Apple has launched their their new digital wallet service, but not all North American retailers are on board with the new service. Retailers that are members of the Merchant Customer Exchange (MCX) organization are developing an alternative based around an app that uses visual QR codes. The app is called CurrentC, and is currently in a pilot program scheduled to last through the end of 2014.
MCX members include Walmart, 7-11, Best Buy, Rite Aid, CVS and Target. Merchants that sign up for CurrentC cannot use other digital wallet services. Members that previously had the near-field communication (NFC) hardware used by Apple Pay and Google Wallet have removed it from their stores, a move that has upset some Apple and Android users.
Why Do Some Retailers Want CurrentC Over Apple Pay?
There are three major reasons. The first is Apple Pay still uses credit cards, meaning retailers must pay up to 3% percent of the charged amount to the credit card issuer. CurrentC access the user’s bank account directly, meaning the retailer can keep more of the money.
The second is due to the importance retailers place on customer data and demographics information. CurrentC collects and shares more data about the people who use it than Apple Pay and other digital wallet services. Customers can set their privacy levels in the app, but most will probably just leave it at the default settings. The MCX has claimed CurrentC has better security than its competitors, but whenever there’s valuable information there are people looking to steal it.
The third reason relates to hardware costs. Retailers that want to use services like Apple Pay must install expensive NFC readers at each register. In contrast, CurrentC is software-based and uses the same technology as the familiar UPC barcode. When retailers start changing over to more secure credit cards next year, those that have not signed up with a digital wallet service may opt to go with NFC when they upgrade.
On October 29th, the MCX announced CurrentC unknown hackers had broken into the service and gained access to user email information. The MCX PR agent claimed many of the email addresses were dummy accounts used for testing, and no other customer data was stolen. They also stated neither the CurrentC app or user devices were affected.
Stealing email addresses isn’t a serious breach in itself, but it is an embarrassment to the fledgling organization. Especially given Walmart specifically stated they went with CurrentC over Apple Pay due to better security. It could also show the MCX needs to focus on securing the information they are storing.
If you choose to use CurrentC on your device, make sure you browse through the security dashboard and disable the settings you don’t want to share.
Visit www.CyberSecurityDictionary.com for linked terms in this blog and many more definitions.