Square Reverses Course, Now Embraces Encryption
Written by Evan SchumanSquare, the well-funded startup that found itself on the winning end of a pissing context with VeriFone last month, because it refused to encrypt mobile payment transactions, has now reversed course and embraced such encryption. It switched course on Wednesday (April 27), which by remarkable coincidence is the same day it announced that encryption aficionado Visa had made an unspecified investment in Square.
Sam Quigley, a Square manager with the title Security Lead, casually responded to a question at a Visa conference that Square will be distributing—for free, mind you—an encrypting card reader this summer for its mobile-phone-payment users. This is an amusing turn of events. Last month, VeriFone was deluged with no shortage of bad blood for having demanded that Square either encrypt transactions or risk destroying the solar system. Square said no such system was necessary. I guess a month—and Visa dollars—has a way of changing one’s perspective. And, I guess VeriFone ended up winning this battle, in that Square did what it asked the company to do. But it wasn’t what VeriFone wanted Square to do. VeriFone didn’t want the victory; it wanted the battle. By embracing encryption, VeriFone’s fears have become quite real.
-Marc
May 9th, 2011 at 11:30 am
Hi There
I have been following this issue quite closely, and from my understanding PCI standards council has withdrawn any original specifications for mobile PCI standards and are currently evaluating the market.From the research I have done I have read that a business can be fined up to $25 000 a month for not being PCI compliant. My question is how is Square operating in this environment without being compliant or if they are compliant how have they acheived this compliance if there is no Mobile standard? My second question is, is Square acting as an Acquirer in the merchant supply chain? Look forward to your response