Is it safe to use an iPad as a credit card reader?
When you click "charge" on an iPad credit card purchase, the tablet converts your customer's data into radio signals, which are transmitted to the nearest cell tower, which converts the radio data into "wired" bits, which travel to a message center where these bits are converted to e-mail, which goes to the credit card app's parent company, which then contacts the bank that issued the credit card, which checks the customer's credit, and then reverses the whole process to send your iPad notification on whether the transaction is accepted or declined.
Besides being a mouthful, the preceding ultra-long sentence presents numerous steps that seem to offer the opportunity for someone with a long net to pluck that data right out of the air. But in reality, other than the initial link from iPad to radio tower (and back), this process is no different than what's always happened when a merchant swipes a card in a store. And it's not as if a financial hacker could tune a car radio to 107.5 and intercept these radio transmissions from iPad to tower. One of the leading iPad credit card software/hardware companies, Square, writes that in addition to "meeting all industry standard security practices," that "Symmetric cryptographic keys are required to be at least 128 bits long. Asymmetric keys must be at least 2048 bits long" [source: Square].
What this means, in plain English, is that even if data could be intercepted -- which it currently can't -- it would be extremely difficult to do anything meaningful with it. So if there's any weak link in the security chain, it's not the software or hardware; it's you.
The online magazine LinuxInsider quotes Dave Meizlik, director of product marketing at Websense, saying, "We will see cybercriminals successfully use mobile drive-by download attacks to steal confidential data and expose users to malicious content" [source: LinuxInsider]. For those of you who don't speak the language of LinuxInsider, these "drive-by downloads" are the hitchhiking malwares that may unexpectedly accompany anything you pull from the Internet to your tablet, be it a credit card app or just an unsecured game that happens to free-ride code that punks your credit card app. Few of these viruslike downloads yet exist, but as tablets gain popularity, hackers are ramping up. The moral of the story: Just as you are on your computer, be careful what you download to your iPad.
Outside downloadable malware, credit card theft remains much easier with the card in hand (say, when you hand it to a waiter at a restaurant), than it is over the data-encrypted communications lines that link your iPad with the financial world. And like credit cards themselves, reputable credit card reader apps offer dispute resolution services that can help you troubleshoot any security difficulties that arise.
For more information on apps, credit cards and other financial issues, visit the links below.
- Bishop, Todd. "Inner Fencer Debuts iPad Credit Card Reader, Rivaling Square in Mobile Payments." GeekWire. July 25, 2011. (Oct. 8, 2011). http://www.geekwire.com/2011/fence-debuts-ipad-creditcard-reader-boosting-arsenal-square-mobile-payments
- Ferner, Matt. "11 Credit Card Apps, Swipers for iPhone, Android and Blackberry." PracticalECommerce.com. Jan. 6, 2011. (Oct. 8, 2011). http://www.practicalecommerce.com/articles/2497-11-Credit-Card-Apps-Swipers-for-iPhone-Android-and-BlackBerry
- Loewenstien, George; Brian Knutson; Scott Rick, G.; Elliott Wimmer; Drazen Prelec. "Neural Predictors of Purchases." Neuron. Jan. 4, 2007. Vol. 53, Issue 1, pp. 147-156.
- "Researching the pain of playing." Carnegie Mellon University. (Oct. 8, 2011). http://www.cmu.edu/homepage/practical/2007/winter/spending-til-it-hurts.shtml
- Simmermon, Jeff. "How data travels along a wireless network: with infographic." Time Warner Cable. June 29, 2010. (Oct. 8, 2011). http://www.twcableuntangled.com/2010/06/how-data-travels-along-a-wireless-network-with-infographic/