After conducting some extensive research, the security experts at viaForensics concluded that Google Wallet is not as secure as it should be. In particular, their analysis shows that the mobile payment platform stores too much personal data on the smartphone, and the fact that it lacks encryption makes things even worse.
The list of personal information that is stored includes the user's credit card balance, limits, expiration date, transaction dates, locations, and even their name as it appears on the card, but the researchers say that there is even more. Of course, that data on its own is not enough for transactions to be made by third parties as the card's full number is well-protected. However, the risk of a potentially harmful social engineering attack is present indeed.
Google, on the other hand, does not agree with the results from the analysis as it was performed using a rooted smartphone. Unless a smartphone is rooted, an attacker would not be capable of retrieving the aforementioned user data as it would be inaccessible. Unfortunately, there have been instances of malware breaking through Android's restrictions and obtaining root access, so Google Wallet's reliability is still not certain when it comes to securing personal information.