Retailer-Backed ApplePay Rival CurrentC Has Already Been Hacked, So That’s Reassuring
On the bright side: Its app store rating can't get any lower.
CurrentC is quickly becoming a cautionary tale about trying to beat Apple and Google. The retailer-backed solution to paying for things with your phone has been practically one star reviewed into oblivion on the App Store and Google Play, and now it’s fallen victim to a hack before it’s even made an official debut.
Unlike ApplePay and Google Wallet, CurrentC makes use of scanning totally cutting edge and not at all outdated QR codes to show cashiers that you’ve paid for something. Doesn’t that sound easier than tapping your NFC-enabled iOS or Android device to the right spot at the cash register? Looks like users on the App store don’t think so:
But at least it’s totally secure, right? MCX (Merchant Customer Exchange), the company behind CurrentC, proudly proclaims, “Security at every level,” on the CurrentC site, but that didn’t stop hackers from stealing email addresses from beta users. Luckily, no other personal data was stolen, so the worst that is likely to happen is that these users will see an increase in the amount of “mail enhancement” emails in their spam folders.
For CurrentC, though, the hack might be more damaging. They’re already facing unfavorable public opinion over the fact that some stores have disabled NFC payments to cut off Google Wallet and ApplePay because they’re among the retailers involved with MCX—which Walgreens is loving, by the way:
Hey, iPhone 6 and 6 Plus users! The choice is yours: Use #ApplePay today at any of our stores! http://t.co/LXS01ntZEA pic.twitter.com/V0BifDtXJq
— Walgreens (@Walgreens) October 28, 2014
This email hack certainly isn’t going to make things any better for CurrentC, whether it was a severe breach or not. MCX acknowledged the incident on their blog:
Within the last 36 hours, we learned that unauthorized third parties obtained the e-mail addresses of some of our CurrentC pilot program participants and individuals who had expressed interest in the app. Many of these email addresses are dummy accounts used for testing purposes only. The CurrentC app itself was not affected.
We have notified our merchant partners about this incident and directly communicated with each of the individuals whose email addresses were involved. We take the security of our users’ information extremely seriously. MCX is continuing to investigate this situation and will provide updates as necessary.
I can only assume those updates will include, “Well, I guess that’s that,” and, “Goodbye, cruel world.”
(via TechCrunch, featured image via CurrentC)
- Adobe is in PR mode over GamerGate-related issues
- Google is planning a Gmail replacement, which should go over well
- Apple was embarrassed by an autocorrect fail
Are you following The Mary Sue on Twitter, Facebook, Tumblr, Pinterest, & Google +?
Have a tip we should know? tips@themarysue.com