Heartbleed Seeks Transfusions From Digital Wallets

While the world is just becoming aware of the number of 'digital wallets' in the market today, even the early adopters are hesitant as to which one of the myriad of options to choose one. From PayPal to Google Wallet to Square Wallet to a cryptographic currency such as Bitcoins, at this stage of development, the percentage of usage is very low. Preventing even the most savvy techies from entering the fray is what's perceived as a 'barrier to entry,' namely security and the looming threat of Heartbleed potentially compromising transactions.


Bitcoin is the latest digital wallet to be affected by the Heartbleed bug that's been cyberventilating the Internet for the last couple of weeks.

The Bitcoin Foundation noted on their blog this past week that the earlier versions of Bitcoin Core might have been at risk.

“If you are using the Windows version of the Bitcoin Core [graphical user interface] without a wallet passphrase, it is possible that your wallet could be compromised by clicking on a bitcoin payment request link,” the Bitcoin Foundation said on its website. “It is possible [but unlikely] private keys could be sent to the attacker.”

Bitcoin wallets on Android phones are also at risk if the phone is still running the Android 4.1.1 “Jelly Bean” operating system.

The Bitcoin Core team however, said version 0.9.1 is a maintenance release that will fix this vulnerability (ie Heartbleed), and it was reported that most users have heeded the call and the vast majority of major Bitcoin sites and exchanges have implemented the fix.

Google Wallet

Google Wallet  -- which is an app that stores all of your credit cards and passwords and is partnering with various merchants to allow direct payments -- was also threatened. To counter this potenatial breach, Google has created patch updates to thwart the security risk.

"You may have heard of 'Heartbleed,' a flaw in OpenSSL that could allow the theft of data normally protected by SSL/TLS encryption," wrote Matthew O'Connor, one of Google's product managers. "We've assessed this vulnerability and applied patches to key Google services such as Search, Gmail, YouTube, Wallet, Play, Apps, and App Engine. Google Chrome and Chrome OS are not affected. We are still working to patch some other Google services. We regularly and proactively look for vulnerabilities like this—and encourage others to report them—so that that we can fix software flaws before they are exploited."

Similar to Bitcoin, "Android users are not affected by the vulnerability  known as CVE-2014-0160, unless they are using Android 4.1.1," noted O'Connor.


Brick-and-mortar banks are also trying to reassure their customers that the security flaw will not compromise financial institutions. The American Banking Association issued a statement that asserted, "To date, we are not aware of any U.S. banks that have been exploited using this vulnerability."

Others are skeptical. "Banks historically have been good at making safes, but they have not been good at securing their software," says Richard Kenner, vice president of AdaCore, the software firm that works primarily with the highly security sensitive aerospace and defense industries.

Adoption is a process. . .

Adoption requires users to move along a continuum from knowledge to persuasion to decision to implementation. However a stumbling block like the Heartbleed bug could stall implementation if these first-time users are not confident about the steps taken to make this technology secure. Once these startups and financial institutions have addressed all the risk factors, it's at that stage, digital wallets companies will be able to return to the business at hand, namely, converting more of us into brand advocates.

This will be accomplished through education and making us more comfortable with the ease of use. As we can all remember, we've seen this type of of engagement played out before. It wasn't so long ago, when consumers were reluctant to use ATMs to conduct transactions in place of bank tellers. Now we're using our smartphones to transfer payments and make deposits directly into our checking and saving accounts. From there, it's not a major leap to see us replacing our leather wallets for those of the virtual kind - granted - when we are fully confident there are no potential digital muggings in our foreseeable future.

Apr 24, 2014
by Anonymous

Guys, trade your Bitcoin for

Guys, trade your Bitcoin for OlympicCoin (OLY) on Mintpal, it is so cheap . OLY only has 58million coins in total and you can buy 1million of them right now for less than 1BTC... that means in a few weeks the 1million will be easily worth 10BTC! REPOST to spread the word. Time for us all to get rich!