Question with a back story.
Questions:
Are apps on an iPad more secure than a web interface? Are they more or less secure if using 3G instead of wifi?
Backstory:
Outside of the supermarket, were some folks raising money for the United Nations Refugee Agency (well, specifically USA for UNHCR, which is a charity that donates to the agency, as far as I can tell). They were *not* taking cash. They wanted to sign you up,using their iPads, with a credit card. I told them, I was happy to help the cause, but not one to enter my contact info and credit card info into a strange iPad. They (of course) assured me, it was all on the level. That it was encrypted. It was very safe, because they were using an app, and not a web page. My thoughts were, I have no clue if this app logs the info, so it can be accessed later. Or data captured over the network, or, I dunno. Also, not in the habit of giving to folks outside of super markets. But, it's the UN, and despite the Security Council shortcomings, they do a lot to help the world.
Anyhow, just wondering if I was being overly paranoid? I'm asking in tech, in case there is anyone with app programing knowledge that might know.
The Square app, which is probably what they are using, is used all over the country by a lot of small business users. Even brick and mortar places are moving to it: both of my local coffee houses use Square and iPads as their cash registers. However, I highly doubt they are more secure than a well secured Web interface, whether using wifi or 3g. Good programming and encryption makes either of them supremely uncrackable.
I do not believe that 3g is any less secure than Wifi - if the encryption is done correctly it doesn't matter how sniffable the data. It's encrypted and will look meaningless to sniffers who do not have the private key. So I wouldn't worry about that part.
Personally, I wouldn't worry about it. But then I don't worry about encrypted websites either. Credit cards have lots of built in protections for a reason. And your supermarket isn't necessarily any more secure than Square - I just read about a major loss of credit card data that came from Target in store purchases. Square is basically a more modern version of those little things that dial into Visa or whoever to confirm your card - both of them have their risks, but they are limited enough.
Thanks Gris, good to know.
The Square app, which is probably what they are using
Ah, that's the funny part. It was a propriety app. Nice and blue with the UN logo in it. After looking in the App Store, not available to the general public. The app was basically adding you to a mailing list, asking for lots of info, in addition to getting credit card info. That's what really got my Spidey Senses tingling.
Odds are high, it was all fine. I just try to minimize my risk to identity theft. It's happened to me twice now. Really don't want a third time.
It's fine to be cautious. If you're interested in donating, I'm sure you can do so directly with whatever method feels safest to you.
Zn general I don't donate to charities hanging out in public places (including in front of stores) or w ho call on the phone. If you seek them out at least you know that they represent the charity they claim and can also check to make sure it is not one of those charities that keep most of what is collected for themselves and only disburse a fraction of what they collect.
If I was at a farmers market or someplace where tiny vendors were legit, I'd pay by credit card on Square of such if that was the most convenient payment method.
I agree with Liese. If it was Square or paypal, I'd feel like that was on the level. Otherwise...?
Especially not taking cash is shady. OK I know a lot of doctors don't take cash. But for a retailer to refuse cash?
I can get a charity not taking cash as there is no way to track cash. Online donations go straight to the charity account. When we did our silent auction tracking the cash payments was the most challenging part and we had something to track against. With just taking donations in front of a store, I can see the allure from the side of the charity.
Turn on autocorrect in the Chrome browser:
Enable Autocorrect on Your Desktop with Chrome
Only works with Windows, Linux and the Chrome OS so I haven't tried it myself.
