
Squareup - tiffani
http://www.squareup.com
======
asciilifeform
This may come as a shock to some, but:

Magnetic cards (and all existing RFID equivalents) are _bad._

Instead of encouraging their use, we should be creating the mostly fraud-proof
obvious alternative: one in which a single transaction does not give the other
party permanent access to your wallet.

Picture a card with a key pad on it, for entering a dollar amount. The
transaction (through RFID?) would be valid for only that amount.

All of the required cryptographic math has existed for decades. All we need
now is the hardware and some infrastructure.

~~~
diN0bot
totally. one of my housemates reads and writes magnetic strips for fun. we buy
a couple memberships to something and then duplicate the cards to share.

~~~
pbhjpbhj
_we buy a couple memberships to something and then duplicate the cards to
share_

Hey that does sound fun, it also sounds like criminal fraud.

~~~
trimski
It's really no more criminal than sharing the physical card by passing it
around, though the law may disagree.

~~~
mquander
You know, words have definitions. If you and the law disagree about what's
criminal, the law is correct.

~~~
trimski
You're right, that was a rather asinine thing I said.

------
vaksel
This sounds like a money grab business to me.

They'll launch, make a couple hundred mil, then they'll get hit with fraud, a
ton of people will lose money, and they'll be forced to shut down, since noone
will want to use the service, in fear of getting defrauded.

Since there is no barrier to entry, it'll be like 2 weeks before someone comes
out with a black market version, that will look exactly the same, but instead
of processing credit cards, it'll store them for future fraud.

Will be like the ATM snooping devices, but instead of having to get into the
bank, all you need is an iPhone, and some "small" business to rob people with.
A taxi, or a newspaper stand.

Edit: If you are going to downvote, at least tell me how exactly do you think
this will avoid fraud from fakers who imitate the look and feel of the device?

~~~
SwellJoe
If you haven't read the PayPal story, you probably should. A good version of
it is to be found in _Founders at Work_ , as told by Max Levchin (the nerd who
mostly solved fraud for PayPal). Turns out the early story of PayPal is the
story of solving the fraud problem...so it is extremely relevant to this
discussion. PayPal also started as a company doing security and payments on
portable devices, so it's doubly relevant.

As far fraudulent devices, I think it's pretty safe to assume that people
aren't going to be swiping their cards with random people; rather merchants
and vendors that they already have a reasonable level of trust with, but in
situations where sales would have been limited to cash only or more
complicated and PO-based (trade shows, live events, sales guys in the field,
etc.). It won't stop the kinds of fraud that already happens; like your waiter
at a restaurant keeping lists of card numbers for sale on the black market.
And, I guess it would make that kind of fraud easier, since the attacker would
have more information.

But, people are, I think, pretty cagey with handing random people their credit
card outside of the context of a reasonably trustworthy business. I doubt this
will change that. I'm about the hit the road doing sales work for my company,
and I can see this coming in very handy, and I don't think my potential
customers would have any reason to be concerned about fraud (since they can
easily check up on us, and know that I am who I say I am).

~~~
volida
"think it's pretty safe to assume"

Hope doesn't scale.

~~~
SwellJoe
You're probably right.

[http://paulbuchheit.blogspot.com/2007/03/how-to-be-
right-90-...](http://paulbuchheit.blogspot.com/2007/03/how-to-be-right-90-of-
time-and-why-id.html)

~~~
volida
I didn't criticize the idea. I up voted the story.

I just answered specifically to the comment, referring to the security aspect.
Paypal was losing 10 million USD from fraud, so hope won't do it for the
security.

"assume that people aren't going to be swiping their cards with random people"

Assuming, just won't do it.

~~~
SwellJoe
And, I'm not arguing with you. I think fraud _will_ be a big part of the
problem they have to solve. I'm just pointing out that fraud has been solved
in other novel payment processing cases in the past and will be solved for
this particular case by _someone_ , possibly this company, possibly one of the
several likely competitors that will spring up (payment processing is
incredibly lucrative if you _do_ solve the fraud problem well enough).

