MCX defends CurrentC against Apple Pay controversy, says sensitive customer data is saved in the clo

Posted:
in General Discussion edited October 2014
As Apple Pay and Google Wallet users have joined together in an attempt to fight a consortium of retailers that have blocked NFC-based payments, the company behind the CurrentC mobile payment program has come out in defense of itself, saying that members of the public are "misinformed."




MCX posted a new blog post on Wednesday entitled "Answers to Your Questions," in which CEO Dekkers Davidson promoted his company's forthcoming CurrentC mobile payment service. A number of major retailers are partners in the program, and the contract forbids them from using alternative mobile payment services like Apple Pay.

But while CurrentC is an exclusive program, retailers who wish to stop working with MCX do not pay any fines, Davidson said. He also touted "key benefits" of the system, such as cross-platform compatibility, and the ability to integrate coupons, loyalty cards and payment methods into one "seamless transaction."

Davidson also addressed concerns about consumer privacy and data security, particularly considering the service taps directly into users' bank accounts rather than using credit cards. The CEO said that MCX will not store sensitive customer data within the application, and will instead save it on a "secure cloud-hosted network."

"Removing this sensitive information from the mobile device significantly lowers the risk of it being inappropriately disclosed in a case that the mobile device is hacked, stolen or otherwise compromised," Davidson wrote.

As for collection of consumer data, the MCX chief executive said users will be able to "make informed decisions" about their personal data through a privacy dashboard in the CurrentC mobile application. CurrentC will also comply with privacy laws required by the Health Insurance Portability and Accountability Act, or HIPAA.

"CurrentC does not collect any information from any other apps, or health information stored in the mobile device," Davidson said. The CEO also included a link to the CurrentC privacy policy, but as of Wednesday morning the page was broken, returning a 404 error.



MCX has found itself under fire after merchant partners Rite Aid and CVS began declining Apple Pay and Google Wallet NFC-based transactions this past weekend. Other MCX partners, including Walmart and Best Buy, have already announced they will not support Apple Pay.

The CurrentC payment system from MCX is set to roll out in 2015, and it relies on unique QR codes that are presented upon checkout. Unlike Apple Pay, which allows users to simply place their iPhone within proximity of a compatible terminal and authorize the purchase with their fingerprint, CurrentC requires users to unlock their device, launch the application, and have a retail employee scan the QR code displayed on their device.

The consortium is looking to bypass credit card network fees by linking directly to customers' bank accounts, which has raised some security concerns amongst critics. Apple's system instead works with existing credit card providers, allowing users to continue to receive the same points, benefits and rewards when completing transactions via their iPhone.

In addition to avoiding swipe fees, CurrentC enables purchase tracking and processing for loyalty programs, coupons and special offers to further boost MCX merchant sales.

Apple Pay launched on the iPhone 6 and iPhone 6 Plus last week, and users activated more than one million cards in the first 72 hours of availability. That means within just three days, Apple Pay became the largest contactless payments service in the U.S., outpacing services like Google Wallet which have been on the market for years.
«13456

Comments

  • Reply 1 of 104
    lkrupplkrupp Posts: 10,042member

    Oh well, then, all is forgiven. Our bad. Good luck. It will be much easier for me to pull out my iPhone, unlock the screen, launch the app, attempt to scan the QR code instead of just placing my finger on the TouchID button. Yeah, thats much better than ?Pay!

  • Reply 2 of 104
    If their solution is "better" then let it compete with Apple Pay. Tell all of the partners that the part about blocking Apple has been stricken.
  • Reply 3 of 104
    wingswings Posts: 261member

    "secure cloud-hosted network." Yeah, you know, like the one Target and Home Depot used.

     

    So once one server is hacked they get 50 million card numbers. Whereas they would have to hack 50 million separate iPhones to get the same reward, which so far as been unhackable.

     

    Smart move.

  • Reply 4 of 104
    MacProMacPro Posts: 19,500member
    If their solution is "better" then let it compete with Apple Pay. Tell all of the partners that the part about blocking Apple has been stricken.

    Excellent idea.
  • Reply 5 of 104
    MacProMacPro Posts: 19,500member
    wings wrote: »
    "secure cloud-hosted network." Yeah, you know, like the one Target and Home Depot used.

    So once one server is hacked they get 50 million card numbers. Whereas they would have to hack 50 million separate iPhones to get the same reward, which so far as been unhackable.

    Smart move.

    Yep, they may as well have a front page to that cloud saying 'Welcome' in Chinese and Russian.
  • Reply 6 of 104
    And the cloud is how secure? Just look at what happened to Chase having 76M retail customers and 6M business accounts compromised, and they are in the confidentiality business where MCX is retail oriented and the partners are its main focus not the consumer. As for keeping the data on the phone, if you are lax enough in your personal security and it's lost or stolen only one account could be compromised not millions. BUT, Apple has provided remote wipe capabilities that either disable remote payment or total erasure of personal data.
  • Reply 7 of 104
    Quote:

    Originally Posted by Wings View Post

     

    So once one server is hacked they get 50 million card numbers. Whereas they would have to hack 50 million separate iPhones to get the same reward, which so far as been unhackable.


     

    Not cards, bank account numbers.  And, theoretically, social security numbers.

     

    On the other hand, he did say the cloud hosted network was secure, so I'm sure it'll be fiiiine...

