Apple Pay rival CurrentC just got hacked
The mobile payments app — which isn’t even officially out yet — was created for the sole purpose of getting stores away from credit card fees they pay every time you swipe your card.
CurrentC partners CVS and Rite Aid made news earlier in the week for boycotting tap-to-pay technologies like Apple Pay and Google Wallet in favor of their own flavor of mobile payments.
On Wednesday, those taking part in the CurrentC pilot program received a warning from the consortium of anti-credit-card retailers called MCX, or Merchant Consumer Exchange: The program was hacked in the last 36 hours, and criminals managed to grab the email addresses of anyone who signed up for the program.
MCX confirmed the hack, adding what’s become a go-to line for any company that loses your data: “We take the security of our users’ information extremely seriously.”
It’s a rough start for an app that aims to be a competitor to Apple Pay and Google Wallet.
But MCX is free to share with marketers and other companies the rest of the data it collects: your name, home address, email, phone number and actual location at all times. Aside from payments, the app will also deliver coupons and help stores better track shoppers to target them for advertisements.
Apple doesn’t ask for your Social Security number. Google does. But that information is not passed on to retailers. MCX is itself a consortium of retailers.
This latest episode will give CurrentC critics — who cite Apple Pay as better, safer technology — even more ammunition. In an FAQ page, MCX claims “consumers’ privacy and data security are our top priorities.” This hack disproves that notion.
Cherian Abraham, a mobile payments expert, said this CurrentC hack is unfortunate but isn’t reflective of the security of the actual app itself. But it still doesn’t stack up to Apple Pay.
“Nothing comes close to the security apparatus Apple has created,” Abraham said.