Starbucks storing mobile passwords in clear text - WTOP.com

Published: 2014-01-16 22:13:15

WASHINGTON - The most-used mobile payment app in the United States stored its users personal information in a way that could have gotten a tech-savvy thief a lot of free coffee -- on you.Starbucks executives confirm the coffee chain's mobile payment app has been storing usernames, email addresses and passwords in clear text -- not encrypted, according to a Computerworld report.That means anyone who can get access to a device with the Starbucks mobile-payment app could connect the phone to a PC and get the passwords, usernames and a list of geolocation tracking points -- which could sacrifice the phone owner's privacy and security.Knowing the phone owner's information would allow the thief to charge items to the victim's account, until the stored value on the card is used up.

My Two Cents

Love it! Thank you Starbucks for making it so easy for hackers to clear my virtual balance on my phone!

starbucks mobile

starbucks

Computerworld report

eyJpbmRleCI6IiIsImNyZWF0ZWQiOiIyMDE0LTAxLTE2IDIyOjExOjE1IiwiZmF2SWNvbiI6Imh0dHA6Ly93dG9wLmNvbS9mYXZpY29uLmljbyIsImd1aWQiOiIwZGYzMzczYS04OWY0LTRiNTItYjFhMC1lOTY5MmIyZGFkMTIiLCJ1bmlxdWUiOiI2MzI2MzhmNDhhNzc1YTdjZGVmZjBkOWRiNGEzNWI1YjIyYjNiYjdkIiwibGFzdFZpZXdlZCI6IjIwMTQtMDEtMTYgMjI6MTM6MTQiLCJyZWxhdGlvbnNoaXBzIjp7ImMiOlt7InUiOiJodHRwOi8vd3RvcC5jb20vZW1lZGlhL3d0b3AvMjAvMjA2NC8yMDY0NDcuanBnP2ZpbHRlcj13ZmVkX2Jpb19waWMiLCJ0IjoifHxJbGx1c3RyYXRpb24iLCJsbSI6IjIwMTQtMDEtMTYgMjI6MTE6MTUiLCJ0eXBlIjoiYyIsInJlbFR5cGUiOiJCIn0seyJ1IjoiaHR0cDovL3d0b3AuY29tL2VtZWRpYS93dG9wLzMyLzMyMjcvMzIyNzI3LmpwZz9maWx0ZXI9d3RvcF9hcnRpY2xlIiwidCI6Inx8SWxsdXN0cmF0aW9uIiwibG0iOiIyMDE0LTAxLTE2IDIyOjExOjMzIiwidHlwZSI6ImMiLCJyZWxUeXBlIjoiQiJ9LHsidSI6Imh0dHA6Ly93d3cuY29tcHV0ZXJ3b3JsZC5jb20vcy9hcnRpY2xlL3ByaW50LzkyNDU0MzgvRXZhbl9TY2h1bWFuX1N0YXJidWNrc19cbmNhdWdodF9zdG9yaW5nX21vYmlsZV9wYXNzd29yZHNfaW5fY2xlYXJfdGV4dF8iLCJ0IjoiQ29tcHV0ZXJ3b3JsZCByZXBvcnQiLCJsbSI6IjIwMTQtMDEtMTYgMjI6MTE6NTgiLCJ0eXBlIjoiYyIsInJlbFR5cGUiOiJBIn0seyJ1IjoiaHR0cDovL3d0b3AuY29tLz9uaWQ9MTA0MiZ0YWc9c3RhcmJ1Y2tzIiwidCI6InN0YXJidWNrcyIsImxtIjoiMjAxNC0wMS0xNiAyMjoxMjowOCIsInR5cGUiOiJjIiwicmVsVHlwZSI6IkEifSx7InUiOiJodHRwOi8vd3RvcC5jb20vP25pZD0xMDQyJnRhZz1zdGFyYnVja3MrbW9iaWxlIiwidCI6InN0YXJidWNrcyBtb2JpbGUiLCJsbSI6IjIwMTQtMDEtMTYgMjI6MTI6MDkiLCJ0eXBlIjoiYyIsInJlbFR5cGUiOiJBIn1dfSwic2hvcnRUaXRsZSI6IlN0YXJidWNrcyBzdG9yaW5nIG1vYmlsZSBwYXNzd29yZHMgaW4gY2xlYXIgdGV4dCAtIFdUT1AuY29tIiwidGl0bGUiOiJ8fFN0YXJidWNrcyBzdG9yaW5nIG1vYmlsZSBwYXNzd29yZHMgaW4gY2xlYXIgdGV4dCAtIFdUT1AuY29tfHx8fFdBU0hJTkdUT04gLSBUaGUgbW9zdC11c2VkIG1vYmlsZSBwYXltZW50IGFwcCBpbiB0aGUgVW5pdGVkIFN0YXRlcyBzdG9yZWQgaXRzIHVzZXJzIHBlcnNvbmFsIGluZm9ybWF0aW9uIGluIGEgd2F5IHRoYXQgY291bGQgaGF2ZSBnb3R0ZW4gYSB0ZWNoLXNhdnZ5IHRoaWVmIGEgbG90IG9mIGZyZWUgY29mZmVlIC0tIG9uIHlvdS5TdGFyYnVja3MgZXhlY3V0aXZlcyBjb25maXJtIHRoZSBjb2ZmZWUgY2hhaW4ncyBtb2JpbGUgcGF5bWVudCBhcHAgaGFzIGJlZW4gc3RvcmluZyB1c2VybmFtZXMsIGVtYWlsIGFkZHJlc3NlcyBhbmQgcGFzc3dvcmRzIGluIGNsZWFyIHRleHQgLS0gbm90IGVuY3J5cHRlZCwgYWNjb3JkaW5nIHRvIGEgQ29tcHV0ZXJ3b3JsZCByZXBvcnQuVGhhdCBtZWFucyBhbnlvbmUgd2hvIGNhbiBnZXQgYWNjZXNzIHRvIGEgZGV2aWNlIHdpdGggdGhlIFN0YXJidWNrcyBtb2JpbGUtcGF5bWVudCBhcHAgY291bGQgY29ubmVjdCB0aGUgcGhvbmUgdG8gYSBQQyBhbmQgZ2V0IHRoZSBwYXNzd29yZHMsIHVzZXJuYW1lcyBhbmQgYSBsaXN0IG9mIGdlb2xvY2F0aW9uIHRyYWNraW5nIHBvaW50cyAtLSB3aGljaCBjb3VsZCBzYWNyaWZpY2UgdGhlIHBob25lIG93bmVyJ3MgcHJpdmFjeSBhbmQgc2VjdXJpdHkuS25vd2luZyB0aGUgcGhvbmUgb3duZXIncyBpbmZvcm1hdGlvbiB3b3VsZCBhbGxvdyB0aGUgdGhpZWYgdG8gY2hhcmdlIGl0ZW1zIHRvIHRoZSB2aWN0aW0ncyBhY2NvdW50LCB1bnRpbCB0aGUgc3RvcmVkIHZhbHVlIG9uIHRoZSBjYXJkIGlzIHVzZWQgdXAufHx8fHx8TXkgVHdvIENlbnRzfHx8fExvdmUgaXQhIFRoYW5rIHlvdSBTdGFyYnVja3MgZm9yIG1ha2luZyBpdCBzbyBlYXN5IGZvciBoYWNrZXJzIHRvIGNsZWFyIG15IHZpcnR1YWwgYmFsYW5jZSBvbiBteSBwaG9uZSEiLCJ1cmwiOiJodHRwOi8vd3RvcC5jb20vMTM3My8zNTQzNjc5L1N0YXJidWNrcy1jYXVnaHQtc3RvcmluZy1tb2JpbGUtcGFzc3dvcmRzLWluLWNsZWFyLXRleHQiLCJiSXNJbGx1c3RyYXRpb24iOmZhbHNlLCJzdWJMaW5rcyI6W3siaW5kZXgiOjEsImNyZWF0ZWQiOiIyMDE0LTAxLTE2IDIyOjEyOjA5IiwiZmF2SWNvbiI6IiIsImd1aWQiOiI1NjA1YzNiMi05NTBkLTk1ZjYtMjcwNS1hMzQ0YjRlM2U1MjgiLCJ1bmlxdWUiOiJkZjE3Y2E2ZDhmNGJhNWZlMjhlZThlNTdjOWVkNzkzM2ZlMzEyNzEyIiwibGFzdFZpZXdlZCI6IjIwMTQtMDEtMTYgMjI6MTI6MDkiLCJyZWxhdGlvbnNoaXBzIjp7ImMiOlt7InUiOiJodHRwOi8vd3RvcC5jb20vMTM3My8zNTQzNjc5L1N0YXJidWNrcy1jYXVnaHQtc3RvcmluZy1tb2JpbGUtcGFzc3dvcmRzLWluLWNsZWFyLXRleHQiLCJ0IjoiU3RhcmJ1Y2tzIHN0b3JpbmcgbW9iaWxlIHBhc3N3b3JkcyBpbiBjbGVhciB0ZXh0IC0gV1RPUC5jb20iLCJsbSI6IjIwMTQtMDEtMTYgMjI6MTI6MDkiLCJ0eXBlIjoiYyIsInJlbFR5cGUiOiJBIn1dfSwic2hvcnRUaXRsZSI6InN0YXJidWNrcyBtb2JpbGUiLCJ0aXRsZSI6Inx8c3RhcmJ1Y2tzIG1vYmlsZSIsInVybCI6Imh0dHA6Ly93dG9wLmNvbS8/bmlkPTEwNDImdGFnPXN0YXJidWNrcyttb2JpbGUiLCJiSXNJbGx1c3RyYXRpb24iOmZhbHNlfSx7ImluZGV4IjoyLCJjcmVhdGVkIjoiMjAxNC0wMS0xNiAyMjoxMjowOCIsImZhdkljb24iOiIiLCJndWlkIjoiZWY0YzVlMDItYzQ2Yy1hZjc5LWM4Y2MtMGU5MDdkMmY1ZjhmIiwidW5pcXVlIjoiMTg2N2FkNjlkOGVkODUyNThiZjkwNTYxMzE0MmJjMmQ3NmYzN2VjYSIsImxhc3RWaWV3ZWQiOiIyMDE0LTAxLTE2IDIyOjEyOjA4IiwicmVsYXRpb25zaGlwcyI6eyJjIjpbeyJ1IjoiaHR0cDovL3d0b3AuY29tLzEzNzMvMzU0MzY3OS9TdGFyYnVja3MtY2F1Z2h0LXN0b3JpbmctbW9iaWxlLXBhc3N3b3Jkcy1pbi1jbGVhci10ZXh0IiwidCI6IlN0YXJidWNrcyBzdG9yaW5nIG1vYmlsZSBwYXNzd29yZHMgaW4gY2xlYXIgdGV4dCAtIFdUT1AuY29tIiwibG0iOiIyMDE0LTAxLTE2IDIyOjEyOjA4IiwidHlwZSI6ImMiLCJyZWxUeXBlIjoiQSJ9XX0sInNob3J0VGl0bGUiOiJzdGFyYnVja3MiLCJ0aXRsZSI6Inx8c3RhcmJ1Y2tzIiwidXJsIjoiaHR0cDovL3d0b3AuY29tLz9uaWQ9MTA0MiZ0YWc9c3RhcmJ1Y2tzIiwiYklzSWxsdXN0cmF0aW9uIjpmYWxzZX0seyJpbmRleCI6MywiY3JlYXRlZCI6IjIwMTQtMDEtMTYgMjI6MTE6NTgiLCJmYXZJY29uIjoiIiwiZ3VpZCI6ImNiNDAwOGE1LWIzNzItMzY5Zi1lYjZmLTE3YzM5MzQwM2JiZCIsInVuaXF1ZSI6IjMxOTYzYWRjMzI2ZGE5MDczYzU4ZjdjYWJlZDFhNjc5OWUzMzE1YzUiLCJsYXN0Vmlld2VkIjoiMjAxNC0wMS0xNiAyMjoxMTo1OCIsInJlbGF0aW9uc2hpcHMiOnsiYyI6W3sidSI6Imh0dHA6Ly93dG9wLmNvbS8xMzczLzM1NDM2NzkvU3RhcmJ1Y2tzLWNhdWdodC1zdG9yaW5nLW1vYmlsZS1wYXNzd29yZHMtaW4tY2xlYXItdGV4dCIsInQiOiJTdGFyYnVja3Mgc3RvcmluZyBtb2JpbGUgcGFzc3dvcmRzIGluIGNsZWFyIHRleHQgLSBXVE9QLmNvbSIsImxtIjoiMjAxNC0wMS0xNiAyMjoxMTo1OCIsInR5cGUiOiJjIiwicmVsVHlwZSI6IkEifV19LCJzaG9ydFRpdGxlIjoiQ29tcHV0ZXJ3b3JsZCByZXBvcnQiLCJ0aXRsZSI6Inx8Q29tcHV0ZXJ3b3JsZCByZXBvcnQiLCJ1cmwiOiJodHRwOi8vd3d3LmNvbXB1dGVyd29ybGQuY29tL3MvYXJ0aWNsZS9wcmludC85MjQ1NDM4L0V2YW5fU2NodW1hbl9TdGFyYnVja3NfXG5jYXVnaHRfc3RvcmluZ19tb2JpbGVfcGFzc3dvcmRzX2luX2NsZWFyX3RleHRfIiwiYklzSWxsdXN0cmF0aW9uIjpmYWxzZX1dfQ==

My Two Cents: jebb

Starbucks storing mobile passwords in clear text - WTOP.com

Published: 2014-01-16 22:13:15

starbucks mobile

starbucks

Computerworld report