Click to Skip Ad
Closing in...
  1. Best Robot Mop 2021
    08:29 Deals

    The world’s first self-cleaning robot mop is $100 off at Amazon – and I’m obsessed

  2. Best Meat Thermometer 2021
    09:31 Deals

    The gadget that helps you cook perfect steak is $33 at Amazon, a new all-time low

  3. MacBook Pro 2021 Price
    12:16 Deals

    Apple’s M1 MacBook Pro is $200 off at Amazon, matching the lowest price ever

  4. Viral Tiktok Videos
    11:14 Deals

    This $7 toothpaste tube hack on Amazon is blowing people’s minds




VeriFone CEO slams mobile payments startup over security concerns [video]

March 9th, 2011 at 4:35 PM

VeriFone’s CEO, Douglas G. Bergeron, has taken to the Internet to publicly voice his company’s concern with a mobile payments startup named Square. Via a YouTube video and an open letter, Bergeron explains that Square’s reader has a “serious security flaw” that “places consumers in dire risk.” Bergeron and VeriFone’s beef stems from the fact that Square’s reader does not utilize any type of hardware encryption schema when scanning cards. What does this mean? If you were to use a VeriFone card scanner, the information scanned off of a credit card’s magnetic stripe would be encrypted, stored, and transmitted to the desired payment agency for processing. Square’s scanners attach to the 3.5mm audio jack of an iPhone, iPad, or iPod touch, and scan/store the read credit card information in plain text — making it later viewable by a person(s) running a skimming scam.

“A criminal signs up with Square, obtains the dongle for free and creates a fake Square app on his smartphone,” writes Bergeron. “Insert the dongle into the audio jack of a smartphone or iPad, and you’ve got a mobile skimming device that fits in your pocket that can be used to illegally collect personal and financial data from the magnetic stripe of a payment card.”

The information on a credit card’s magnetic stripe isn’t really all that top-secret — since it is also printed on the front of the card, unencrypted — but the CEO’s point about plain-text card-data being stored on a mobile device is certainly valid.

“We take security very seriously,” continues Bergeron. “Securing payment transactions is what we do.”

The company has made a proof-of-concept iOS skimming application for Square’s reader that, along with Bergeron’s open letter, is available via the website sq-skim.com. The YouTube video and custom website, created solely to attack the small startup, does seem a little unorthodox — especially from a multi-billion dollar, publicly traded company — but it certainly has gotten people talking about the perceived issue. Square did not respond to BGR’s request for comment on Bergeron’s statments.

Hit the jump to watch VeriFone’s CEO slam the competition.

Read




Popular News