Should google pay people to use google

The information portal for safe cell phone use

This is Google Pay

Google Pay is Google's payment service. It started in Germany in July 2018. To use the service, you have to download the Google Pay app from the Google Play Store or from Apple's App Store. It is already preinstalled on some Android devices.

In order to pay with the app, you must either have an active PayPal account or a credit card. In order for you to be able to store a credit card in the app, your bank must cooperate with Google Pay. Classic giro cards (EC cards) are currently not supported.

A number of banks are now working with Google Pay, including Commerzbank, DKB and IngDiba. The full list of banks and their accepted cards can be found on this information page from Google.

When creating the pay account, Google asks for your name, address and telephone number as well as your credit card number and the CSV code (three numbers on the back of the card). Anyone who has previously used their Google account without address data or used a different name must now identify themselves.

Pay at the checkout and in apps

If you have a credit card or a PayPal account in the app, you can pay in stores with Google Pay. For this, contactless payment must be possible at the checkout. This is now the case with almost all retailers who also support card payments with PIN or signature.

In addition, many apps and online retailers support payment with Google Pay: for example Ryanair, Booking.com, Lieferando and Flixbus. You can find the full list here.

In order for payment by smartphone to work with these services, you must have installed both the app of the respective service provider and the Google Pay app.

How safe is it to pay by mobile phone?

In principle, Google Pay has several security advantages over traditional bank cards: The app never transmits the actual card number, but only a so-called token. The credit card number cannot be read from the app itself because it is not stored there.

Google Pay only works with phones that have a screen lock. You can pay up to 50 euros without unlocking the screen - but only a few times in a row.

In the event of a loss, the damage is manageable and your actual bank card is ideally safe at home.

Google Pay's own privacy policy

What many users might overlook when setting up Google Pay: To use the payment service, you have to accept your own terms of use and your own privacy policy. This is unusual for a Google service: Google's general privacy policy usually applies.

But Google Pay is offered by the "Google Payment Corp" (GPC), a subsidiary of the Google Group. This data protection declaration guarantees the GPC the following rights (you can find all the quotations on the individual points in the box below):

1. The GPC is open to buying background information about individual users.

This explicitly includes so-called consumer reports. This means background reports on people who can contain anything from creditworthiness to criminal records.

2. The GPC can record what users buy from whom, when, how expensive it is and how they pay for it.

Limitation: Information about what was purchased is only available when paying at the checkout if the retailer provides this information. This information is currently not logged in the standard equipment of the cash registers.

3. The GPC uses all information about a user that is available at Google or at subsidiaries of Google.

The aim is to fight fraud or misconduct and to check whether users are adhering to the terms and conditions. With this information, Google also supports retailers who want to buy from. Google does not say exactly what “supported” means.

4. The GPC shares all of the information it collects with Google and its subsidiaries.

This can also - as the document says explicitly - include financial companies. They can use the information for their respective business purposes.

5. There is a very hidden possibility of objection.

Opt-out options are mentioned in the data protection declaration. For example, you can set your Google account so that no creditworthiness information is exchanged between subsidiaries. Conversely, this means that such information is exchanged without contradiction.

The option to object is in the Google Payment Center under Settings. The explanatory text next to the objection check mark only indicates that Google sellers will no longer find out whether you are using Google Pay - which may mean that this payment option will then no longer be available. Users can only find out that they are contradicting the exchange of information between Google's subsidiaries at this point (!) Only if they carefully read the data protection declaration.

Quotes on the points mentioned from the Google Payment data protection declaration:

You can find the whole document here.

Quote on point 1: "We may obtain information about you from third parties, including third-party verification services. This includes information relating to Google Payments transactions at merchant locations, information from third-party providers regarding the payment methods you use, and accounts associated with Google Payments , the identity of your card issuer or financial institution, information regarding access to funds in your Google Payments account, information from wireless carriers related to wireless billing, and consumer reports as defined by 'consumer reports' under the US Fair Credit Reporting Act . "

Quote on point 2: "We may collect information about the transaction for every transaction via Google Payments. This includes: the date, time and amount of the transaction, merchant location and description, a description of the goods or services purchased by the seller, photos that you attached to the transaction, the name and email address of the seller and buyer or of the sender and recipient, the payment method used, your description of the reason for the transaction and, if applicable, the offer associated with the transaction. "

Quote on point 3: "In addition to the use explained in Google's data protection declaration, we use the information that you have provided to us, GPC or one of our other subsidiaries, as well as the personal data that we receive from third-party providers to provide you with Google Payments services and to protect you from fraud To protect against phishing or other violations.

This information can also be used to assist third party providers in providing products or services that you have requested from these providers. We also use the information to verify your Google Payments account. In this way, we determine whether you continue to comply with the terms of use of the account, make decisions about your further Google Payments transactions and check compliance with other legitimate business requirements in connection with the Google Payments transactions you initiated. "

Quote on point 4: “The information we collect, including information obtained from third parties, is also available to our subsidiaries. These companies are owned and controlled by Google LLC. Our subsidiaries, which are financial and non-financial companies may use such information for their standard business purposes. "

Quote on point 5: "If you do not want personal data relating to your creditworthiness to be exchanged between GPC and its subsidiaries or for personal data collected and disclosed by us to be used by our subsidiaries for marketing purposes, or for Google LLC or its subsidiaries to use third party providers, whose website or app you visit To find out if you have a Google Payments account that can be used to pay with this merchant, log into your account, go to the Google Payments privacy settings page and change your settings. "

Google as a global credit report?

The above five points are extremely problematic because: With these data and exploitation rights, Google Pay could become a global SCHUFA, i.e. a company that provides paying customers with information about the creditworthiness of private individuals.

Then at the latest, urgent questions about transparency and control arise:

  • What factors affect creditworthiness?
  • What does Google consider misconduct?
  • What happens if I get discredited through no fault of my own, for example because someone misuses my payment data?
  • Who do I call on Google to fix this?
  • Will I find out if Google classifies me as “not creditworthy”, or do all the sellers who offer Google Pay suddenly refuse me the payment without giving a reason?

 

And: who could Google sell its knowledge to? Such data can be very valuable for employers, banks or authorities.

It is not unlikely that Google will monetize its information from Google Pay in the “credit reports and credit checks” industry: The Group's investment company, Google Capital, invested over 40 million US dollars in the company Kredit Carma as early as 2014, which specializes in credit scoring.

Conclusion: not recommended

From a data protection perspective, we can only advise against using Google Pay for these reasons.

There are many other ways to pay for a product or service. Data always accumulates with cashless payment - but it is relatively safe at your own bank.

Providing detailed information about your own purchasing behavior to Google is, in our opinion, too high a price for a little more service.

Do you already know our newsletter? Once a month we will send you the latest mobile-safe reading tips straight to your inbox. Register here.
#GooglePay #MobilesPayen #NFC #Wallet
Information has changed or do you have a hint for us on this subject?
Write to us: [email protected]