DOCSLIB.ORG

A Measurement Study of Google Play

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
A Measurement Study of Google Play A Measurement Study of Google Play Nicolas Viennot Edward Garcia Jason Nieh Computer Science Computer Science Computer Science Department Department Department Columbia University Columbia University Columbia University New York, NY, USA New York, NY, USA New York, NY, USA [email protected] [email protected] [email protected] ABSTRACT Keywords Although millions of users download and use third-party Android; Authentication; Clone Detection; Decompilation; Android applications from the Google Play store, little in- Google Play; Mobile Computing; OAuth; Security; formation is known on an aggregated level about these ap- plications. We have built PlayDrone, the first scalable 1. INTRODUCTION Google Play store crawler, and used it to index and analyze The Google Play store allows users to download and use over 1,100,000 applications in the Google Play store on a a vast amount of third-party applications. Millions of users daily basis, the largest such index of Android applications. register personal information both with Google and third- PlayDrone leverages various hacking techniques to circum- party services to download and use these applications on vent Google's roadblocks for indexing Google Play store con- their personal Android phones and tablets. Hundreds of tent, and makes proprietary application sources available, thousands of developers upload content to the Google Play including source code for over 880,000 free applications. We store and millions of users download the content despite the demonstrate the usefulness of PlayDrone in decompiling fact that the content is largely unchecked. and analyzing application content by exploring four pre- However, little is known at an aggregate level about the viously unaddressed issues: the characterization of Google hundreds of thousands of applications available in the Google Play application content at large scale and its evolution over Play store. This is due in large part to the lack of scal- time, library usage in applications and its impact on appli- able tools available for discovering and analyzing Android cation portability, duplicative application content in Google applications in the Google Play store. Application source Play, and the ineffectiveness of OAuth and related service code is also only available to the respective third-party de- authentication mechanisms resulting in malicious users be- velopers. Not even Google has access to the source code, ing able to easily gain unauthorized access to user data and as applications are submitted directly as compressed binary resources on Amazon Web Services and Facebook. packages by application developers to Google Play. Fur- thermore, Google imposes various mechanisms to prevent others from crawling and indexing Google Play store con- Categories and Subject Descriptors tent. For example, discovery of applications in the Google Play store is limited as only the first 500 applications be- C.2.4 [Computer-Communication Networks]: Dis- longing to any category or matching any search term can be tributed Systems; C.4 [Performance of Systems]: found by browsing the store's web interface. Some applica- Measurement techniques; C.5.3 [Computer System tions also require specific hardware features or other existing Implementation]: Microcomputers{Portable devices; applications and libraries to be available on the end-user de- H.3.3 [Information Storage and Retrieval]: Infor- vice. Such applications are only available if the Google Play mation Search and Retrieval{Information filtering; J.7 interface is accessed with an account registered on a device [Computers in Other Systems]: Consumer products; with the prerequisites available. K.6.2 [Management of Computing and Information To explore Google Play content, we have created Play- Systems]: Installation Management{Performance and us- Drone, the first scalable Google Play store crawler and ap- age measurement; K.6.5 [Management of Computing plication analysis framework. PlayDrone uses four key and Information Systems]: Security and Protection{ techniques. First, PlayDrone leverages common hacking Authentication techniques to easily circumvent security measures that Google uses to prevent indexing Google Play store content. These Permission to make digital or hard copies of all or part of this work for personal or techniques include simple dictionary-based attacks for dis- classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation covering applications, and decompiling and rebuilding the on the first page. Copyrights for components of this work owned by others than the Google Play Android client to use insecure communication author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or protocols to communicate with the Google Play servers to republish, to post on servers or to redistribute to lists, requires prior specific permission capture, understand, and reproduce the necessary protocols. and/or a fee. Request permissions from [email protected]. Second, PlayDrone leverages higher-level languages and SIGMETRICS’14, June 16–20, 2014, Austin, Texas, USA. frameworks to provide highly concurrent, distributed pro- Copyright is held by the owner/author(s). Publication rights licensed to ACM. cessing with modest implementation effort. ACM 978-1-4503-2789-3/14/06 ...