I wrote a bit about the requested boycott of retailers that use CurrentC by Apple and Android fans who want the functionality and anonymity of the built-in phone payment systems that shipped with their phone. Well besides that retailers using CurrentC are data mining the hell out of you, it also appears that the service was rather easily hackable.
CurrentC, you may recall, asks for your Social Security Number along with several identifying pieces of information. While details of the hack seem to indicate the attackers only got a list of emails containing the current users of the payment platform, lapses in security that are discovered generally lead to discovering other bits of stolen information, so we might hear about some more information shortly.
The reasons retailers are wanting anything other than Apple Pay and Wallet are an attempt to save between 1.5 and 2.9% transaction fees charged by credit card processing agencies. These fees are actually lower for Apple Pay due to negotiated rates with banks, but CurrentC offers merchants data mining and significantly lower processing fees, so it’s been particularly interesting to larger retailers such as WalMart for whom 1% processing fees (and $473.1 billion in sales,) equate to a lot of money.
With Android and Apple users up in arms about this particular application, chances are we’ll be seeing a lot of scrutiny of the thing and a list of bugs, backdoors, and problems with it in the coming days. All probably things that the credit card agencies have gone through, but they’ve had 40+ years to get their act together and this software is barely out of the gate and the hate heaped on it is massive.
If you’re interested in seeing what this application does, other than lose your email address to hackers, check out their site. It’s a good idea for older phones without NFC, but it involves scanning a QR code off of your screen, and I don’t know how many of you have done this, but at least with barcodes that can be a total pain.[CNN Money]