Skip to main content
  1. Home
  2. Emerging Tech
  3. Mobile
  4. Legacy Archives

How safe is Square? Researchers find a number of holes

By
Add as a preferred source on Google

squareMobile credit card payment system Square has been on a quick rise. Twitter co-founder Jack Dorsey’s baby has been on the move since this May, since it announced improvements for the product at TechCrunch Disrupt. The ability for consumers to make mobile payments, find Square-accepting retailers, and receive digital receipts solidified Square as viable point of sale software that could be an influential piece in e-commerce evolution.

Consumers are experiencing a lot of changes when it comes to online retail, including a host of benefits: Stored transaction data, ease of use, and constant accessibility just being a handful of the upgrades. But no technology comes without its caveats, and Square is no exception. Cnet reported that at this week’s Black Hat security conference, researchers announced Square can be used to access stolen credit card data.

Recommended Videos

How thieves could do this is almost so impressive it’s hard to be upset about it. Instead of using the actual card in question, a person could convert magnetic strip data to an audio file using a microphone, then take this and using a stereo cable, they could play it to the Square gadget attached to a smartphone. And there you have it: The ability to go on a shopping spree (of the digital variety only) without a card.

That’s not all. At the moment, Square does not feature hardware encryption or authentication. This enables the device to be used to skim cards for data and then give scammers the ability to make replications. “The dongle [the Square device] is a skimmer. It turns any iPhone into a skimmer… now you need less technical hardware to do it and no technical skills at all,” researcher Adam Laurie said.

The former of the two hacks requires something of a technical mind, but the latter sounds easy for even some of the most electronically-inept to put to use. Skimming card data is the real concern here, as fraudulent merchants on Square have little to no success standing up to its security standards against this type of activity. But why Square’s hardware remains unencrypted remains a mystery, and is leaving a significant security hole in its system.

Major competitor Verifone pointed this concern out earlier this year, which was labeled a smear campaign. Regardless of intentions, it’s a valid point, especially considering the growing use of Square. Square said devices with encryption capabilities are due to be released this summer, but we’re all still waiting. 

Molly McHugh
Molly McHugh
Former Social Media/Web Editor
Before coming to Digital Trends, Molly worked as a freelance writer, occasional photographer, and general technical lackey…
Topics
Robots just ran the Beijing half-marathon faster than the world record holder
humanoid robot running a marathon

A humanoid robot just ran a half-marathon faster than the world record holder. It might not seem impressive at first, but considering last year, the fastest robot at Beijing's humanoid robot half-marathon finished in two hours and 40 minutes, this is a huge achievement. 

As reported by the Associated Press, the winning robot at this year's Beijing half-marathon crossed the finish line in 50 minutes and 26 seconds, comfortably beating the human world record of 57 minutes recently set by Jacob Kiplimo. 

Read more
As if the plate wasn’t already full, AI is about to worsen the global e-waste crisis
New report highlights a rising environmental concern
Stack of graphics cards and motherboards in a landfill site e-waste

AI is already changing how the world works, but it’s also quietly making one of our biggest environmental problems even worse. And no, this isn’t about energy consumption this time. It’s about the hardware. Because every smarter AI model comes with a physical cost.

AI is about to supercharge the e-waste problem

Read more
Smart glasses are finding a surprise niche — Korean drama and theater shows
Urban, Night Life, Person

Every year, millions of people follow Korean content without speaking a word of the language. They stream shows with subtitles, read translated lyrics, and find workarounds. But live theater has always been a different problem — you can't pause or rewind it. That's the problem: a Korean startup thinks it's cracked, and Yuroy Wang was one of the first to try it. The 22-year-old Taipei retail worker is a K-pop fan who loves Korean culture but doesn't speak the language. When he went to see "The Second Chance Convenience Store," a touring play based on a Korean novel that was a bestseller in Taiwan, he expected supertitles. What he got instead was a pair of chunky black-framed AI-powered glasses sitting on his nose, translating the dialogue in real time directly on the lenses. "As soon as I found out they were available, I couldn't wait to try them," he said. Wang is part of a growing audience discovering that smart glasses, a category of tech that has struggled to find mainstream purpose for years, might have just found their calling in the most unexpected of places: live Korean theater.

How do the glasses work?

Read more