I'll also mention that folks swipe their cards in fake ATM swipers pretty
regularly. It hasn't hurt ATM usage, in general. Likewise, PayPal fraud is
still an issue that they fight every day...but PayPal is incredibly
profitable. eBay and craigslist also have huge fraud problems, but again, the
sheer volume of legitimate transactions and the value of the huge markets they
serve is enough to overcome any misgivings people have about using the
services. So, I don't think that fake swipers will make this particularly
company any more or less trusted than existing providers that have to fight
fraud (assuming they are vigilant about actually fighting it).

~~~
jamiequint
I wouldn't be surprised if they were working with Palantir (ex-paypaler
company) and using their fraud detection software, since PayPal has already
been through this whole ordeal, its probably a much more solvable problem now
than before, at least someone has figured it out.

The interesting thing here is that PayPal made all their margins by
encouraging people to use bank accounts rather than credit cards because they
made almost no profit on credit card transactions. I'm interested in how this
revenue model will work out, it seems like merchant services providers have
arrived at their current model of business (arduous checks before granting
accounts) out of necessity. Since Square is basically in the merchant accounts
business (that's where their margin is) it will be interesting to see if they
actually know something that merchant service providers do not about granting
accounts to anyone who wants them without more verification.

I've always wondered why merchant service providers didn't instantly verify
accounts and allow people to start charging immediately, but hold the captured
funds while the account was verified with all the proper checks. Maybe that is
what Square is doing.

------
Tichy
This could revolutionize begging. One of the last jobs that has not benefited
from the computer revolution yet.

~~~
idm
Funny, but there's something serious lurking in this comment.

Think about how US dollars declare, on the face of the bill, that the currency
is good for all sorts of transactions (all debts, public and private). Even a
beggar can get in on the use of this currency. People can easily give to a
beggar with almost no overhead, and the recipient can spend the currency
almost anywhere.

Credit isn't anywhere near that yet, especially since transaction fees are
non-trivial. However, there's been a pretty major barrier to receiving credit
payments, and even if someone was willing to pay the fees, there hasn't been a
good way to interface with it.

Let's say I pay for two coffees with credit, and a friend wants to pay me with
credit for one of the coffees. Even if I were willing to pay the transaction
fee, I couldn't take their credit card, easily. PayPal is close to that point,
but square is closer.

Settling trivial, private debts with credit will be just as good as any
currency that works for all debts, public and private.

~~~
dannyr
With private debts, I believe credit card companies will treat that as a cash
advance so the transaction fees will be pretty high. Maybe you can use bank
accounts for that but the transfer will probably not be instantaneous.

------
tbgvi
Interesting idea, I really like the hardware piece.

Not sure how large of a market there is for this. Mom + Pop stores use CC
terminals (cheaper than an iPhone), so that leaves this open to mostly people
who accept payment outdoors at farmers markets, sports events, etc..

For that to work you'd have to be comfortable giving a merchant your credit
card, which isn't a sure thing considering they can disappear without a
brick+mortar store. Also, the merchant would have to be comfortable giving a
customer their iPhone. I know I wouldn't want to hand out my phone to random
people on the street.

That being said, it looks cool and if I had a store I would definitely give it
a try.

~~~
kareemm
it's unclear to me whether you need a merchant account to use square; i'm
assuming from "0-$60 in under 10 seconds" that you don't.

if you don't need a merchant account, the market for this is massive. there
are millions of people who provide services and sell products who take cash,
check, or paypal only. many of these people are dying to take credit cards
with zero hassle, which square lets them do.

~~~
tbgvi
I thought about that too. Someone has to have a merchant account, so it's
possible all of the payments go through Square and they act as a clearing
house where they redirect payment to the correct merchant. I could see that
leaving them vulnerable to chargebacks. I wonder what kind of rates they're
offering to users.

------
dpcan
And they say innovation is dead in the U.S. Using the audio jack to read
credit cards, brilliant.

Thinking out loud: I assume it reads the strips and converts the information
to tones - but I would love to read more about it. I just want to plug it into
my computer and see what comes up in Audacity when I scan a card.

I think this device/feature overwhelms the service as a whole actually.

