On the detail page about security (https://help.squareup.com/customer/portal/articles/7764) it says: "Fully encrypted: Square performs data encryption within the card reader at the moment of swipe."
Yet, the app in this article appears to be simply recording audio from the head.
So, what's going on?
There are already plenty of examples of people hacking Squares, mostly to use them as credit card skimmers though. This is one of the coolest most creative hacks I have seen for it though, bravo.