$15.00. PlayDrone http://dx.doi.org/10.1145/2591971.2592003. is written in Ruby and uses the Sidekiq [31] asynchronous processing framework and the Redis [33] key-value store. ning the applications. Our results demonstrate developer Its performance scales easily by simply adding servers to confusion may subvert the effectiveness of the widely used the cluster, enabling PlayDrone to efficiently crawl the OAuth open source standard for authentication. We notified Google Play store on a daily basis even as its content con- and worked with service providers to prevent these attacks, tinues to grow. Third, PlayDrone stores each applica- including providing Google with code to help them scan for tion's metadata and decompiled sources in a Git repository. secret keys in applications as part of the Google Play appli- This provides a simple versioning system for PlayDrone cation publication process to protect users and developers. to track and manage multiple versions of each application This rest of this paper is organized as follows. Section 2 and analyze how Google Play store content evolves over describes how PlayDrone intefaces with the Google Play time. Finally, PlayDrone leverages the Elasticsearch [19] API. Section 3 describes the PlayDrone crawler architec- distributed real-time search and analytics engine using an ture. and Section 4 measures its scalable performance. Sec- indexing schema based on the Google Play store API to tion 5 characterizes Android applications in Google Play. make it easy to analyze and explore the Google Play store Section 6 discusses library usage in Android applications. metadata and content. Section 7 describes our approach for efficiently detecting We have used PlayDrone to crawl the Google Play store similar Android applications and our measurements of simi- and analyze over 1,100,000 Android applications, including larity among applications in Google Play. Section 8 presents decompiling the source code for over 880,000 free Android a study of secret authentication key usage and its problems applications and analyzing over 100 billion lines of decom- in Android applications. Section 9 discusses related work. piled code. We demonstrate the usefulness of PlayDrone Finally, we present some concluding remarks. for analyzing application content by exploring four previ- ously unaddressed issues in understanding Android applica- 2. INTERFACING WITH GOOGLE PLAY tions. First, we provide a characterization of Google Play To crawl the Google Play store, PlayDrone needs to application content at scale. We discuss the relationship be- communicate with the Google Play store, which requires tween application ratings and download frequency, discuss use of a Google account for all the necessary functionality. how applications are categorized in Google Play and how the Using only a few Google accounts to crawl the entire store choice of self-categorization can affect application visibility. might risk having the accounts disabled by Google, so we We show how Google Play store content evolves over time, decided to harvest a large number of Google accounts. To providing a measure of how often applications are released, do this quickly and efficiently, we had to address two prob- updated, and removed. We also show that a small percent- lems. First, registering for a Google account requires solv- age of free applications account for almost all downloads. ing CAPTCHAs. Second, registering for a Google account Second, we perform the first large-scale source code anal- requires phone verification when the same IP attempts to ysis of library usage in Android applications. We show how register more than five accounts on a given day. library usage differs between popular and unpopular applica- We addressed both issues by using a crowdsourcing Inter- tions, including that native libraries are heavily used among net marketplace service to cheaply use other human users to the most popular applications. As a result, Android systems register for Google accounts from a diverse set of IPs. Any which only support Java-based applications are inadequate such service could be used, including dedicated
Load more

Recommended publications
  • How Applications Are Run on Android ?
    How applications are run on Android ? Jean-Loup Bogalho & Jérémy Lefaure [email protected] [email protected] Table of contents 1. Dalvik and ART 2. Executable files 3. Memory management 4. Compilation What is Dalvik ? ● Android’s Virtual Machine ● Designed to run on embedded systems ● Register-based (lower memory consumption) ● Run Dalvik Executable (.dex) files What is ART ? ● Android RunTime ● Dalvik’s successor ● ART Is Not a JVM ● Huge performance gain thanks to ahead-of-time (AOT) compilation ● Available in Android 4.4 What is ART ? Executable files Dalvik: .dex files ● Not the same bytecode as classical Java bytecode ● .class files are converted in .dex files at build time ● Optimized for minimal memory footprint Dalvik: .dex files Dalvik: application installation ● Verification: ○ bytecode check (illegal instructions, valid indices,...) ○ checksum on files ● Optimization: ○ method inlining ○ byte swapping and padding ○ static linking ART: OAT file ● Generated during installation (dex2oat) ● ELF format ● Classes metadata Memory management Zygote ● Daemon started at boot time ● Loads and initializes core libraries ● Forks to create new Dalvik instance ● Startup time of new VM is reduced ● Memory layouts are shared across processes Dalvik: memory management ● Memory is garbage collected ● Automatic management avoids programming errors ● Objects are not freed as soon as they become unused Dalvik: memory allocation ● Allocation profiling: ○ allocation count (succeeded or failed) ○ total allocated size (succeeded or failed) ● malloc
