Mobile payments startup Square plans to make all of its dongles encrypt credit card data on the fly, a Square exec said at a conference. This is after Square said in response to accusations from competitor Verifone that it doesn’t need to encrypt credit card data.
Square is doing this to conform to Visa’s new set of mobile application best practices. Those new best practices were released yesterday, just as it was announced that Visa made a strategic investment in Square. So in other words, Visa made Square add encryption to its dongle.
This must be a bummer for Square, because it has to design and build new dongles all over again. Moreover, we assume that the chips that will be needed to encrypt credit card data will be more costly than what the current dongle has, which should be costly — Square gives away the dongles and makes money from a commission on each transaction.
Just to be clear: even without encrypting credit card data, Square is by all accounts fully compliant with all industry regulations. So it’s not like there’s this huge gaping security hole with Square. But their new big and important partner evidently feels that they have to beef up their security.
Now You Should Read: Why Square Will Need To Ditch The Dongle →