Evan Schuman's StorefrontBacktalk

That’s a privacy nightmare, because all that data is accessible if the phone is stolen and the thief hacks the phone. It may even be available remotely if the phone is malware infected. These phones are big targets—and there aren’t any QSAs vetting consumers for PCI compliance.

In that context, you’d think Google would be especially concerned about locking down information about wallet transactions with both a PIN and encryption. (Yes, encrypting and decrypting data on the fly chews up a phone’s processing power. You’d think Google would love the idea of getting users to upgrade their phones, too.)

In fact, because Google is pitching its mobile wallet as a replacement for real wallets, you’d think Google would be thinking in terms of securely storing (in other words, encrypting) everything that’s stored on a smartphone. That might not include text messages or E-mail, but locking up all those other big, fat targets for thieves is just in Google’s interest.

But first, Google may need to rethink many of its ideas about security. As the viaForensics analysis notes, it’s good to require a PIN to get into the mobile wallet. A PIN keeps out casual thieves. But it won’t deter a serious cyberthief. Encrypting everything in the wallet would make getting useful information so hard that it would probably be more cost effective just to wipe and sell the phone.

That’s the way Google needs to think about security. A smartphone is the only computer that a thief can easily walk off with in any unguarded moment. The usual rules of physical control don’t apply. (Think about how often thieves manage to physically compromise PIN pads that are sitting on counters in plain view, where it should be easy to spot a thief at work. Mobile phones are even easier to steal than that.)

Google probably should give users much more control over what data is routinely displayed, too. ViaForensics specifically called out the fact that an E-mail address was displayed when Google Wallet was initially opened up. But the app also automatically displays some very specific details when a card is selected, including the cardholder’s balance and credit limit. That’s handy—but not necessarily something a mobile-wallet user would want available to any shoulder surfer standing nearby.

(It’s also not necessarily in the interest of retailers. Constantly having the balance-due flashed at customers might have a dampening effect on their willingness to spend even more money.)

So encrypting transactions is essential. Providing smartphone users with an encrypted place to store personal information is a good idea, too. Making sure that “deleted” information is actually overwritten, that system logs don’t leak card data and that phones only display information users want displayed—those are all essential.

There’s a strange split in the relationship that smartphone users have with their phones. These people love their phones. They trust their phones with way too much information, and they’re not willing to give up their phones. And if a mobile wallet from Google (or ISIS or PayPal or Apple) gives them a reason to distrust their phones, they still won’t give up the phone.

But a mobile wallet? That’ll be the first thing to go.