    [Show full text]
  • Android (Operating System) 1 Android (Operating System)
    Android (operating system) 1 Android (operating system) Android Home screen displayed by Samsung Nexus S with Google running Android 2.3 "Gingerbread" Company / developer Google Inc., Open Handset Alliance [1] Programmed in C (core), C++ (some third-party libraries), Java (UI) Working state Current [2] Source model Free and open source software (3.0 is currently in closed development) Initial release 21 October 2008 Latest stable release Tablets: [3] 3.0.1 (Honeycomb) Phones: [3] 2.3.3 (Gingerbread) / 24 February 2011 [4] Supported platforms ARM, MIPS, Power, x86 Kernel type Monolithic, modified Linux kernel Default user interface Graphical [5] License Apache 2.0, Linux kernel patches are under GPL v2 Official website [www.android.com www.android.com] Android is a software stack for mobile devices that includes an operating system, middleware and key applications.[6] [7] Google Inc. purchased the initial developer of the software, Android Inc., in 2005.[8] Android's mobile operating system is based on a modified version of the Linux kernel. Google and other members of the Open Handset Alliance collaborated on Android's development and release.[9] [10] The Android Open Source Project (AOSP) is tasked with the maintenance and further development of Android.[11] The Android operating system is the world's best-selling Smartphone platform.[12] [13] Android has a large community of developers writing applications ("apps") that extend the functionality of the devices. There are currently over 150,000 apps available for Android.[14] [15] Android Market is the online app store run by Google, though apps can also be downloaded from third-party sites.
    [Show full text]
  • K1 LEVEL QUESTIONS 17PMC640 ANDROID PROGRAMMING Unit:1
    K1 LEVEL QUESTIONS 17PMC640 ANDROID PROGRAMMING Unit:1 1) Dalvik Virtual Machine (DVM) actually uses core features of A. Windows B. Mac C. Linux D. Contiki 2) A type of service provided by android that allows sharing and publishing of data to other applications is A. View System B. Content Providers C. Activity Manager D. Notifications Manager 3) Android library that provides access to UI pre-built elements such as buttons, lists, views etc. is A. android.text B. android.os C. android.view D. android.webkit 4) A type of service provided by android that shows messages and alerts to user is A. Content Providers B. View System C. Notifications Manager D. Activity Manager 5) A type of service provided by android that controls application lifespan and activity pile is A. Activity Manager B. View System C. Notifications Manager D. Content Providers 6) One of application component, that manages application's background services is called A. Activities B. Broadcast Receivers C. Services D. Content Providers 7) In android studio, callback that is called when activity interaction with user is started is A. onStart B. onStop C. onResume D. onDestroy 8) Tab that can be used to do any task that can be done from DOS window is A. TODO B. messages C. terminal D. comments 9) Broadcast that includes information about battery state, level, etc. is A. android.intent.action.BATTERY_CHANGED B. android.intent.action.BATTERY_LOW C. android.intent.action.BATTERY_OKAY D. android.intent.action.CALL_BUTTON 10) OHA stands for a) Open Host Application b) Open Handset
    [Show full text]
  • Android Operating System
    Software Engineering ISSN: 2229-4007 & ISSN: 2229-4015, Volume 3, Issue 1, 2012, pp.-10-13. Available online at http://www.bioinfo.in/contents.php?id=76 ANDROID OPERATING SYSTEM NIMODIA C. AND DESHMUKH H.R. Babasaheb Naik College of Engineering, Pusad, MS, India. *Corresponding Author: Email- [email protected], [email protected] Received: February 21, 2012; Accepted: March 15, 2012 Abstract- Android is a software stack for mobile devices that includes an operating system, middleware and key applications. Android, an open source mobile device platform based on the Linux operating system. It has application Framework,enhanced graphics, integrated web browser, relational database, media support, LibWebCore web browser, wide variety of connectivity and much more applications. Android relies on Linux version 2.6 for core system services such as security, memory management, process management, network stack, and driver model. Architecture of Android consist of Applications. Linux kernel, libraries, application framework, Android Runtime. All applications are written using the Java programming language. Android mobile phone platform is going to be more secure than Apple’s iPhone or any other device in the long run. Keywords- 3G, Dalvik Virtual Machine, EGPRS, LiMo, Open Handset Alliance, SQLite, WCDMA/HSUPA Citation: Nimodia C. and Deshmukh H.R. (2012) Android Operating System. Software Engineering, ISSN: 2229-4007 & ISSN: 2229-4015, Volume 3, Issue 1, pp.-10-13. Copyright: Copyright©2012 Nimodia C. and Deshmukh H.R. This is an open-access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.
