Amex cards removed from Google Pay due to expired certificate

An expired certificate has led to the repeated removal of linked American Express credit cards from user's Google Pay accounts.

Starting yesterday, Google Pay users with linked American Express cards began receiving emails that Google removed their linked Amex card. These emails came as a surprise as the user's Amex cards were not expired and canceled.

After receiving the emails, Google Pay users flocked to Twitter to see if they were the only ones affected. A quick search reveals that this issue is widespread and affecting users worldwide.

In response to American Express card users, Amex's Twitter support account stated they were aware of the issue and are working on resolving it. 

Amex also recommended that users add their Amex card back to Google Pay, but users found that their credit cards would be unlinked again in a few hours, according to Android Police.

In a statement to BleepingComputer, Google said an expired certificate is causing Google Pay to remove the American Express cards and that they are working on a fix.

"Earlier today we discovered that American Express cards of some of our users got automatically removed from Google Pay due to an expired certificate. We are working to fix this and people will be able to add their cards back soon." - Google.

To protect customers' data, companies utilize TLS certificates to encrypt communications between different devices and networks. However, if that certificate expires, communication between the two networks will no longer work and lead to outages such as seeing with Google Pay and American Express.

Unfortunately, expired certificates have led to a growing list of outages over the past year, including Google Voice, Spotify, Facebook's Tor site, GitHub, SpamCop, and more recently, a related bug in Pulse Secure VPN devices.

In 2020, security researcher Scott Helme warned that smart TVs, fridges, and IoTs would soon experience problems due to an impending root certificate set to expire on September 30th, 2021.

While this could be caused by updating the device's firmware, the concern is that many people do not regularly perform software updates on their smart TVs or household appliances.

Update 4/16/21 2:45 PM EST: American Express told BleepingComputer that the issue has been resolved and that customers can add their Amex cards back to Google Pay. 

Thanks for reaching out. We are aware that some American Express Card Members had issues using or adding their cards to Google Pay. We’ve identified and resolved the issue. Customers should be able to add their Cards back into the Google Pay wallet. We apologize for any inconvenience this may have caused. - American Express.