Starbucks Responds to Security Criticism With App Update
Well, that was fast. After facing significant criticism this week over reports that its mobile app is not secure and does not encrypt users’ login information, Starbucks (NASDAQ:SBUX) confirmed Thursday that it is preparing to launch an update to its app that will provide additional “safeguards” for customers. It is still unclear when the world’s largest coffee chain will update its app to Starbucks version 2.6.2, but according to Apple Insider, the company’s CIO promised Thursday that an update is coming “soon” and will ensure that usernames and passwords are no longer stored as plain text.
Starbucks first came under the spotlight earlier this week when one of its own customers, security researcher Daniel Wood, publicly reported on the lack of security Starbucks’s app operates under. Wood first alerted the Seattle-based company in December that storing data about users of its iOS app in plain text and locally on a device leaves users vulnerable to theft if smartphones get left in the wrong hands, but Starbucks spokespeople maintained up until Thursday that the probability of the app being exploited is “very far fetched.”
Unfortunately for the coffee company, though, those claims left Starbucks open for criticism, and led some to report that Starbucks “chose security over convenience” for its iOS app — a rumor that Starbucks wouldn’t let fly. That’s why the chain agreed later in the week to upgrade its app with “extra layers of protection,” effectively assuaging the concern of its users, even if it wouldn’t admit that the update is necessary.