Jan 16, 2014 11:19 AM EST
Starbucks Mobile App Wasn't Protecting Your Personal Information

In case privacy isn't enough of an issue, a security researcher has discovered that the Starbucks' mobile app leaves users' personal data vulnerable.

Daniel Wood publicly disclosed the problem after the coffee super chain reportedly failed to fix the problem, according to Apple Insider.

The Starbucks' iOS app, which is the most-used mobile payment app in the country, has been storing such personal information as usernames, emails and passwords in clear rather than encrypted text, Computer World reported.

Starbucks officials confirmed to Computer World that user information has been stored so that anyone with access to the phone can obtain usernames and passwords by hooking the device to a PC.

Wood told Computer World that he had reached out to Starbucks in November regarding the issue and only published the information publicly after getting no results.

The clear text on phones "also displays an extensive list of geolocation tracking points (latitude, longitude), a treasure trove of security and privacy gems for anyone who steals the phone," according to Computer World.

A stolen phone could also let the thief make Starbucks purchases until funding runs out--or even make unlimited purchases if the unlucky Starbucks customer had connected the app to a bank account.

Starbucks Chief Digital Officer Adam Brotman told Computer World that Starbucks executives "were aware" of the privacy issue.

Officials have been vague about measures taken to mend the security hole. Brotman told Computer World that "we have security measures in place now related to that" and "we have adequate security measures in place now." He said "usernames and passwords are safe," because Starbucks has increased security.

After the discussion, Wood found the information still readily available.

Starbucks apparently opted for convenience over security, since the mobile app is among the simplest to use. If passwords weren't stored on phones, people would have to put them in every time.

"A company like Starbucks has to make the choice between usability to drive adoption and the potential for misuse or fraud," said Charlie Wiggs, general manager and senior vice president for U.S. markets at mobile vendor Mozido. "Starbucks has opted to make it very convenient. They just have to make sure that their comfort doesn't overexpose their consumers and their brand."

See Now: OnePlus 6: How Different Will It Be From OnePlus 5?

 PREVIOUS POST
NEXT POST 

EDITOR'S PICK    

Hyundai to Invest $16.1 Billion for EV Business; Sets Annual Sales Goal of 1.87M Electric Cars by 2030

World's Most Expensive and Most Heavily-optioned Porsche 928 GTS is Coming Home to the U.S.

Major Boost as Tesla Giga Berlin Facility in Final Phase of Approval Process; Delivery Event Set This Month

Audi Looking for e-tron Electric Vehicles to Spur Car Brand's Growth in India in 2022

Toyota Offers Free EV Charging to Owners of 2023 bZ4X After Partnership Agreement with EVgo

2022 Suzuki Baleno Finally Unveiled in India: What are the Specs and Features of this City Car?

© Copyright 2024 AUTO WORLD NEWS All rights reserved.