Last April, Square announced that it would be launching an encrypted version of its card reader in the summer. Here we are nearly a year later, and the company is now reportedly shipping encrypted versions.
VentureBeat reports that all Square readers that are currently shipping do have encryption. Rocky Agrawal, reporting for the publication, shows the reader opened up, and says that existing users will be migrated to the new readers over time.
The initial announcement last year came after accusation of a security flaw with Square, from competitor Verifone, which posted an open letter and a video demonstrating the exploit (which ended up being removed from YouTube). "In less than an hour, any reasonably skilled programmer can write an application that will 'skim' – or steal – a consumer's financial and personal information right off the card utilizing an easily obtained Square card reader," Verifone alleged.
Square CEO Jack Dorsey defended Square with his own letter, saying, "This is not a fair or accurate claim and it overlooks all of the protections already built into your credit card."
That was all actually in March, and then in April, Square announced the forthcoming encryption and that it had received backing from Visa.
The next month, the company unveiled Square Card Case, its mobile payments app for consumers, which just this week, received an update and a name change.
Square now faces serious competition from PayPal, which earlier this month unveiled PayPal Here, it's own card reader solution (it also accepts other forms of payment). PayPal's solution comes with encryption, so the new encryption for Square will take away that advantage, at least. From the PayPal Here FAQ:
Is the reader encrypted and is PayPal secure?
Yes, unlike other card readers, the PayPal Here card reader is encrypted and is backed by over a dozen years of experience of providing buyers and sellers the highest levels of security.