
    01-19-2016 10:40 AM
  3. D._Manley's Avatar
    This is precisely why I dumped Android Pay when it replaced Google Wallet. The requirement for a PIN on the phone itself as opposed to app use only is absurd.
    01-19-2016 02:04 PM
  4. matt.eskes's Avatar
    This is precisely why I dumped Android Pay when it replaced Google Wallet. The requirement for a PIN on the phone itself as opposed to app use only is absurd.
    That, and the fact that it doesn't support rooted devices is why I don't use it.
    01-19-2016 02:09 PM
  5. N4Newbie's Avatar
    That, and the fact that it doesn't support rooted devices is why I don't use it.
    I see where you are coming from, but in Google's defense, the whole point is security. Many of the same people who are complaining about this subject are the ones who will complain to their bank and/or Google and demand their money back when someone uses their device to make unauthorized payments.
    01-19-2016 02:21 PM
  6. matt.eskes's Avatar
    I see where you are coming from, but in Google's defense, the whole point is security. Many of the same people who are complaining about this subject are the ones who will complain to their bank and/or Google and demand their money back when someone uses their device to make unauthorized payments.
    And what, exactly, was wrong with the token based system that Wallet used?
    01-19-2016 02:22 PM
  7. N4Newbie's Avatar
    And what, exactly, was wrong with the token based system that Wallet used?
    One presumes that it was imperfect (insecure) enough that Google felt the need to improve it.

    Android Pay is a tokenization payment system. But if someone gets a hold of your unprotected phone and uses it to make a bunch of purchases, whose fault is that?
    01-19-2016 02:34 PM
  8. matt.eskes's Avatar
    One presumes that it was imperfect (insecure) enough that Google felt the need to improve it.

    Android Pay is a tokenization payment system. But if someone gets a hold of your unprotected phone and uses it to make a bunch of purchases, whose fault is that?
    Pay is not tokenized; it utilizes the Secure Element based upon the code they purchased from the ISIS Mobile Wallet.
    01-19-2016 02:37 PM
  9. kidcul's Avatar
    Thank you That Did IT
    01-19-2016 02:47 PM
  10. doogald's Avatar
    With wallet, Google was absorbing all the risk of fraudulent transactions. With android pay, as with other tap to pay systems, the banks now absorb the risk. And they insist that the phone must be lockable, I believe.

    I've heard/read that more than once, and it sounds believable to me.

    I would never own a phone with sensitive data that wasn't lockable, so android pay doesn't bother me. I guess don't use it if it bothers you.
    01-19-2016 03:29 PM
  11. N4Newbie's Avatar
    Pay is not tokenized; it utilizes the Secure Element based upon the code they purchased from the ISIS Mobile Wallet.
    The Android Pay details Google didn't tell you - CNET

    Android Pay is all about tokenization; Google Wallet takes a backseat | Ars Technica

    How Google took a page from Apple to secure Android Pay | Macworld

    Android Pay, Google’s Apple Pay Rival, Arrives Today | TechCrunch

    As stated in this last link (the others are similar), "Similar to its competitors, Android Pay doesn’t send your credit or debit card number to a merchant, but uses a virtual account number as a security measure (aka “tokenization”). However, Android Pay’s implementation of this technology is different from Apple’s. Apple Pay generates tokens in a chip called the Secure Element, but Android Pay generates tokens in the cloud."

    Also of interest, https://en.wikipedia.org/wiki/Tokeni...ta_security%29
    01-20-2016 07:42 AM
  12. maxman1's Avatar
    One presumes that it was imperfect (insecure) enough that Google felt the need to improve it.