  • Reply 8 of 104

    LOL. The 'cloud'? Blithering fools.

     

    My one slight worry is that, their timeline (mid-2015) makes it more than likely they'll try and copy some of Apple's implementation of the payment system.

  • Reply 9 of 104
    Their 'solution' is a debit card.

    "Davidson also addressed concerns about consumer privacy and data security, particularly considering the service taps directly into users' bank accounts rather than using credit cards"

    Just what I need: my bank account floating out in the cloud. It's convenient for hackers and merchants but not customers.

    I'll never pay with a debit card due to the lack of consumer protection in the transaction. If someone get your bank account and routing, they can clean you out and the bank won't really do anything about it. This pay method is worse. It has all the warts of a debit card with added consumer tracking.

    Where's my fraud protection, extended warranty, price match and other credit card features?

    MCX = No Thanks
  • Reply 10 of 104
    Vote with your wallet. I just moved half a dozen prescriptions away from CVS. Not that I won't eventually test the CurrentC app in 2015 with Walmart, but if members of MCX aren't fined for "misbehavior" then many of them might defect on their own.
  • Reply 11 of 104
    freerangefreerange Posts: 1,595member
    wings wrote: »
    "secure cloud-hosted network." Yeah, you know, like the one Target and Home Depot used.

    So once one server is hacked they get 50 million card numbers. Whereas they would have to hack 50 million separate iPhones to get the same reward, which so far as been unhackable.

    Smart move.
    Actually worse than access to your credit card, which has fraud protections, they would be directly accessing bank accounts!
  • Reply 12 of 104

    "...a "secure cloud-hosted network."

     

    Hmmm... I wonder if Jennifer Lawrence would have anything to say about that.

  • Reply 13 of 104
    maestro64maestro64 Posts: 5,036member
    Yes it is safe in the cloud, and the cloud is safer thany lock inside some company's IT room which is not support to be connected to the internet. I think the thieves that hack Target got in using Target's third party HVAC maintenance companies computer which was also connect their internal IT network.

    He is also missing the point, the hacker are not steeling or hacking your phone, they doing whole sale theft, they hacking the data bases where all the information is stored.
  • Reply 14 of 104
    mjtomlinmjtomlin Posts: 2,573member

    So let's get this straight... They think it is somehow much better for them to alienate users of ApplePay and Google Wallet - the ONLY two groups of consumers that are actually using their mobile devices to make payments - the very same consumers you're going to need to make your service successful - rather than allow continued use on an infrastructure that's already in place?

     

    Do they honestly think that they're going to get all the people who do not currently use any kind of mobile payment system to start using theirs - just because they have a cross-platform app? And what's really stupid about touting that as an advantage, is that I don't need a mobile device at all to continue to use my debit card and yet it also happens to work with ApplePay on my iPhone.

     

    Unless they're also denying customers from using their credit and debit cards, there is absolutely no reason to deny them from using current mobile payment systems, which doesn't cost them anything more to support.

     

    ?This logic completely befuddles me.

  • Reply 15 of 104
    CurrentC is an absolute anti-consumer joke. A disaster on wheels.
  • Reply 16 of 104
    mjtomlinmjtomlin Posts: 2,573member
    Quote:
    Originally Posted by lkrupp View Post

     

    Oh well, then, all is forgiven. Our bad. Good luck. It will be much easier for me to pull out my iPhone, unlock the screen, launch the app, attempt to scan the QR code instead of just placing my finger on the TouchID button. Yeah, thats much better than ?Pay!




    The funny thing is, that when you get to... "pull out my iPhone, unlock the screen" that's the extent of ApplePay with TouchID. The same motion and amount of time it takes to unlock the screen is the same it takes to authorize payment.

  • Reply 17 of 104
    maestro64maestro64 Posts: 5,036member

    We know how this is going to work, for years we all have been badgered by the Retailer to use their CC or sign up for their loyalty cards, then is stop, i know why, they already knew who i was since they were databasing my information every time I bought from them. Now they going to badger me to use their new system verse using a CC or debit card since the banks starting next year will not allow them to gather the information off the CC or Debit card. I can not wait to shop again having these poor people at the counter continually ask me to sign up.

     

    No wonder I spend so much time shopping online these days,  

  • Reply 18 of 104
    sog35 wrote: »
    The CEO said that MCX will not store sensitive customer data within the application, and will instead save it on a "secure cloud-hosted network."

    Was that meant to be a joke?
    Of course not. Everything hosted on the Cloud is secure. He said so.

    /snort

    If you build it, hackers will come.
  • Reply 19 of 104

    "secure cloud-hosted network"

     

    Yeah. Right. I guess he wants us to forget about the recent hacks on Target, Home Depot and JP Morgan Chase.

     

    Let's see - the MCX database will contain

    - bank debit details and authorization

    - social security number

    - driver license info (presumably including birthdate)

     

    Am I alone in thinking that this database would be a big, fat, juicy target for hackers bent on identity theft?

  • Reply 20 of 104

    Correct me if I'm around, but isn't he misinformed with how secure the data is on the device? Isn't the Apple pay stuff stored on the same secure chip with the fingerprint info? Basically to use it you'll need the fingerprint of the owner of the phone. That doesn't seem particularly hackable

Sign In or Register to comment.