Starbucks Responds To Its iOS Mobile App’s ‘Theoretical Vulnerabilities’ By Announcing An Update

Starbucks has started rolling out an update for its iOS mobile app after a security analyst revealed that anyone with a smartphone can retrieve the user's password.

Starbucks, one of the most popular coffee chains around the world, found itself in hot waters after a security analyst exposed the coffee house's iOS mobile app vulnerabilities, earlier this week. The news spread like fire, with several media publications highlighting Starbucks' decision of choosing "convenience over security." Now, the renowned coffee seller has promised to bring extra layers of security for its mobile app so it can assure the safety of the customers using the app.

The Starbucks app, which allows customers to place orders and pay for food and drinks at any of its coffee houses via smartphone, was storing confidential data including users' password in plain text format. Anyone in possession of a handset could retrieve the password and location history of the user by running common development software to find the exact file. The details of the research done by security analyst Daniel Wood are available here.

Starbucks Chief Information Officer, Curt Garner acknowledged the vulnerabilities but assured that there have been no incidents of customers' information being compromised. "Regardless, we take these types of concerns seriously and have added several safeguards to protect the information you share with us," Garner explained in the company's website. "To protect the integrity of these added measures, we are unable to share technical details but can assure you that they sufficiently address the concerns raised in the research report."

The company will roll out the update for its iOS version of the mobile app "soon." The Android app has not been included in the research, hence the possibilities of the threat or precautions for Android users have not got any mention.

Tags
Starbucks, Responds, Ios, Mobile, App, S, Out
Real Time Analytics