    Android Pay is a tokenization payment system. But if someone gets a hold of your unprotected phone and uses it to make a bunch of purchases, whose fault is that?
    The notion that Android Pay is more secure is, IMO, flawed. A PIN lock is a PIN lock. With the app itself secured by PIN it was equally as secure if not more so. With Android Pay, anyone that has access to using your device also has access to using the app. In many cases, the two are not mutually acceptable. Additionally, the inconvenience of a PIN lock on the device is both unnecessary and unacceptable to many - myself included. This was a swing & miss by Google and is more akin to Apple's mentality.
    01-20-2016 12:33 PM
  13. doogald's Avatar
    Did the pin on google wallet automatically wipe the phone after a certain number of attempts, or start slowing access to the phone with each additional incorrectly guessed pin? That's what happens with a pin locked device at the admin level and if Google wallet was different, all it would take for somebody who stole your phone is to keep guessing one of ten thousand pins.
    01-20-2016 01:44 PM
  14. maxman1's Avatar
    Did the pin on google wallet automatically wipe the phone after a certain number of attempts, or start slowing access to the phone with each additional incorrectly guessed pin? That's what happens with a pin locked device at the admin level and if Google wallet was different, all it would take for somebody who stole your phone is to keep guessing one of ten thousand pins.
    Certainly within the realm of infinite possibility however, using only a 4 digit PIN results in 10,000 different combinations. I'm more than willing to roll the dice on that and willing to bet the device would be missed & remotely wiped well before the needle were to be found in the haystack.
    01-20-2016 06:57 PM
  15. doogald's Avatar
    Certainly within the realm of infinite possibility however, using only a 4 digit PIN results in 10,000 different combinations. I'm more than willing to roll the dice on that and willing to bet the device would be missed & remotely wiped well before the needle were to be found in the haystack.
    With Google wallet there was a setting in the app to change your pin. They wouldn't be making up to ten thousand guesses when trying to pay for something; it would be at that setting. With airplane mode on, you wouldn't have been able to wipe anything.

    Of course it's up to you, and sure that might have been a very small risk, but it's definitely less secure not to have that level of security on your phone.
    01-21-2016 04:29 AM
  16. N4Newbie's Avatar
    My ideal solution would be to be able to set a maximum transaction value above which you would have to enter a PIN; $5.50 at Starbucks? Fine, no problem. $199.50 at Best Buy; please enter your PIN to proceed.

    Just like you can now make small credit/debit card transactions without signing/PIN'ing at McDonald's, Dunkin Donuts, etc.
    01-21-2016 07:39 AM
  17. maxman1's Avatar
    With Google wallet there was a setting in the app to change your pin. They wouldn't be making up to ten thousand guesses when trying to pay for something; it would be at that setting. With airplane mode on, you wouldn't have been able to wipe anything.

    Of course it's up to you, and sure that might have been a very small risk, but it's definitely less secure not to have that level of security on your phone.
    Not to belabor the point to death, changing to a new PIN required the current PIN for access to do so. My sole point is that app's security can be achieved by lesser hindrances than requirements than simply PIN locking the phone granting any user unrestricted access. I get why there can be disagreement among other users but to ME, this (Android Pay) was a step backwards in form, function & convenience.
    01-21-2016 12:33 PM
  18. doogald's Avatar
    Not to belabor the point to death, changing to a new PIN required the current PIN for access to do so.
    Right, but I'm not sure that the app wouldn't stop or slow somebody from making 5000 guesses (the average number of guesses required) in the way that a security lock at the Android level does and will.

    It may be not what you want, but it's definitely more secure. Google probably should have never created the tap to pay wallet app until they knew they could use the Secure Element in the phone, rather than the pseudo Secure Element they created with wallet.

    Motorola really should have charged the few extra dollars more and made sure the phone had a fingerprint reader with this generation of phones. That was a mistake on their part imho and would have solved this "problem" for good.
    01-21-2016 01:51 PM

Similar Threads

  1. Disabling Autostart Apps . . .
    By Android NOOB 96 in forum Ask a Question
    Replies: 1
    Last Post: 01-19-2016, 02:30 PM
  2. Will the sim card from my BlackBerry Curve fit into a Samsung S3
    By AC Question in forum Samsung Galaxy S3
    Replies: 1
    Last Post: 01-19-2016, 11:27 AM
  3. how to boost weak wifi signal
    By dima manuel in forum Ask a Question
    Replies: 4
    Last Post: 01-19-2016, 09:05 AM
  4. Replies: 0
    Last Post: 01-19-2016, 07:27 AM
LINK TO POST COPIED TO CLIPBOARD