~~~
boucher
I think the opposite is true. The hardware is almost a gimmick to push what is
otherwise a potentially powerful service.

The theory behind this app is that individuals are now empowered to take
credit cards for anything they previously would have had to take a cash or
check for, which is increasingly important in our society where credit cards
are becoming the normal way to pay for things.

As for the hardware, it's a pretty old trick. Though I don't know any of the
specifics of this device, you don't need to look any further than your
graphing calculator to see the idea in use.

~~~
ivankirigin
You're 100% correct. Hardware is cool, but the merchant services side is what
makes Square awesome

~~~
wmf
How is that different from PayPal? To me the hardware is what Square is about.

~~~
ivankirigin
Yes, paypal does something similar for online payments. I'm pretty sure the
lag for merchants is longer.

Note that PayPal was revolutionary and is worth many billions of dollars -
largely because they could handle the fraud this kind of configuration causes.

------
javery
CEO is Jack Dorsey of Twitter fame.

~~~
subbu
How does it work? He is still part of Twitter. Can you be part of multiple
startups of commercial interests?

~~~
brown9-2
Last time I checked there is no law preventing you from having multiple
jobs/businesses in this country.

------
pmikal
Wireless terminals have been available for a long time. Verifone has sold
thousands of wireless terminals with a built-in GPRS and ethernet. You can
easily find them for less then $200 and are purpose built for retail.

<http://www.verifone.com/countertop/vx510.aspx>

The last thing I want to do is to hand my $699 iPhone over to a customer,
especially with a usb attachment or delicate accessory in it's headphone
jack....

------
dacort
Wow - love the concept and vision here. Were I such a person, I might dub this
payments 2.0.

This image on their home page gave me chills, though.
[http://a1.sqimg.com/static/6c1cc3c1ad109e13d0be182c75c470762...](http://a1.sqimg.com/static/6c1cc3c1ad109e13d0be182c75c4707620ef0a4c/images/home/accept-
payments.jpg)

But that's likely only because I'm a half-paranoid security geek.

~~~
mmagin
I seriously gotta wonder how the iPhone of some random person (which has
various third party apps on it, etc.) is going to meet the kind of security
requirements the card issuer cares about:
[http://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Secu...](http://en.wikipedia.org/wiki/Payment_Card_Industry_Data_Security_Standard)

~~~
wmf
Haven't you heard? The App Store approval process prevents any trace of evil
from getting into the iPhone.

Also, most Windows PCs aren't PCI-DSS compliant but people still use them for
online shopping and banking.

------
tom_b
I like it from the person to person interaction level.

What about wear and tear on the audio in jack? Gas pumps and grocery stores
have card swipers that look like little tanks bolted on.

~~~
arfrank
Theoretically you could use any headphone extension cord to ease this problem
considering it most likely uses an audio signal to pass the information. This
would in turn let you attach the reader elsewhere on the phone.

Although it seems like part of the point is to have a tiny device you can just
pull in and out of your phone at need be.

------
lsb
So how do I buy it? What are the fees? It's backed by Khosla Ventures, so it's
obviously not vaporware, but I don't see a call-to-action anywhere.

~~~
ispivey
It's in closed beta with a number of vendors, like @sightglass & @lilybellesf.
According to their Twitter, they're taking beta applications later today:
<http://twitter.com/Square/status/6242394391>

~~~
socmoth
there is a form on the page now

------
yan
They also have a github repo up: <http://github.com/square>

------
amohr
So our family business has been taking credit cards for 9 or 10 years - it's a
mobile business, so we have always had to use a cell signal. The earlier
machines were bulky and monstrously expensive, and so were the analog service
plans for them. But now, data transfer is cheap, and card readers are as low
as $400.

I think it's also worth noting that, in that time, we've never had a problem
with our card reader (the latest, we've had for about 4 years) but my ipod
touch, which is a year old and sees far less punishment, has a broken home
button.

