Several years ago, I had an experience at an Apple store that made me feel out of step with today’s technology. Upon reflection, I realized it wasn’t my being out of step; it was my knowing too much about modern technology. Now that feeling is back with the iPad and Square.
In that Apple store experience, I selected a product for purchase with the assistance of a sales clerk. Upon that selection, the clerk offered to run my card through a hand-held device to complete my purchase. I became uncomfortable and said I wanted to go to checkout in the traditional manner. When I got there, there were no point-of-sale (POS) registers and the clerk used the device to process my purchase. At that moment, we both attributed my discomfort to my unfamiliarity with the new technology.
But after I left the store, I realized my discomfort really arose from two authentication issues: how did I authenticate that this person on the sales floor was an authorized Apple sales person and how did I authenticate that device this person held was an authorized Apple device?
I never contacted Apple to raise my concerns about this procedure, but apparently sufficient numbers of people were uncomfortable with the system that the next time I made Apple store purchases, a year later, there were stationary POS systems at the checkout and nobody offered to charge my purchase from the sales floor. Whether that is still true, I do not know, but I hope it is.
But now we have the iPad and we have Square. The iPad has been turning up in cafés as a POS. There is frequently a small white device plugged into it, a device which can be used for credit card swipes. And once again, I am uncomfortable. How do I authenticate that my card info is not savable in the iPad? How do I authenticate that it is the Square app that is running and that it is the only one running? How do I authenticate that the device plugged into the iPad is an authorized Square device?
I did a search and it turns out I have other questions I need to be asking: How do I know that my card information cannot be intercepted by rogue devices, whether by other nearby readers or by skimmers? How do I know whether and where my card information is encrypted? And how do I know it won’t accept a counterfeit copy of my card that has been cloned through other means?
As of the present, I am not square with Square, nor with other easy-POS devices and software, and it’s going to take a lot more than time and ubiquity to make me comfortable paying through it/them.