The business and culture of our digital lives,
from the L.A. Times

Square's mobile credit card reader easily hacked, says VeriFone

IPhoneSwiping.jpeg Using a smartphone to process a credit card payment, especially Square’s card reader, may not be safe for consumers, according to an open letter posted Wednesday by VeriFone.

The letter alleges that the Square setup is easily hacked and calls on the San Francisco company to recall the small phone attachment that can read card data. Perhaps unsurprisingly, VeriFone’s line of work is secure payment systems.

VeriFone’s Chief Executive Doug Bergeron wrote that the note was a “wake-up call to consumers and the payments industry.” He said criminals could easily create an application to steal financial and personal information from credit cards run through the Square device — known as a "dongle."

“The issue is that Square’s hardware is poorly constructed and lacks all ability to encrypt consumers’ data, creating a window for criminals to turn the device into a skimming machine in a matter of minutes,” Bergeron wrote.

VeriFone posted a sample skimming application and a demonstration video online and also notified Visa, MasterCard, Discover, American Express and JP Morgan Chase.


Square, Twitter founder Jack Dorsey's mobile payments start-up, may be worth $200 million in new funding round

AT&T, T-Mobile and Verizon partner on Isis mobile payment project

— Tiffany Hsu [follow]

Photo: Square's card reader "dongle". Credit: Square

Comments  ()


Recommended on Facebook


In Case You Missed It...


How to Reach Us

To pass on technology-related story tips, ideas and press releases, contact our reporters listed below.

To reach us by phone, call (213) 237-7163


Andrea Chang
Armand Emamdjomeh
Jessica Guynn
Jon Healey
W.J. Hennigan
Tiffany Hsu
Deborah Netburn
Nathan Olivarez-Giles
Alex Pham
David Sarno