Starbucks updates its iPhone mobile payment app in response to concerns by cyber security researcher, who said that users' information could be easily hacked because it was stored in plain text
January 20, 2014
(Los Angeles Times Media Group)
– Starbucks has updated its iPhone mobile payment app in response to concerns raised earlier this week by a cyber security researcher.
The Seattle coffee company said the new version of its mobile app comes with added layers of security that will keep sensitive user information protected.
The update comes after Daniel Wood published a report saying the Starbucks iOS mobile app stored user passwords, emails, user names and GPS location files in plain text, which hackers can easily access.
Initially, Starbucks said it was aware of how it stored user information in its app, and that it did not have plans to modify its security. The company began to change its tune after public outcry grew.
"We appreciate your business and believe it is our job to earn your trust as a customer," Curt Garner, Starbucks' chief information officer, said in a letter to customers on Thursday. "We also know that constant vigilance is the best way to protect you and the information you share with us."
Starbucks said it does not believe that any users have had their information compromised. Nonetheless, the company issued the app update Thursday night.
The coffee company has not given specifics on how the update adds more security -- saying it does not want to compromise the app -- but it said Wood has taken a look at the app. The company added that it expects Wood will be issuing a report that essentially says the added measures will protect consumers' information.