Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
exclusivity is the problem

why all the hate on CC just because they are doing things different. if someone wants to use CC then let. no need to have hatred towards them

The issue is that MCX has required merchants to use CurrentC exclusively. This means that there is no choice at those merchants. It's not just a matter of someone wanting to use CurrentC at Wal-mart and someone else wanting to use Apple Pay. There's no choice.

Obviously the technology is there at Rite-Aid and CVS to allow Apple Pay to "just work" without any effort on the part of the Rite-Aid or CVS.
 
Since you understand it so well, how can a hacker, who hacks email, gain access to the middleware, the servers, and the processor servers (which are hosted by multiple sub systems and processor vendors?)

Please explain.

BTW: I get paid to build payment processor systems, which I why I felt the need to join this discussion.

Unless you were paid to build CurrentC, you can't speak to the security controls that they may or may not have.

I have no doubt that you "get paid to build payment processor systems". What we are calling into question is the architecture that CurrentC has used in THEIR specific system.

We do know, for a fact, that if someone tries to login with a valid known email address, but a bad password, the response from the CurrentC server includes all sorts of private information, such as phone numbers, physical addresses, last known device ID, and over a dozen other pieces of information. Now we also know that a list or portion of email addresses were stolen from CurrentC. So we know that list can be used to query additional information (NOT at this point financial information, but still PII)

So, if CurrentC is going to respond to a INVALID LOGIN ATTEMPT with actual PRIVACY INFORMATION (albeit not financial, as far as we know) please explain to me why we would trust them any further?

I get your point that accessing front end crap and actual compromising a database with significant financial information is two totally different things, and its (hopefully) a lot harder to get to the databases... but CurrentC has already proven they don't use the very basic of security controls.

And who is to say that a hacker can't simply steal a device ID, which is not a token and does not change, and act as a "man in the middle" to push requests and get money into their own account? Too much data is going between the phone and CurrentC. It's not a closed system between a retailer and their CC processor. Its an open system between a consumer device and CurrentC, and in that open system, "man in the middle" attacks are MUCH easier.
 
CurrentC needs to be operated as securely as any bank and that security includes its list of customers.

Banks get hacked every single day, companies get hacked every single day, your government was hacked and had secrets spread all over the world.
 
Frankly I don't care. Company A is asking for information I don't want to give to them - given the marketing desires of company A and the fact that they can't even hold on to email addresses securely, I'm not really all that confident.

I'm not giving Apple anything more than I already had given them - my credit card info (which is backed by fraud protection anyhow). If MCX wanted to do this by CC, that's fine. But then that makes their entire goal moot.....

Just all of this....... They can't hold my email address in this very small phase of the entire project, and they expect my entire identity to be stored via their cloud? Not to mention almost every big name in MCX has already been hacked.....

I love that I can now go to Circle K and Walgreens, anyone who accepts NFC, and not even my credit card info is passed along.... Can't beat that, sorry.
 
Because what I am showing you is the folly in the ideology that a companies email is hacked therefore their processing system is faulty. When Apple gets hacked its the users bad passwords but with CurrentC its because they are stupid failures.

Why should we believe you! Let's stick to the facts :apple:pay= consumer CurrentC=merchants.
 
Banks get hacked every single day, companies get hacked every single day, your government was hacked and had secrets spread all over the world.

I agree.... this is why so many companies are focusing on controlling less of our data. Not just to be "nice" but it relinquishes their fault. Even CurrenC is trying this, the problem is their faults come down to the consumer. NFC and Apple Pay falls on the banks. And I wonder why they charge a fee?
 
Looking back to the GP post, however... that reckoning doesn't happen on a "this week" sort of timeframe.

Uhh...it can. All it takes is a good nosedive in stock price. Not saying that will happen in this case but it's not like a company has to wait until the annual shareholder's meeting to recognize an error in their ways.
 
Reading comp my friend... "another word" meaning it could necessarily mean third party. In processing cards... it refers to the service (Ogone, etc.)

Logic, my friend. "Could necessarily mean" is not the same as "means." Refer to your original post. And as a counter to your underlying point - VISA's cloud, just for one example, is hosted at third party data centers, true, but it is still a private cloud.
 
I agree.... this is why so many companies are focusing on controlling less of our data. Not just to be "nice" but it relinquishes their fault. Even CurrenC is trying this, the problem is their faults come down to the consumer. NFC and Apple Pay falls on the banks. And I wonder why they charge a fee?

Good point. All these people bowing down to Apple forget Apple is just essentially hosting a service... for the banks.

----------

Logic, my friend. "Could necessarily mean" is not the same as "means." Refer to your original post. And as a counter to your underlying point - VISA's cloud, just for one example, is hosted at third party data centers, true, but it is still a private cloud.

Huh?
 
Facts huh. This is why this place always makes me laugh. Facts here are anyone that is loyal to the almighty Apple.

No one has a gun to your head:eek: but yes your finally figured out that this is a Apple enthusiast forum. You nailed it!
 
I really do kinda feel sorry for the MCX consortium. They made a nice effort to come up with their own little system, that they thought might benefit both them and consumers with coupons, etc., and out of nowhere comes Apple Pay, and all the hacks to store databases the last couple of years, and it's kind of the perfect storm to sink their plan, poor things.

The CurrentC thing would really need to be bulletproof nowadays for people to trust giving up that sensitive info.
 
No one has a gun to your head:eek: but yes your finally figured out that this is a Apple enthusiast forum. You nailed it!

Exactly. I am an Apple enthusiast. Own nothing but Apple products and worked for the giant fruit company for 7 years.

That does not mean I have blind allegiance.
 
I used ApplePay for the first time at Walgreen's yesterday and it was SO EASY. The girl at the register was even amazed by the simplicity. She said that was her first time seeing it in person (as was mine too haha).

Funny thing, I never realized cabs had NFC readers. I paid for my fare w/ :apple:Pay and started getting out of the cab, the driver started screaming at me, hey, you didn't swipe your card! I looked at him and he turned, saw my generous tip and thanked me.
 
why all the hate on CC just because they are doing things different. if someone wants to use CC then let. no need to have hatred towards them

I agree. But your statement should go both ways.

"If you want to use Apple Pay, Google Wallet, or Softpay, then let them"

Unfortunately, CurrentC didn't get the memo and forbids it's service to be available if NFC is available. Therefore, GAME ON.
 
I know that the Target hack cost me literally dozens of hours of my life I'll never get back, trying to straighten out my checking account.

Your assumption that customer financial information is secure with retailers shows that, at best, you're drinking the Kool-aid.

Luckily the target hack only affected my Amex which has kick ass fraud protection but it did suck ordering a new card, cause my new card came activated and that got stolen, when the UPS man claims he left it on my doorstep. Kinda funny cause I was home that day with my daughter and trimming the hedges at the time they claimed it was dropped off. Then my new card went on a shopping spree. But thank you Amex for the quick action and reimbursement.

Fyi, if you order a new card and request next day delivery, the card comes preactivated! Be careful. Banks do this for convenience which is highly incompetent.
 
Exactly. I am an Apple enthusiast. Own nothing but Apple products and worked for the giant fruit company for 7 years.

That does not mean I have blind allegiance.

Your join date October 2014 hummmmmmmm;) if your lookin to change minds here good luck.
 
Facts huh. This is why this place always makes me laugh. Facts here are anyone that is loyal to the almighty Apple.

What you are saying is all facts, because you stand upto Almighty Apple? Whilst others are simply fanboys? Right. Got it now...
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.