Just because the Square Reader is new doesn’t mean it isn’t susceptible to the same scams as old school ATMs and credit card readers. Three recent Boston University graduates are preparing to publicly present research that demonstrates how to hack Square’s mobile payments hardware. The research is set to be shown off at The Black Hat Security conference in Las Vegas this week.
The team said it discovered a way to steal credit card information using a modified Square magnetic stripe reader. By tampering with the magstripe reader, the team was able to turn Square’s hardware into a credit card skimmer, a device that can be used to steal credit card information.
The modified reader doesn’t work with the proprietary Square app The modified reader doesn’t work with the proprietary Square app, but it could be used to steal credit card information using a custom recording app, according to the team behind the hardware hack. The team also claims that the modification of Square’s hardware only takes 10 minutes and can be done with household tools.