Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

CurrentC Alerts Users of Unauthorized Access to Email Addresses

Judging by the timing, I'm betting who ever did it is pissed at the retailers who are blocking Apple Pay, doesn't like how CurrentC works, and wants to give a good example of why it's a bad idea.

And I'm sure it worked.But I'm not sure how many clueless who don't understand why it's a bad idea will clue in from it (they already signed up for it so they already showed they are willing to give away risky information).

----------
DJLC said:
Lolz. Yeah. A merchant-controlled cloud service is more secure than an encrypted secure enclave in my palm. This is stupid.
Click to expand...

Not to mention that a merchant's servers are a lot more appealing to a hacker than just one person's phone. One person's phone may or may not have good info to steal. A whole server full of bank account numbers and SSN's is gaurenteed to have not just one bit of good info, but a whole ton.

It's the difference between robbing random person on the street and going to a bank to robbing all the accounts in the bank. Except in this case the person on the street probably has at least as good security if not better than the bank. So where do you think the robber is going to go in that situation?
 
tigress666 said:
It's the difference between robbing random person on the street and going to a bank to robbing all the accounts in the bank. Except in this case the person on the street probably has at least as good security if not better than the bank. So where do you think the robber is going to go in that situation?
Click to expand...

"Because that's where the money is." - Bank robber Willie Sutton, when asked why he robbed banks.
 
bitslap47 said:
I learned a long time ago as a software developer... don't write one line of code or place a single binary in service anywhere until you have assessed your security needs and have designed a strategy.

When dealing with personal data, if you can't do it safely, don't do it until you can.

It can be a little time consuming, but its not that hard with some common sense.
Click to expand...

I understand what you're saying and in theory don't disagree, but unless you're in a small shop you're most likely working for a team with your own project deliverables. The network security from hackers is probably not within your scope. So if you're not writing a single line of code until you know such things you must have a quiet day with pissed off teammates and PMs. ;)
 
deputy_doofy said:
Also, it was proven that BoA customers were the only ones to have the "double payment" problem, thus squarely putting the problem and onus on BoA.
Click to expand...

And this topic's hack wasn't on MCX/CurrentC directly, but a third party email provider, which the MCX will likely dump. But since this isn't Apple, this wasn't well publicized. Still doesn't make them look good, but it wasn't their security that was breached.

I am curious about the social security and driver's license numbers though, whether they will store them or be used as one-time-only validity check. They need to clarify that.
 
Gutwrench said:
I understand what you're saying and in theory don't disagree, but unless you're in a small shop you're most likely working for a team with your own project deliverables. The network security from hackers is probably not within your scope. So if you're not writing a single line of code until you know such things you must have a quiet day with pissed off teammates and PMs. ;)
Click to expand...

I've been on teams large and small... security has always been everyone's responsibility, even within your own code modules or silos.

I feel it's something that should be built into the project cycle and part of the corporate tone, large, small, or one-man-band.

It's simple to have a team meeting and discuss what sensitive areas there are and that security needs to be a part of the fabric of the project.
 
bitslap47 said:
I've been on teams large and small... security has always been everyone's responsibility, even within your own code modules or silos.

I feel it's something that should be built into the project cycle and part of the corporate tone, large, small, or one-man-band.

It's simple to have a team meeting and discuss what sensitive areas there are and that security needs to be a part of the fabric of the project.
Click to expand...

Oookay. Thank you.
 
BruiserB said:
I just logged into my Target RedCard account and sent them this message:


I would like to cancel my Target RedCard. Please cancel the card immediately and remove ACH access to my checking account.

I am aware that Target is a member of the Merchant Customer Exchange (MCX) and it appears that you will be piloting the implementation of the CurrentC mobile payment platform and that it will be tied to your RedCard. As Apple has recently introduced their mobile payment solution ApplePay, I have become more informed on the different payment methods available through mobile devices. I am convinced that the security and ease of use of ApplePay far outweigh what CurrentC will be offering. Just this morning I read a story saying that CurrentC users' email addresses have possibly been compromised prompting me to write this e-mail request to cancel though I have been considering it for some time.

