Skip to main content
  1. Home
  2. Emerging Tech
  3. News

How safe is Square? Researchers find a number of holes

Molly McHugh
By

squareMobile credit card payment system Square has been on a quick rise. Twitter co-founder Jack Dorsey’s baby has been on the move since this May, since it announced improvements for the product at TechCrunch Disrupt. The ability for consumers to make mobile payments, find Square-accepting retailers, and receive digital receipts solidified Square as viable point of sale software that could be an influential piece in e-commerce evolution.

Consumers are experiencing a lot of changes when it comes to online retail, including a host of benefits: Stored transaction data, ease of use, and constant accessibility just being a handful of the upgrades. But no technology comes without its caveats, and Square is no exception. Cnet reported that at this week’s Black Hat security conference, researchers announced Square can be used to access stolen credit card data.

Recommended Videos

How thieves could do this is almost so impressive it’s hard to be upset about it. Instead of using the actual card in question, a person could convert magnetic strip data to an audio file using a microphone, then take this and using a stereo cable, they could play it to the Square gadget attached to a smartphone. And there you have it: The ability to go on a shopping spree (of the digital variety only) without a card.

That’s not all. At the moment, Square does not feature hardware encryption or authentication. This enables the device to be used to skim cards for data and then give scammers the ability to make replications. “The dongle [the Square device] is a skimmer. It turns any iPhone into a skimmer… now you need less technical hardware to do it and no technical skills at all,” researcher Adam Laurie said.

The former of the two hacks requires something of a technical mind, but the latter sounds easy for even some of the most electronically-inept to put to use. Skimming card data is the real concern here, as fraudulent merchants on Square have little to no success standing up to its security standards against this type of activity. But why Square’s hardware remains unencrypted remains a mystery, and is leaving a significant security hole in its system.

Major competitor Verifone pointed this concern out earlier this year, which was labeled a smear campaign. Regardless of intentions, it’s a valid point, especially considering the growing use of Square. Square said devices with encryption capabilities are due to be released this summer, but we’re all still waiting. 

Topics
Molly McHugh
Molly McHugh
Former Digital Trends Contributor
Before coming to Digital Trends, Molly worked as a freelance writer, occasional photographer, and general technical lackey…
Meet the game-changing pitching robot that can perfectly mimic any human throw
baseball hitter swings and misses

Who’s your favorite baseball pitcher? Shane McClanahan? Sandy Alcantara? Justin Verlander? Whoever you said, two of the top sports-tech companies in the U.S. -- Rapsodo and Trajekt Sports -- have teamed up to build a robot version of them, and the results are reportedly uncannily accurate.

Okay, so we’re not talking about walking-talking-pitching standalone robots, as great a sci-fi-tinged MLB ad as that would be. However, Rapsodo and Trajekt have combined their considerable powers to throw a slew of different technologies at the problem of building a machine that's able to accurately simulate the pitching style of whichever player you want to practice batting against -- and they may just have pulled it off, too.

Read more
The best portable power stations
EcoFlow DELTA 2 on table at campsite for quick charging.

Affordable and efficient portable power is a necessity these days, keeping our electronic devices operational while on the go. But there are literally dozens of options to choose from, making it abundantly difficult to decide which mobile charging solution is best for you. We've sorted through countless portable power options and came up with six of the best portable power stations to keep your smartphones, tablets, laptops, and other gadgets functioning while living off the grid.
The best overall: Jackery Explorer 1000

Jackery has been a mainstay in the portable power market for several years, and today, the company continues to set the standard. With three AC outlets, two USB-A, and two USB-C plugs, you'll have plenty of options for keeping your gadgets charged.

Read more
CES 2023: HD Hyundai’s Avikus is an A.I. for autonomous boat and marine navigation
Demonstration of NeuBoat level 2 autonomous navigation system at the Fort Lauderdale International Boat Show

This content was produced in partnership with HD Hyundai.
Autonomous vehicle navigation technology is certainly nothing new and has been in the works for the better part of a decade at this point. But one of the most common forms we see and hear about is the type used to control steering in road-based vehicles. That's not the only place where technology can make a huge difference. Autonomous driving systems can offer incredible benefits to boats and marine vehicles, too, which is precisely why HD Hyundai has unveiled its Avikus AI technology -- for marine and watercraft vehicles.

More recently, HD Hyundai participated in the Fort Lauderdale International Boat Show, to demo its NeuBoat level 2 autonomous navigation system for recreational boats. The name mashes together the words "neuron" and "boat" and is quite fitting since the Avikus' A.I. navigation tech is a core component of the solution, it will handle self-recognition, real-time decisions, and controls when on the water. Of course, there are a lot of things happening behind the scenes with HD Hyundai's autonomous navigation solution, which we'll dive into below -- HD Hyundai will also be introducing more about the tech at CES 2023.

Read more