Earlier this week, Google officially announced that the next generation of its Pixel phones, the Pixel 4, would have a face unlock feature that can be used to authenticate and make secure payments through mobile apps. In the latest development, it is now revealed that the company is working on a new version of Google Pay that will have built-in SafetyNet checker, a tool that will alert the user if their phone cannot be used for payments because it fails attestation. Also, version 2.94 of the payments app may have an Incognito Mode like some of its services already have.
In an APK teardown of the Google Pay version 2.94, the folks at XDADevelopers found that the company had added a built-in SafetyNet checker. This means that in order to use Google Pay on Android, the user must pass several checks by the SafetyNet Attestation API in Google Play Services. Reportedly, these checks include checking for the presence of root binaries and evidence of system-level tampering, among others. If a phone is rooted, users won’t be able to make payments using the biometric authentication.
Google may be extending the Incognito Mode support to Google Pay app. The purpose of this is not known but Android Police reports that it could be done to hide the payments made on a card so they do not appear in the transaction history. It found the codes in an APK Teardown of the app, which suggest that the app will likely have a toggle to turn Incognito mode on and off. Currently, Google apps like Chrome, YouTube and Maps have Incognito Mode.
Recently, Google added an additional notification feature to help users transact securely. Google Pay app will now send app notifications as well as an SMS message to inform users about the direction of flow of money, that is, underscoring that they are sending money from their account when they approve a UPI collect request.