I also am disappointed that Target's participation in MCX precludes you from accepting ApplePay in stores. I hope Target of all companies realizes the need for the highest level of security in card transactions. I purchased a new iPhone with ApplePay in mind because I believe it will enhance the security of card transactions. I see that Target takes ApplePay in it's iOS app, so it's clear to me that you recognize that Apple has something to offer in this area. I am disappointed that your membership in MCX will prevent you from offering it as an in store payment method.

I probably would not be asking to cancel my RedCard if you had offered both ApplePay and later introduced CurrentC and allowed the two payment methods to coexist side by side. At least then, as a consumer, I would be able to choose which to use. However knowing that MCX wants to place the retailers' desire for consumer tracking ahead of the consumers' desire for transaction security has led me to make this request.

Please confirm to me by e-mail once you have closed my RedCard account and purged my checking account information from your database.

Regards,

BruiserB (I did put my real name here)
Click to expand...

Yesterday I got this response:

Hi BruiserB,

Thanks for contacting us!

We're sorry to hear that you want to close your account! We want you to know that once your account is closed, it can't be reopened.

If you wish to proceed, please give REDcard® Guest Services a call at (888) 755-5856. We're available 24 hours a day, 7 days a week.

Your enrollment in Manage My REDcard stays active until you cancel it. When you're ready to cancel your online enrollment, here's how:

-Under Settings, select 'Disable Access'
-Enter your password and then click on 'Disable Access'

Remember, you can access your account 24 hours a day, 7 days a week through Manage My REDcard®.

Sincerely,
Target Card Services
Click to expand...

I had a feeling that my note wasn't read by anyone with any authority as I just got the form letter back. I did call the number yesterday and cancelled over the phone. The person asked why and I told her. I also told her that I wanted to make sure it got passed on to upper management, so she also transferred me to the regular Target Consumer Feedback people and I left the same comment....that I wasn't opposed to Target being a member of MCX if it could co-exist with also accepting ApplePay. But since MCX is not allowing them to take ApplePay in stores, that I want to cancel the REDcard which is essentially a MCX product. The consumer response people seemed to understand what I was saying and they took note of my comments. Hopefully they will be seen by people in authority. I really like Target and hate to see them part of this!
 
machtv said:
not telling you to post every single mcdee's. all the mcdonalds in the workd only count as 1. same goes for subway it only counts as 1. btw subway and wallgreens also take bitcoins lol..
Click to expand...

1. We're clearly not counting the same way.

2. [citation needed]
 
BruiserB said:
Yesterday I got this response:



I had a feeling that my note wasn't read by anyone with any authority as I just got the form letter back. I did call the number yesterday and cancelled over the phone. The person asked why and I told her. I also told her that I wanted to make sure it got passed on to upper management, so she also transferred me to the regular Target Consumer Feedback people and I left the same comment....that I wasn't opposed to Target being a member of MCX if it could co-exist with also accepting ApplePay. But since MCX is not allowing them to take ApplePay in stores, that I want to cancel the REDcard which is essentially a MCX product. The consumer response people seemed to understand what I was saying and they took note of my comments. Hopefully they will be seen by people in authority. I really like Target and hate to see them part of this!
Click to expand...

You asked to cancel the card & WHINED!
So they cancelled your card, AS REQUESTED!
Why would any corporation want to tend to whining customers who haven't encounter an issue but "envision" issues happening to them. This raises a red flag that you may have boogieman issues.

You are a mere grain of sand in a ocean of beaches.
Your voice was not heard or will be acknowledged.
They just want you to go away, which they were happy to oblige.

Thanks for sharing your story.
 
BruiserB said:
Yesterday I got this response:



I had a feeling that my note wasn't read by anyone with any authority as I just got the form letter back. I did call the number yesterday and cancelled over the phone. The person asked why and I told her. I also told her that I wanted to make sure it got passed on to upper management, so she also transferred me to the regular Target Consumer Feedback people and I left the same comment....that I wasn't opposed to Target being a member of MCX if it could co-exist with also accepting ApplePay. But since MCX is not allowing them to take ApplePay in stores, that I want to cancel the REDcard which is essentially a MCX product. The consumer response people seemed to understand what I was saying and they took note of my comments. Hopefully they will be seen by people in authority. I really like Target and hate to see them part of this!
Click to expand...

