Prepaid credit cards for Google Wallet are now working again, thanks to a fix issued by the technology giant. On Saturday, Google had suspended use of the prepaid cards because of a reported security flaw -- but now another possible security issue has popped up.

The fixed flaw involves the ability of someone who has found a lost or stolen mobile device to illegally use any available funds on a virtual prepaid card. By going to device settings, wiping the PIN data for the Google Wallet app, and replacing it with a new PIN, someone could get access to the prepaid funds. The card is tied to the particular device, not to a user's Google account.

No Reported Abuse

On Tuesday, Vice President for Google Wallet and Payments Osama Bedier posted on the Google Commerce blog that the company had restored the ability to issue new prepaid cards to the Wallet.

He also added that a fix was issued that "prevents an existing prepaid card from being re-provisioned to another user," although Bedier did not go into specifics. While the security issue had received wide attention on the Web, he noted that the company was "not aware of any abuse of prepaid cards or the Wallet PIN" because of that issue.

Another reported security flaw was not addressed in the fix. It involved the ability to determine a PIN if a mobile device has been "rooted."

Last week, security firm Zvelo noted that, using a rooted smartphone on which Google Wallet has been installed, someone other than the owner can get access to the Wallet's PIN via a brute force attack on the database storing the PIN.

Another Rooted Issue

Google has noted previously that the Wallet is not designed for smartphones that have been rooted, which is usually done by the owner. Bedier wrote that sometimes "users...