------
jeremymims
The feature I'm most excited about is e-mail receipts. If I never had another
paper receipt again, I'd be perfectly happy. I also think using the audio jack
as the reader is incredibly smart.

Actually, there are two things about this system that I really like:

1\. I can see a future where paper receipts are a thing of the past.

2\. If someone uses my card fraudulently, I'll receive an e-mail a minute
after it happens alerting me that something is amiss.

~~~
pbhjpbhj
_2\. If someone uses my card fraudulently, I'll receive an e-mail a minute
after it happens alerting me that something is amiss._

And then? Do you think the banks will assume responsibility for allowing the
fraud?

------
iamdanw
Neat idea with the reader but I guess it'll be limited to the US market since
it can't support chip & pin transactions.

------
yish
Interesting that all transactions show up as from squareup.com. This means
that actual vendors are just virtual accounts and they could benefit from the
economies of scale and can be provided those cost benefits that square up
obtained. This most likely would be cheaper then any plan a small merchant
would be able to get on their own.

I wonder what the overhead is per transaction (usually a small fixed fee as
well as a percentage of the overall transaction). Having worked with some
small retail shops, you usually trade off either a higher per transaction cost
with smaller percentage fees for large ticket price items or the other way
around for quick-serve restaurants for instance.

------
grandalf
This is an awesome idea... Why not just have it use the camera to OCR the
front of the card?

~~~
Nwallins
Credit card issuers (i.e. the bank that owns your cc account) trust the track
data on the magstripe more than just the PAN embossed on the front of the
card. This affects interchange fees, transaction costs, etc.

------
there
it would be neat if customers could download an app that would interface with
a store using square.

the customer could browse the menu, buy the product (coffee or whatever) and
prepare their order before even getting to the store, then walk in, transmit
the order wirelessly (or through the internet to the store) along with their
stored payment info to the store's register and have everything processed
right away without having to swipe anything or even stand in line.

i'm sure there are existing iphone apps that do this for particular stores
(chipotle comes to mind) but if it was a generic app that automatically worked
with any store that accepted square, it would be pretty convenient.

------
callmeed
I am excited about this ... at the same time, it would need some specific
features for me to be a customer.

This would be ideal for us at tradeshows and seminars. We attend/sponsor about
5-10 per year and do quite a bit of business at a few of them. Instead of
having a dedicated laptop in the back for sales, this would be much easier.

On the other hand, we already have a merchant account (with Brain Tree). Plus,
we have older clients still paying us with PayPal subscriptions. The _last_
thing we need is another gateway/merchant company.

I suspect there are many other businesses like us.

I hope they are either very flexible or license the technology to other
companies.

------
alaskamiller
Reader grabs card data, modulates it, the mic-in audio port hears it, software
analyzes it, merchant service processes it, then you tweet it.

------
dannyr
Good technology but it's mainly for businesses.

I'm still waiting for the ability to pay with your cellphone to any merchant.
This is happening in Japan and Korea right now among others.

Maybe an IPhone or Android will have an RFID chip in the future.

Or maybe there will be a mobile app that displays a QR code that a merchant
can scan and grab your credit card information.

~~~
atamyrat
No, it should be other way, merchant displays QR code with merchant's
identity, payment amount, transaction ID and you authorize the transaction.

~~~
olefoo
I like this idea.

You could have expiring and non-expiring offers too, so that you could have a
payment station that was not much more than a sign with a barcode.

------
datums
Innovative! Door to Door newspaper selling, Collections. Food Carts, Local Car
Service, Donations. Anyone can take a payment for a service in real time. The
transaction fees, security perception and ease of signup will determine it's
adoption. The hardware cost can be reimburse to the client from the
transaction fees.

------
techiferous
I'm very impressed by the quality of the front page. Instantly I knew what the
product was about. The style of the site is very professional. And the
information at the bottom of the page is extremely well organized.

I haven't seen a web site that communicates this effectively in a long time.
Kudos to the front page designer!

------
bumblebird
How is this better than keying in the cc number + expiry date?