    [Show full text]
  • Dalvik - Virtual Machine
    Review Indian Journal of Engineering, Volume 1, Number 1, November 2012 REVIEW Indian Journal of 7765 – ngineering 7757 EISSN 2319 E – ISSN 2319 Dalvik - Virtual Machine Ashish Yadav J1, Abhishek Vats J2, Aman Nagpal J3, Avinash Yadav J4 1.Department of Computer Science, Dronacharya college of Engineering, Gurgaon, India, E-mail: [email protected] 2.Department of Computer Science, Dronacharya college of Engineering, Gurgaon, India, E-mail: [email protected] 3.Department of Computer Science, Dronacharya college of Engineering, Gurgaon, India, E-mail: [email protected] 4.Department of Computer Science, Dronacharya college of Engineering, Gurgaon, India, E-mail: [email protected] Received 26 September; accepted 19 October; published online 01 November; printed 16 November 2012 ABSTRACT Android is a software stack for mobile devices that contains an operating system, middleware and key applications. Android is a software platform and operating system for mobile devices based on the Linux operating system and developed by Google and the Open Handset Alliance. It allows developers to Write handle code in a Java-like language that utilizes Google-developed Java libraries, but does not support programs developed in native code. The presentation of the Android platform on 5 November 2007 was announced with the founding of the Open Handset Alliance, a consortium of 34 hardware, software and telecom companies devoted to advancing open standards for mobile devices. When released in 2008, most of the Android platform will be made obtainable under the Apache free-software and open-source license. Open Android provide the permission to access core mobile device functionality through standard API calls.
    [Show full text]
  • Dexmedetomidine Mitigates LPS-Induced Acute Lung Injury in Rats Through HMGB1-Mediated Anti- Inflammatory and Antioxidant Mechanisms
    Revista Argentina de Clínica Psicológica 2020, Vol. XXIX, N°4, 377-383 377 DOI: 10.24205/03276716.2020.837 Dexmedetomidine Mitigates LPS-Induced Acute Lung Injury in Rats Through HMGB1-Mediated Anti- Inflammatory and Antioxidant Mechanisms Ning Lva*,XiaoYun Lib ABSTRACT Purpose: To investigate the effect of dexmedetomidine on lipopolysaccharide (LPS)- induced acute lung injury in rats, and the underlying mechanism. Methods: Healthy male SD rats (n=54) were randomly divided into three groups: normal, model and dexmedetomidine groups, with 18 rats in each group. Rats in the model and dexmedetomidine groups were given LPS at a dose of 8 mg/kg, to establish a model of acute lung injury. Rats in the dexmedetomidine group were injected intraperitoneallywith dexmedetomidine at a dose of 50 μg/kg prior to establishment of the model, while rats in the normal group received intraperitoneal injection of normal saline in place of dexmedetomidine. Hematoxylin and eosin (H&E) staining was used to observe changes in lung tissue in each group.Changes in wet/dry weight ratio of lung tissue were compared among the groups. Enzyme-linked immunosorbent assay was used to determine the expressions of inflammation indices i.e. interleukin-6 (IL-6), tumor necrosis factor-α (TNF- α), and interleukin-1β (L-1β)] in lung tissue. Levels of MDA were measured with thiobarbituric acid method. Superoxide dismutase (SOD) activity was assayed through enzyme rate method, while nitric oxide was measured using nitrate reductase assay.The expression levels of high mobility group protein B1 (HMGB1), p-PI3K, p-Akt, p-IκB, p-NF- κB, and Toll-like receptor 4 (TLR4) in lung tissue were determined with Western blotting.
