PaymentsJournal
SUBSCRIBE
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
No Result
View All Result

Square Security Weaknesses Redux

Mercator Advisory Group by Mercator Advisory Group
August 8, 2011
in Analysts Coverage
0
EMV chip card

Smartphone with finance and market icons and symbols concept

0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

As if we didn’t know this already, the good folks at the Black Hat Conference in Las Vegas last week demonstrated another way to fool Square software into taking a payment. It’s a technical hack, one that basically allows a bad actor to create a sound file of a magstripe (it is audio tape after all) and play that sound file into a Square-enabled smartphone’s audio input jack. The Square software interprets it as a swipe from a Square reader.

This new weaknesses is neither really new or much of a threat. As we’ve known for months, it’s so much easier using Square as a card skimmer. There’s plenty of software out there to capture what the Square reader reads: the magstripe payment data. Making a counterfeit card is just one step away.

At February’s Visa Security Summit, Square announced that it will be shipping a reader with an encrypting head this summer. We’re halfway through summer with no word on its availability. It’s hard to imagine that Square can afford to offer a free encrypting reader. That step requires more sophisticated hardware. Charging for the reader is an “out of model” experience for Square. From a strictly security point of view, the company should replace all of its current readers and reject unencrypted transactions thereafter. While it’s arguable that that is necessary from a risk and business perspective, the company should get those encrypting readers fielded ASAP.

Click here to read the story.

Tags: Mobile Payments
0
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Analyst Coverage, Payments Data, and News Delivered Daily

    Sign up for the PaymentsJournal Newsletter to get exclusive insight and data from Mercator Advisory Group analysts and industry professionals.

    Must Reads

    cross-border payments

    Cross-Border Payments: Fighting
    E-Commerce Fraud Using Data

    March 20, 2023
    fraud, ChatGPT-4

    How to Fight Fraud While Still Enabling a Great Online Customer Experience

    March 17, 2023
    RTP

    Financial Institutions Without an RTP Strategy Risk Being Left Behind

    March 16, 2023
    visa chargeback

    New Visa Chargeback Guidelines Will Be a Game Changer

    March 15, 2023
    liquidity management

    Liquidity Management Takes on Increasing Importance in Uncertain Economic Times

    March 14, 2023
    payments

    Key Challenges from Growing Payment Methods and Volume

    March 13, 2023
    Data Governance is a Journey, financial data

    How FIs Can Power Their Operations with a Modern Data Architecture

    March 10, 2023
    ISO 20022

    How Banks Can Realize Business Benefits and Reduce Payments Fraud With ISO 20022

    March 9, 2023

    Linkedin-in Twitter

    Advertise With Us | About Us | Terms of Use | Privacy Policy | Subscribe
    ©2023 PaymentsJournal.com

    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    Menu
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    • Industry Opinions
    • Recent News
    • Resources
    Menu
    • Industry Opinions
    • Recent News
    • Resources
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Industry Opinions
    • Faster Payments
    • News
    • Jobs
    • Events
    No Result
    View All Result

      Register to download the Autorek complimentary report: Payments Industry Outlook 2023: