VeriFone indique que le système Square (qui gère $1,000,000 par jour) n'est pas sécurisé. Le dispositif permettrait le piratage des données CB lorsque celle-ci est glissée dans le lecteur attaché à l'iPhone : VeriFone Accuses Square of Security Holes in Mobile Credit Card Apps
Le fondateur de Square, Jack Dorsey, répond sur son site avec beaucoup de fatalisme à cette attaque en indiquant que la fraude est assez classique en général et induit un remboursement après réclamation :
Today one of our competitors alleged that the Square card reader is insecure. This is not a fair or accurate claim and it overlooks all of the protections already built into your credit card.
Any technology—an encrypted card reader, phone camera, or plain old pen and paper—can be used to “skim” or copy numbers from a credit card. The waiter you hand your credit card to at a restaurant, for example, could easily steal your card details if he wanted to—no technology required. If you provide your credit card to someone who intends to steal from you, they already have everything they need: the information on the front of your card.
The bank that issues your credit card recognizes this and does not hold you responsible for fraudulent charges. When they are alerted to odd activity, they simply give you a call and will reverse the transaction. With Square, your credit card is designed to be used without worry, in more places than ever before.
Our partner bank, JPMorgan Chase, continually reviews, verifies, and stands behind every aspect of our service, including our Square card reader. And we are constantly improving the payment experience to enhance security. For instance, you can request an instant text message or email receipt delivered from our secure squareup.com server after every transaction.
At Square we work tirelessly to remove all complexity from accepting credit cards. That includes removing every concern around security. We thank you for your increasing support to make Square the leading way to pay with a credit card, safely.