Credit cards are stupidly insecure. Last I heard, a few years ago you could buy blocks of thousands of valid, tested credit card with CVV2 values for about the cost of a coffee. Credit cards works because the banks are willing to stretch far to block fraudulent transactions or take them off the bill because having you trust the card makes them lots of money.
The same will be the case here: Unless the fraud takes on truly endemic proportions, far higher than for credit cards, they'll just eat the cost.
It's not out of goodwill that the banks will eat the cost of fraud or work hard to prevent it. Banks do this to protect their own pockets, because (US) law says that customer liability for credit card fraud is limited to $50 and anything beyond that is the bank's loss.
For a counterexample, see Paypal. Paypal's unresponsiveness to fraud situations is legendary, because it's not their money at stake and as legally-not-a-bank they can simply stick their customers with the loss. (Paypal's customers are merchants, I don't mean end-consumers here.)
Getting back to Square, as long as they're not regulated like a bank, they will in the long term become more like Paypal in dealing with fraud. The founders may be able to delay or mitigate this with a strong organizational commitment to customer service, but that would be pretty unprecedented in the financial industry; the bottom line always looks better when the corporation can push fraud costs off of itself.
The same will be the case here: Unless the fraud takes on truly endemic proportions, far higher than for credit cards, they'll just eat the cost.