Team Clark is adamant that we will never write content influenced by or paid for by an advertiser. To support our work, we do make money from some links to companies and deals on our site. Learn more about our guarantee here.
There’s an emerging problem with the Starbucks app and stored-value cards that could drain the money out of your account or worse.
One in 5 purchases at Starbucks is now made using the app. Because the chain tends to attract a higher-income customer, that has made the app a big fat target for criminals.
The latest breach is seeing criminals try one password after another after another until they can break in and empty accounts. It’s what’s known as a brute force attack in hacker terminology.
In the simplest scenario, the money is drained from your app or your stored-value card. But in a more malicious turn, if that app or card is tied to your checking account, that could be drained too!
Here’s a tip: Turn off automatic reload if it’s something you have set up. And never tie any app or stored-value program into a debit card. Do it to your credit card only.
Starbucks is now saying that if you find money vanishing from your account, they will restore it.
Starbucks has gotten a lot of heat for not locking you out after 3 wrong password attempts. Ditto for not having ‘two-factor authentication‘ or ‘two-step authentication.’ But with all the scrutiny being thrown their way, I’m expecting they’ll get on board with these measures shortly.
Two-step authentication is where you have to go through an additional step to authenticate who you are when doing a transaction.
The most common type of second-layer authentication is something you may be familiar with from the banking world. It’s a security token (FSR token or fob that you carry with you) which you can get by calling your bank or brokerage firm. The security token generates a 6-digit code that changes every 30 seconds. So when you log in, you enter your username and password as usual and then also the latest six digits from your token.
Another way to have second layer of authentication is to have a verbal password put onto your account. But note this well: When you call your bank or brokerage firm, they will *not* give you any prompt to remember your verbal password — so you’ve got to be sure you have it memorized.
This post was last modified on March 22, 2017 3:38 pm
If you've been considering signing up for one of the Chase Sapphire credit cards, now…
The costs associated with owning a home go way beyond the amount on the mortgage. …
Inflation hits people on a fixed income the hardest. Say you're retired. You're living off…
Deciding to save and invest are great habits. But once you check that box, your…
If you're considering subscribing to Fubo, you need to be comfortable missing out on some…
Are you looking for a way to earn 2% back on every purchase you make…