Starbucks in hot water; security on its iOS app not worth a hill of beans
0. phoneArena 16 Jan 2014, 03:36 posted on
Right on the heels of a report showing that 90% of mobile banking apps have security lapses, coffee king Starbucks admits that it does not encrypt usernames or location data on its mobile payment app. To make matters worse, we are taking about the most used mobile payment app in the states. Besides usernames, geolocation data, email addresses and passwords have been stored in clear text, an inviting target for identity thieves...
This is a discussion for a news. To read the whole news, click here
1. danishnigz (Posts: 5; Member since: 31 Aug 2013)
That level of puns in the first half of the article xD
2. elitewolverine (Posts: 3481; Member since: 28 Oct 2013)
So a security company can breach the security of the app and not be held accountable? Makes little sense to me.
Also the auto reload only happens once a day, so unless you are going to overload on coffee since they dont have access to the bank info as that is blanked out to my knowledge, what can they get? Access to coupons? I guess. Then again people routinely use the same password email combos so that is a huge mistake/potential.
But it did say that they need the iphone in the first place right? Meaning a stolen phone...
3. Ant34 (Posts: 193; Member since: 10 Aug 2013)
Why should someone be held accountable for breaching the security of an app on their mobile device?
4. elitewolverine (Posts: 3481; Member since: 28 Oct 2013)
What? You have not read the terms of agreement I suppose. Most people don't, only the courts see those.
(a) any resale or commercial use of the Sites or Site Materials; (b) the collection and use of any product listings, pictures or descriptions; (c) the distribution, public performance or public display of any Site Materials; (d) modifying or otherwise making any derivative uses of the Sites and the Site Materials, or any portion thereof; (e) use of any data mining, robots or similar data gathering or extraction methods; (f) downloading (other than the page caching) of any portion of the Sites, the Site Materials or any information contained therein, except as expressly permitted on the Sites; or (g) any use of the Sites or the Site Materials other than for its intended purpose. Any use of the Sites or Site Materials other than as specifically authorized herein, without the prior written permission of Starbucks, is strictly prohibited and will terminate the license granted herein.