#1 Way To Safeguard Your Starbucks App Account

|
#1 Way To Safeguard Your Starbucks App Account
Image Credit: Sharon & Nikki McCutcheon/Flickr
Team Clark is adamant that we will never write content influenced by or paid for by an advertiser. To support our work, we do make money from some links to companies and deals on our site. Learn more about our guarantee here.
Advertisement

There’s an emerging problem with the Starbucks app and stored-value cards that could drain the money out of your account or worse.

Starbucks hack impacts customers

One in 5 purchases at Starbucks is now made using the app. Because the chain tends to attract a higher-income customer, that has made the app a big fat target for criminals.

The latest breach is seeing criminals try one password after another after another until they can break in and empty accounts. It’s what’s known as a brute force attack in hacker terminology.

In the simplest scenario, the money is drained from your app or your stored-value card. But in a more malicious turn, if that app or card is tied to your checking account, that could be drained too!

Here’s a tip: Turn off automatic reload if it’s something you have set up. And never tie any app or stored-value program into a debit card. Do it to your credit card only.

Starbucks is now saying that if you find money vanishing from your account, they will restore it.

More security measures could be coming

Starbucks has gotten a lot of heat for not locking you out after 3 wrong password attempts. Ditto for not having ‘two-factor authentication‘ or ‘two-step authentication.’ But with all the scrutiny being thrown their way, I’m expecting they’ll get on board with these measures shortly.

Two-step authentication is where you have to go through an additional step to authenticate who you are when doing a transaction.

The most common type of second-layer authentication is something you may be familiar with from the banking world. It’s a security token (FSR token or fob that you carry with you) which you can get by calling your bank or brokerage firm. The security token generates a 6-digit code that changes every 30 seconds. So when you log in, you enter your username and password as usual and then also the latest six digits from your token.

Another way to have second layer of authentication is to have a verbal password put onto your account. But note this well: When you call your bank or brokerage firm, they will *not* give you any prompt to remember your verbal password — so you’ve got to be sure you have it memorized.

Advertisement
Clark Howard About the author:
Clark Howard is a consumer expert whose goal is to help you keep more of the money you make. His national radio show and website show you ways to put more money in your pocket, with advice you can trust. More about Clark
View More Articles
  • Show Comments Hide Comments