Credit Card News
Advertising Disclosure
Credit-Land.com is an independent, advertising-supported web site. Credit-Land.com receives compensation from many credit card issuers whose offers appear on our site. Compensation from our advertising partners impacts how and where their products appear on our site, including, for example, the order in which they may appear within review lists. Credit-Land.com has not reviewed all available credit card offers in the marketplace.
Credit Card Applications » News » Other » Square Mobile Easy Prey for Hackers

Square Mobile Easy Prey for Hackers

By
Add to Favorites:
Square Mobile Easy Prey for Hackers

At the recent Black Hat Technical Security conference in Las Vegas, two researchers from the UK-based Research and Development Company, Aperture Labs, demonstrated the easy hackability of the Square payment system. Square is the mobile payment technology that turns any iPad, iPhone or Android mobile device into a point of sale credit card processor. It’s made possible just with the aid of a “pocket-sized credit card reader that plugs into your phone’s audio jack,” according to their website. Aperture Labs directors Adam Laurie and Zac Franken revealed not only one, but two, ways to commit credit card fraud using Square.

“The dongle is a skimmer. It turns any iPhone into a skimmer,” Laurie said at Black Hat, as reported by cnet.com. It makes life easier for thieves looking to clone a card because, “now you need less technical hardware to do it and no technical skills at all.” Therefore: nearly anyone with the right knowhow can become a criminal.

During a legitimate transaction, Square converts the data gleaned from the magnetic swipe strip on a credit card into an audio file, which is then transmitted for authorization to the card issuer. Laurie and Franken demonstrated how, by using a code that is relatively simple to generate, hackers can convert the data gathered from the stolen magnetic strips. They use a microphone to transform them into audio files, which can then be submitted for processing directly to the Square app, no card needing to be physically present.

The cloning of cards is also possible bysimilar means. The thief swipes a card to grab magnetic strip data, converting it into audio, then, using the same code as before, translates the audio into credit card information.

All this is feasible because Square’s card reader dongle doesn’t currently employ any means of encrypting or authenticating card data.

The Wall Street Journal reports that Aperture’s Laurie and Franken have disclosed the dongle’s vulnerability to Square several months ago and Laurie reassured those present at Black Hat that there’s no risk to people using Square. Franken claimed that Square is in the process of issuing new dongles that encrypt the data.

Add to Favorites:

Related News:

Citi Increases the Number of ATMS

By Dar Dowling, Posted: January 23, 2017

Citibank has just inked a new deal with Cardtronics, a ATM owner/operator, which will just about double the number of free ATMs in their U.S. network. Continue reading
Fifth Third Bancorp Upgrades App

By Dar Dowling, Posted: January 20, 2017

Fifth Third Bancorp has upped the ante when it comes to their mobile app, in terms of how many ways users can pay for merchandise – now letting them make payments with all of the available payment platforms. Continue reading
New Credit Card by Amazon and Chase

By Dar Dowling, Posted: January 19, 2017

Amazon.com, Inc. and Chase have joined together to roll out the new Amazon Prime Rewards Visa Signature Card offering 5% back on all Amazon.com purchases. Continue reading
Get the latest news, articles and expert advice delivered to your inbox. It's FREE.
Unlimited 1.5x rewards on every purchase, every day. For every $1 you spend, you earn 1.5x Miles.
For Excellent, Good Credit
You could turn $200 into $400 with Cashback Match™. We’ll automatically match all the cash back you earn at the end of your first year. New cardmembers only.
For Excellent, Good Credit
Guaranteed $500 Unsecured Credit Limit
For Bad Credit