    [Show full text]
  • 13 Cool Things You Can Do with Google Chromecast Chromecast
    13 Cool Things You Can Do With Google Chromecast We bet you don't even know half of these Google Chromecast is a popular streaming dongle that makes for an easy and affordable way of throwing content from your smartphone, tablet, or computer to your television wirelessly. There’s so much you can do with it than just streaming Netflix, Hulu, Spotify, HBO and more from your mobile device and computer, to your TV. Our guide on How Does Google Chromecast Work explains more about what the device can do. The seemingly simple, ultraportable plug and play device has a few tricks up its sleeve that aren’t immediately apparent. Here’s a roundup of some of the hidden Chromecast tips and tricks you may not know that can make casting more magical. Chromecast Tips and Tricks You Didn’t Know 1. Enable Guest Mode 2. Make presentations 3. Play plenty of games 4. Cast videos using your voice 5. Stream live feeds from security cameras on your TV 6. Watch Amazon Prime Video on your TV 7. Create a casting queue 8. Cast Plex 9. Plug in your headphones 10. Share VR headset view with others 11. Cast on the go 12. Power on your TV 13. Get free movies and other perks Enable Guest Mode If you have guests over at your home, whether you’re hosting a family reunion, or have a party, you can let them cast their favorite music or TV shows onto your TV, without giving out your WiFi password. To do this, go to the Chromecast settings and enable Guest Mode.
    [Show full text]
  • User Manual Introduction
    Item No. 8015 User Manual Introduction Congratulations on choosing the Robosapien Blue™, a sophisticated fusion of technology and personality. With a full range of dynamic motion, interactive sensors and a unique personality, Robosapien Blue™ is more than a mechanical companion; he’s a multi-functional, thinking, feeling robot with attitude! Explore Robosapien Blue™ ’s vast array of functions and programs. Mold his behavior any way you like. Be sure to read this manual carefully for a complete understanding of the many features of your new robot buddy. Product Contents: Robosapien Blue™ x1 Infra-red Remote Controller x1 Pick Up Accessory x1 THUMP SWEEP SWEEP THUMP TALK BACKPICK UP LEAN PICK UP HIGH 5 STRIKE 1 STRIKE 1 LEAN THROW WHISTLE THROW BURP SLEEP LISTEN STRIKE 2 STRIKE 2 B U LL P D E O T Z S E R R E S E T P TU E R T N S S N T R E U P T STRIKE 3 R E S E R T A O R STRIKE 3 B A C K S S P T O E O P SELECT RIGHT T LEF SONIC DANCE D EM 2 EXECUTE O O 1 DEM EXECUTE ALL DEMO WAKE UP POWER OFF Robosapien Blue™ Remote Pick Up Controller Accessory For more information visit: www.wowwee.com P. 1 Content Introduction & Contents P.1-2 Battery Details P.3 Robosapien Blue™ Overview P.4 Robosapien Blue™ Operation Overview P.5 Controller Index P.6 RED Commands - Upper Controller P.7 RED Commands - Middle & Lower Controller P.8 GREEN Commands - Upper Controller P.9 GREEN Commands - Middle & Lower Controller P.10 ORANGE Commands - Upper Controller P.11 ORANGE Commands - Middle & Lower Controller P.12 Programming Mode - Touch Sensors P.13 Programming Mode - Sonic Sensor P.14 Programming Mode - Master Command P.15 Troubleshooting Guide P.16 Warranty P.17 App Functionality P.19 P.
    [Show full text]
  • Protect Yourself from These 5 Common Google Play Gift Card Scams
    Protect Yourself From These 5 Common Google Play Gift Card Scams According to the FTC, $74.3M has been reported lost due to gift card and reload card scams in the first 9 months of this year (​source​). To help protect consumers against scams involving the Google Play gift card, Google is working to raise awareness and educate consumers on protecting themselves from gift card scams. ​Google Play​ is the official app store for Android smartphones and tablets. ​Google Play gift cards are easy-to-give gifts, but can only be used ​to purchase apps, movies, books, and other video game or app-related purchases through the Google Play store. ​But because Google Play gift cards are so easy to use, some bad actors request them as an alternative payment method in sophisticated scam scenarios. ​Don’t be misled. If anyone ever asks you to pay them with a Google Play gift card, it’s a scam. Period. 5 Common Google Play Gift Card Scam Scenarios: 1. IRS & Government You may get a phone call from someone claiming to be the IRS, police, or another official government entity. If this caller tries to scare you into buying gift cards as payment for back taxes or for other legal situations hang up the phone--this caller is a scammer. Even if the caller knows and recites the last four digits of your social security number, this is still a scam. The caller may become hostile or insulting and they may threaten you with arrest, deportation, or suspension of a business or driver’s license, etc.
