MCC Daily Tribune

Using Mobile Apps Safely

You may have heard about Starbucks App being Vulnerable to Fraud. In this report, we learn that one quarter of Starbucks' sales are made through the Starbucks app. Do you have the app? If you do, the best advice is to remove it.

The individual featured in this report is an editor with BuzzFeed News, Vanessa Wong. Interestingly enough, while she was working on a story about a data breach at Chipotle, she received an email alert from Starbucks thanking her for replenishing her card balance by adding another $100. Given that she had no recollection of doing this, she checked her app that showed purchases made in San Diego, depleting her funds. Well, she was in New York City when the San Diego purchases cleaned out her account. My thought is that Ms. Wong must have had her credit card tied to her Starbucks card, and set to automatically replenish.

Hackers steal login information and sell it online to other criminals. According to Ms. Wong, this happened to Starbucks customers in 2015 as well. Starbucks told people not to use the same userID and password for all accounts, and to go change their passwords. So, who is responsible? In my opinion, the end-user, Ms. Wong, is ultimately responsible for her security on her device.

Information security requires a constant state of vigilance. Change your passwords regularly, and use strong passwords.

How to use Apps Safely

There are so many apps out on the market. Most require userID and password. So, if you don't "need" an app, don't download it. Be selective. Consider the value of the app vs the potential danger. Try not to store your password in your apps. It's a pain, but enter it every time. If possible, select two-factor identification. Information security is up to you. Even the strongest password is not enough. You have to change it regularly, and you have to use good judgment always.

Here are some links to YouTube videos about using strong passwords. All feature closed-captioning.

Pogroszewski, Donna
Communications and Network Services