Following backlash, Starbucks beefs up security in iPhone app


You have to hand it to the folks of Starbucks. When they want to, they can move rather quickly. Hot on the heels of its blog post earlier today addressing security concerns regarding its iPhone app, the coffee company released an update this evening.

The change log for the update, which is marked as version 2.6.2, notes the new release brings ‘additional performance enhancements and safeguards.’ And we’re hoping this means that the app no longer stores user passwords and data in plain text…

From Starbucks’ official blog:

“As promised, we have released an updated version of Starbucks Mobile App for iOS which adds extra layers of protection. We encourage customers to download the update as an additional safeguard measure.”

For those that came in late, Starbucks confirmed earlier this week that its app—a popular mobile-payment app—stored unencrypted info like passwords and user names. This means someone with your phone could retrieve this data, no jailbreak required.

Concerns regarding the Starbucks app were first raised last November, when security researcher Daniel Wood discovered it was stowing confidential data in a plain text file. Wood claims he tried contacting the company several times, but received no response.

If you use the Starbucks iPhone app, or are planning to, you’ll want to grab the latest version from the App Store for free.