    [Show full text]
  • Mobile Code Anti-Reversing Scheme Based on Bytecode Trapping in ART
    sensors Article Mobile Code Anti-Reversing Scheme Based on Bytecode Trapping in ART Geonbae Na 1, Jongsu Lim 1, Sunjun Lee 2 and Jeong Hyun Yi 2,* 1 School of Computer Science and Engineering, Soongsil University, Seoul 06978, Korea; [email protected] (G.N.); [email protected] (J.L.) 2 School of Software, Soongsil University, Seoul 06978, Korea; [email protected] * Correspondence: [email protected] Received: 31 March 2019; Accepted: 6 June 2019; Published: 10 June 2019 Abstract: As interest in Internet of Things environments rapidly increases throughout the IT convergence field, compatibility with mobile devices must be provided to enable personalized services. The security of mobile platforms and applications is critical because security vulnerabilities of mobile devices can be spread to all things in these environments. Android, the leading open mobile platform, has long used the Dalvik virtual machine as its runtime system. However, it has recently been completely replaced by a new runtime system, namely Android Runtime (ART). The change from Android’s Dalvik to ART means that the existing Dalvik bytecode-based application execution structure has been changed to a machine code-based application execution structure. Consequently, a detailed understanding of ART, such as new file formats and execution switching methods between codes, is required from the viewpoint of application security. In this paper, we demonstrate that an existing Dalvik-based application vulnerability can be exploited as-is in ART. This is because existing Dalvik executable files coexist in the ART executable file, and these Dalvik bytecodes and compiled machine codes have one-to-one mapping relationships.
    [Show full text]
  • Youtube Premium App Download Redit Youtube Premium Review: I Finally Caved – Is It Worth It? Youtube Is One of the Most Popular Apps and Websites on the Web
    youtube premium app download redit YouTube Premium Review: I Finally Caved – Is It Worth It? YouTube is one of the most popular apps and websites on the web. Around 2 billion people access YouTube every month . On top of that, around 73% of US adults use YouTube on a daily basis . YouTube is a big deal basically. And its main revenue is adverts – lots and lots of adverts. If you want to make adverts disappear on YouTube, you have to sign up for YouTube Premium. It costs £11.99 a month (though you do get a free 30-day trial) and this also gets you access to YouTube Music as well (you can also move all your music from Google Play Music over to YouTube Music too). I signed up for YouTube Premium a few weeks back to see if it was for me. I had grown tired of interacting with Google’s never-ending pop-up spam on the app which seemed to appear every single time I opened the app. Google broke me. I caved and signed up. What’s ironic about all this, however, is the Google actively penalizes websites that use similar marketing tactics online. They call it spamming. Apparently it’s OK when Google does it though. If you use YouTube regularly, you’ll know exactly what I’m talking about. You get pop-ups like the ones listed below pretty much every time you open the app… SIGN-UP TO YouTube Premium! Hey, try YouTube Premium for free Do you want YouTube Premium? YouTube Premium is ad-free Get YouTube Premium now.
    [Show full text]
  • Google Pay-FAQ
    Frequently Asked Questions 1. What is Google Pay? You can also open the Google Pay app, swipe left at the top to find the card you want to make default, then tap Pay Google Pay is a mobile payments app that can store your credit, debit, prepaid, loyalty Cards, etc. It is the fastest, simplest with this card 19. Can I continue to use Google Pay if my physical Credit / Debit / Prepaid card is due to expire? way to pay in millions of places – online, in stores. It brings together everything you need at checkout and protects your You can continue to use Google Pay till your card expiry date. Once you receive and activate your renewed card, you payment info with multiple layers of security. 9. Is Google Pay secure? will need to add it into Google Pay. Yes. Google Pay is secure because it processes transactions through a tokenisation service. This service replaces a 2. How do I set up Google Pay? Card’s primary account number with a random numerical sequence unique to a specific device, merchant, transaction 20. Will the card image in Google Pay match my physical card? •It only takes a few minutes to get up and running with Google Pay. type or channel. Actual account numbers are not stored on the device, or on mobile servers, and cashiers will no The card image may not be an exact match. Keep in mind this doesn't affect how your cards work with Google Pay. •Download the app on Google Play or the App Store, or visit pay.google.com.
    [Show full text]