Square Inc. says claims by competitor VeriFone Systems Inc. that its mobile credit card reader is insecure are unfair and inaccurate.
Jack Dorsey, the chief executive of Square, said in a letter posted on the San Francisco company's website Wednesday that the accusations overlook "all the protections already built into your credit card," including efforts by customers banks to alert consumers of fraudulent charges.
The letter references allegations made by a "competitor" but it does not mention VeriFone by name. VeriFone, a San Jose, Calif., payment terminal maker that sells a competing device, on Wednesday launched a website describing how Square's mobile card reader, which plugs into the audio jack of a smartphone, can be turned into a skimming device to steal cardholder data.
The site initially included a link for visitors to download a demo version of the rogue application VeriFone Chief Executive Doug Bergeron said the company created in less than an hour to store the data. The link has since been removed.
"The issue is that Square's hardware is poorly constructed and lacks all ability to encrypt consumers' data, creating a window for criminals to turn the device into a skimming machine in a matter of minutes," Bergeron wrote in a letter posted on the site. VeriFone says its mobile reader, PAYware Mobile, is more secure because it encrypts, or masks, cardholder data from the time a card is swiped to when it is delivered to the company's data centers.
In his response, Dorsey said any technology, including "an encrypted card reader, phone camera or plain old pen and paper," can be used to steal information.
"If you provide your credit card to someone who intends to steal from you, they already have everything they need: the information on the front of your card," Dorsey wrote.
Square's processor, JPMorgan Chase & Co., "continually reviews, verifies, and stands behind every aspect of our service, including our Square card reader," he added.
A spokesman for JPMorgan Chase and its processing subsidiary, Chase Paymentech Solutions LLC, said in an e-mail Thursday that it was aware of VeriFone's website but had no comment on the claims.