• Skull giver@popplesburger.hilciferous.nl
    link
    fedilink
    English
    arrow-up
    1
    ·
    9 months ago

    Google has a contract with the banks. They get exclusive payment provider access, but in exchange must make sure that customer funds don’t get stolen.

    When CandyCrushHack.apk drains someone’s bank account, the victim will first go after the bank, who should’ve seen the fraud and acted. If the user can prove that they did not authorize the transactions, in many cases, the bank is forced to restore the customer’s balance. That’ll be expensive as hell, and someone will need to pay. The bank knows damn well that Google is on the hook, because their payment gateway could’ve and should’ve detected that the phone was compromised, so Google will either need to pay for the damages, or win an expensive court case with an army of expensive finance lawyers.

    So now there’s a small risk of “user gets hacked, we need to pay back millions” that’s put up against “a sliver of a percentage of our user base can’t do contactless payments with their phone”. I don’t know about you, but I don’t think I would go “let’s blame the users! rooted phones for everyone!” if my pay check was on the line.

    Alternatively, the user is left without a retirement fund and is now forced to work until they die. The news will feature another “picking Android ruined my life” story, Google stock drops, Samsung stock drops, iMessage gains a new set of users.

    That said, my bank allows me do pay by card through the bank app no problem, even without trying to hide root access. Clearly, they trust their anti fraud systems much more than Google trusts theirs.