Also I don't think this would work with chip+pin cards would it?

~~~
tsetse-fly
Is it not obvious? Why don't retail stores type in your credit card
information instead of swiping it?

Chip and PIN doesn't seem to exist in the US so I'd imagine they're not
targeting it immediately. I don't see why they couldn't expand the hardware to
support it though.

~~~
bumblebird
AFAIK reading the chip is non trivial, and involves heavy encryption and
proprietary hardware/software. Maybe though :/

~~~
tsetse-fly
Chip and PIN is a standard. They wouldn't have to reverse engineer it or
implement from scratch.

<http://en.wikipedia.org/wiki/Chip_and_PIN>

~~~
bumblebird
"This means that adding support for EMV to existing payment applications can
be a daunting task!

Furthermore, the demands of providing an EMV solution do not even stop once
all the necessary processing has been implemented, thanks to the extensive
type approval process enforced by the governing body, EMVCo. Before any EMV-
capable solution can be deployed, there are thousands of tests that need to be
passed to validate that the implementation conforms to the EMV industry
standard, and as the EMV specifications are regularly updated this becomes a
major task in itself! This is why many businesses requiring an EMV "Chip &
PIN" solution choose to license a purpose-built EMV software kernel rather
than developing their own."

<http://www.emvx.co.uk/emv_guide.aspx>

idk, maybe they could license it from someone, but I wouldn't say it's a
trivial thing to add.

------
pegobry
To me the biggest roadblock to widespread adoption is the fact that many small
merchants want cash & not plastic, not because a card-reading device is
expensive, or complicated, or what, but because cash is off the books.

------
tiffani
I see this and I think...why hadn't PayPal done something like this already?
It would make perfect sense for them have come out with something like this a
long time ago, but who knows...

~~~
bumblebird
Close to what paypal started as. Then they realized people didn't want to send
payments using their PDAs, they wanted to send them via email.

~~~
pxlpshr
...and obviously paypal was ahead of it's time, and I doubt the execution was
as clean or user-friendly as square.

~~~
bumblebird
I don't really understand the niche it's aiming to fill. Most
stores/restaurants have portable card readers these days, so is it a poor-mans
one of those?

I guess I'm wondering what use-case it's aiming at.

Also I absolutely would not trust someone swiping my card through one of
these. I like a closed box that is obviously provided by a bank, which cannot
be tampered with. Not an iphone that could be doing anything with my details.

~~~
ericd
I've seen only a couple restaurants in NYC where the waiters have portable
card readers.

And if they roll out person-to-person, this would be a whole lot nicer than,
say, having your friend write you a check.

~~~
jedc
Really??

Maybe this is a European thing, but here in London every restaurant has a
number of portable card readers. (Everyone here also uses chip & pin, though,
too.) As a consumer, it's awesome... much faster than the old days, and a hell
of a lot easier to split the bill when you want to do that.

~~~
ericd
Yeah, I noticed that when I was in London a few months ago. They're almost
non-existent in NYC as far as I can tell, and that experience has been
consistent with my experience elsewhere in the US.

Perhaps the London merchants are required or otherwise incentivized to use
portable ones?

------
Henry74
I am in Philly and I am using XIPWIRE and so are all my friends to make
transactions with our phones. AS far as I know none of us have had any trouble
and the fees are super low.

------
allenp
Does anyone know if this can be used between consumers (like paypal) or if it
is vender-to-consumer only?

------
khangtoh
Do they have a patent on the magnetic reader that interfaces using an phone
jack? Just curious.

~~~
iamdanw
I've seen prior art for this, so I should expect not

------
javan
The audio jack is on the top of the iPhone. What's it hooked up to in that
picture?

~~~
simplify
Looks like an ipod touch to me.

~~~
javan
good call

------
petenixey
Very cool - congrats to PK for being involved in this too. Looks beautiful.

------
colbyolson
I know this wont be a very substantial comment but:

That's pretty freaking cool.

------
estrabd
geee...what could go wrong here.

------
zackattack
Please roll this out to cab companies in Chicago

------
ssn
At first glance, it fells like a joke.

------
niallsmart
I don't get it, why would you want to tweet your credit card number?

