Tim Hortons security loophole
By Canadian SecurityNews Retail tim hortons
This article suggests that: Tim Hortons Inc.’s new mobile app, TimmyMe, is prone to a security loophole that allows someone to create barcodes online to steal the money from customers’ gift cards.
Tim Hortons launched the TimmyMe mobile payments app in December 2013, which allows users to connect their gift cards to their app and then pay with the app at the cash register. As long as an attacker has a gift card’s 16-digit number, he can generate barcodes for these gift cards, scan them at a Tim Hortons cash register, and charge gift cards bought by another person. The Android and iOS versions of the mobile payments app are currently in pilot mode, being accepted at only 55 Tim Hortons locations across southern Ontario.
To read the whole story on the IT Business website, click here.
Print this page