How safe is Square? Researchers find a number of holes

squareMobile credit card payment system Square has been on a quick rise. Twitter co-founder Jack Dorsey’s baby has been on the move since this May, since it announced improvements for the product at TechCrunch Disrupt. The ability for consumers to make mobile payments, find Square-accepting retailers, and receive digital receipts solidified Square as viable point of sale software that could be an influential piece in e-commerce evolution.

Consumers are experiencing a lot of changes when it comes to online retail, including a host of benefits: Stored transaction data, ease of use, and constant accessibility just being a handful of the upgrades. But no technology comes without its caveats, and Square is no exception. Cnet reported that at this week’s Black Hat security conference, researchers announced Square can be used to access stolen credit card data.

How thieves could do this is almost so impressive it’s hard to be upset about it. Instead of using the actual card in question, a person could convert magnetic strip data to an audio file using a microphone, then take this and using a stereo cable, they could play it to the Square gadget attached to a smartphone. And there you have it: The ability to go on a shopping spree (of the digital variety only) without a card.

That’s not all. At the moment, Square does not feature hardware encryption or authentication. This enables the device to be used to skim cards for data and then give scammers the ability to make replications. “The dongle [the Square device] is a skimmer. It turns any iPhone into a skimmer… now you need less technical hardware to do it and no technical skills at all,” researcher Adam Laurie said.

The former of the two hacks requires something of a technical mind, but the latter sounds easy for even some of the most electronically-inept to put to use. Skimming card data is the real concern here, as fraudulent merchants on Square have little to no success standing up to its security standards against this type of activity. But why Square’s hardware remains unencrypted remains a mystery, and is leaving a significant security hole in its system.

Major competitor Verifone pointed this concern out earlier this year, which was labeled a smear campaign. Regardless of intentions, it’s a valid point, especially considering the growing use of Square. Square said devices with encryption capabilities are due to be released this summer, but we’re all still waiting. 

Smart Home

Consumer groups call out retailers in a bid for better IoT security

Consumer groups posted a "Dear retailer" letter on February 12 that called out Walmart, Best Buy, Amazon, and Target, shaming the companies for selling insecure smart home devices.
Computing

Keep your portable computer safe and shiny with the best laptop bags for 2019

Choosing the right laptop bag is no easy feat -- after all, no one likes to second-guess themselves. Here are some of the best laptop bags on the market, from backpacks to sleeves, so you can get it right the first time around.
Computing

Wi-Fi helps connect all of our devices at high-speed, but what exactly is it?

What is Wi-Fi? It's a technology we all use everyday to connect all of our portable devices, but understanding how it works and how far it's come from its humble beginnings is another thing entirely.
Mobile

Worried about extra data charges? Here's how to check your usage on an iPhone

It's common to get a little nervous about nearing data limits. Keep your peace of mind by checking how much data your iPhone is using. Our guide on how to check data usage on an iPhone helps you stay in control.
Emerging Tech

How can digital art created on obsolete platforms be preserved?

As the lines between art and technology continue to blur, digital art experiences become more commonplace. But these developments are raising an important question for art conservationists: How should digital artworks be preserved?
Emerging Tech

Statistician raises red flag about reliability of machine learning techniques

Machine learning is everywhere in science and technology. But how reliable are these techniques really? A statistician argues that questions of accuracy and reproducibility of machine learning have not been fully addressed.
Emerging Tech

Here’s how Facebook taught its Portal A.I. to think like a Hollywood filmmaker

When Facebook introduced its Portal screen-enhanced smart speakers, it wanted to find a way to make video chat as intimate as sitting down for a conversation with a friend. Here's how it did it.
Emerging Tech

Chandra X-ray telescope uncovers evidence of the universe’s missing matter

Where is all of the matter in the universe? NASA's Chandra telescope has uncovered evidence of hot gas strands in the vicinity of a quasar which could explain the missing third of matter which has puzzled astronomers for years.
Emerging Tech

Wish you could fly? You totally can with these top-of-the-line drones

In just the past few years, drones have transformed from a geeky hobbyist affair to a full-on cultural phenomenon. Here's a no-nonsense rundown of the best drones you can buy right now, no matter what kind of flying you plan to do.
Emerging Tech

NASA’s space observatory will map the sky with unprecedented detail

NASA is preparing to launch a cutting-edge space observatory to create the most detailed map ever produced of the sky. Doing so will involve surveying hundreds of millions of galaxies. Here's how it plans to do it.
Smart Home

No strings attached: This levitating lamp uses science to defy gravity

Now on Kickstarter, the Levia lamp is a cool industrial-looking lamp which boasts a levitating bulb. Looking for a table light that will dazzle visitors? You've come to the right place.
Emerging Tech

The Great White Shark’s genome has been decoded, and it could help us end cancer

In a significant step for marine and genetic science, researchers have decoded the genome of the great white shark. The genetic code revealed a wealth of insight into what makes these creatures so successful from an evolutionary standpoint.
Emerging Tech

‘Guerrilla rainstorm’ warning system aims to prevent soakings, or worse

Japanese researchers have created a "guerrilla rainstorm" early-warning system aimed at preventing severe soakings, or worse. The team hopes to launch the system before the 2020 Tokyo Olympics.
Mobile

Barbie’s Corvette ain’t got nothing on Sphero’s fully programmable robot car

Sphero is known for devices like the Sphero Bolt and BB-8 Star Wars toy, but now the company is back with another addition to its lineup -- the Sphero RVR. The RVR is a fully programmable robot car that can be expanding with different…