Square, the mobile payment upstart that's combined a credit card-reading dongle with the iPhone and iPad to take on established point-of-sale (POS) payment solutions providers, has been making frequent appearances in the news of late.

From attracting users like the Obama campaign and taxi drivers in New York City to overhauling its mobile app in an effort to drive consumers to local businesses, it appears that Square's $4bn-plus in annual payments processed could be just the tip of the iceberg.

But that doesn't mean that Square's success is guaranteed. Powerful, entrenched competitors like Verifone are moving to solidify their positions in the POS market, and digital majors like PayPal are launching their own Square-like solutions.

To succeed, Square will not only need to up its marketing game, it will need to improve its product.

When it comes to Square's product, one area where competitors have attacked the company is security.

Up until now, security has been an easy target because Square's card reader didn't employ encryption. It was such a juicy target that Verifone actually launched a site specifically hammering away at the security issue.

So Square has finally responded by adding encryption to its card reader. As reported by VentureBeat, all of the dongles Square is shipping to merchants today come with encryption baked in and over time, Square will upgrade existing merchants to ensure that their readers are more secure as well.

According to VentureBeat, there is some downside for Square with the encryption: it adds to the cost of the card reader. But whatever the costs, the company arguably had no choice but to eat them as the security of mobile card readers is only going to become more important as more and more merchants begin using them.

With the encryption issue apparently solved, the big question now for Square is what else it can do to differentiate itself from the competition. With PayPal Here and others hot on its tail, simply covering the bases might not be enough.

Patricio Robles

Published 28 March, 2012 by Patricio Robles

Patricio Robles is a tech reporter at Econsultancy. Follow him on Twitter.

2647 more posts from this author

You might be interested in

Comments (2)


Alec Saiko, Marketing Consultant at Aviva

Nice. They've been operating for 3 years with non-encrypted financial data then? Better late than never.

For how many security breaches and ID thefts we have it would be nice for someone to finally mandate PCI-DSS compliance or at least 'security first' mantra - not security through obscurity or 'launch now, secure tomorrow' ways many start-ups and big businesses operate.

over 6 years ago


Ron G

Wait until you have a problem. They don't have a phone. I have been waiting 3 weeks for them to clear up a deposit problem and it still is not solved. It takes at least 2 days for them to return an email. I cancelled my account!

about 6 years ago

Save or Cancel

Enjoying this article?

Get more just like this, delivered to your inbox.

Keep up to date with the latest analysis, inspiration and learning from the Econsultancy blog with our free Digital Pulse newsletter. You will receive a hand-picked digest of the latest and greatest articles, as well as snippets of new market data, best practice guides and trends research.