The Starbucks App Might Be Easier to Hack Than You Think

by Joseph Walent 0

Single Merchant Digital Wallets provide an expansion of opportunities to engage with consumers, as outline in the article, and helps extend the customer experience beyond the stores and the product. The flip side of this is that it also affords wider chances to create a negative experience, also outlined in the article about reported instances of Starbuck’s account hacking.

While there’s no indication Starbucks’ own servers have been compromised recently, lots of users recycle usernames and passwords from other services. The Starbucks app doesn’t use two-factor authentication—say, requiring a confirmation code sent by SMS—so a hacker who unearths a working username and password can simply pretend to be the user on another phone, in what’s known as an account takeover.

Mercator Advisory Group’s coverage of merchant defined payment apps and digital wallets recognizes the increasing level of access security with mobile device, and alignment with services like Visa Checkout for funding authentication will help create additional barriers to fraud. Merchants leveraging these payment mechanisms will need to allocate resource to help ensure instances of fraud are kept to a minimum, as it is their own brand that is front and center.

Overview by Joseph Walent, Associate Director, Customer Interactions Advisory Service at Mercator Advisory Group

Read the full story here