I have to admit that this feature looks pretty neat from the outside. But after working with Bluetooth LE devices for most of this year, I have a lot of questions about the security of these transactions over a BLE wireless transmission.
Are they using the BLE secure protocol to handle the transactions? If yes, then how do they establish the connection? You would need to “pair” each device that you would be interacting with before accepting the transaction. The user experience would be similar to pairing your phone to a regular bluetooth device.
If the BLE transaction is not secure, then there is a serious risk of having the transaction skimmed, or worse, to have a hacker steal money off your phone through BLE. no bueno…
While I am positive that Square has made efforts to secure these transactions, I still have concerns about using BLE for financial transactions. Isn’t that what the NFC chip was designed for?