BEST OF THE WEB

Starbucks hikes security of iOS app

As most people know, a cup of coffee can wake you up from a drowsy state. Security experts say Starbucks’ mobile app should wake developers and users to how insecure smart phone apps can be.

Last week security researcher Danile Wood reported that Starbucks iOS app saved personal customer information in a clear-text file that could in theory be captured by a hacker.

Under normal circumstances, TechHive said, that wouldn’t be a problem as long as the data stays on the device. However, backing up to iTunes without encryption could expose the data.

But as a result of the controversy the story raise, Starbucks updated the app

“We’d like to be clear: there is no indication that any customer has been impacted by this or that any information has been compromised,” Starbucks CIO Curt Garner said in a release. “Regardless, we take these types of concerns seriously and have added several safeguards to protect the information you share with us. To protect the integrity of these added measures, we are unable to share technical details but can assure you that they sufficiently address the concerns raised in the research report.”

“Out of an abundance of caution, we are also working to accelerate the deployment of an update for the app that will add extra layers of protection. We expect this update to be ready soon and will share our progress here.  While we are working on the update, we would like to emphasize that your information is protected and that you should continue to feel confident about the integrity of our iOS app.”

In a follow-up Antone Gonsalves noted in PCWorld quoted several security experts who said the incident should be a wakeup to mobile developers that any app that stores usernames and passwords should encrypt the data.

These days — with data thefts reported from major U.S. retail chains including Target and Neiman Marcus — organizations have to remember that encrypting data with sensitive information has to the norm.

Read the full story here.

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web