Is Target not taking Apple Pay at the moment? Did they pull a CVS? Dod you ask if they planned on staying in the consortium or what their plans actually were?

Your email and phone call seems premature to me. But what you do is really none of my business. I'm only commenting since you chose to vent here.
 
samcraig said:
Is Target not taking Apple Pay at the moment? Did they pull a CVS? Dod you ask if they planned on staying in the consortium or what their plans actually were?

Your email and phone call seems premature to me. But what you do is really none of my business. I'm only commenting since you chose to vent here.
Click to expand...

They didn't pull a CVS, they have never turned on NFC Payments. But they are a founding member of MCX and the REDcard is exactly what MCX is offering....a loyalty card with direct access to your checking account through ACH. I have also heard through these forums that Target is currently piloting the CurrentC app with users in Minneapolis and the REDcard is taken as a payment method within CurrentC. Therefore I believe that Target will be one of the first to roll out CurrentC.

Target does take ApplePay within their App Store app. They are actually an ApplePay partner, but not for in store purchases. Since Target actually has a toe in the ApplePay water, I wanted to make clear to them that I want them to support it in stores as well. I am aware that their agreement with MCX prohibits that, but I also know that MCX is nothing but the retailers who are it's members....so they can change the rules if they want.

I told them my reason for cancelling the REDcard was that I was aware that they are a member of MCX and that that would prohibit them from taking ApplePay in store. I told them that I respected their decision to offer the REDcard and to be part of MCX but that I was opposed to their decision to not allow their customers to choose how to pay. I said that if Target were to choose to offer both ApplePay and CurrentC in store, I would not be closing my account. I was very courteous and polite with the customer service agents and they were with me. I was careful to not come across as angry or whining, just concerned and unhappy with their decision to support MCX's exclusivity agreement.

I may be a bit premature, but I also think I'm striking while the iron is hot. Management is certainly aware of the bad press that CVS and RiteAid have gotten. They are somewhat open to ApplePay as they have decided to give it a try in their app. If they start to see consumers taking notice before they even roll out CurrentC, it could make them nervous enough to go back to MCX and be a voice for allowing CurrentC and ApplePay to be offered along side each other. I have no problem with them doing that. But as a consumer I want a choice of how to make my payment. Ultimately I would like to see Target do what Meijer has apparently done....participate in both programs. It's unclear if Meijer's position with ApplePay has actually forced them to leave MCX, but yesterday's statements by MCX would seem to indicate that (as they said that retailers could leave MCX but that they cannot take ApplePay and stay members).
 
Last edited:
nsayer said:
1. We're clearly not counting the same way.

2. [citation needed]
Click to expand...

ok i'll bite we will count your way then. show me the numbers. as far as total McDonalds,Walgreens and Subway and any other place that takes apple pay. and i guarantee you i will produce a list of bitcoin merchants that will blow that number out of the water. seeing as out of thoes 3 merchant bitcoin works at 2 of them which only leaves you with 1 big fish that being McDonalds. bitcoin will have no problem squashing thoes McDees numbers. i will wait for your numbers then produce mine.
 
machtv said:
ok i'll bite we will count your way then. show me the numbers. as far as total McDonalds,Walgreens and Subway and any other place that takes apple pay. and i guarantee you i will produce a list of bitcoin merchants that will blow that number out of the water. seeing as out of thoes 3 merchant bitcoin works at 2 of them which only leaves you with 1 big fish that being McDonalds. bitcoin will have no problem squashing thoes McDees numbers. i will wait for your numbers then produce mine.
Click to expand...



"WTF is Bitcoin?"
- Ninety% of all people
 
bawbac said:
You asked to cancel the card & WHINED!
So they cancelled your card, AS REQUESTED!
Why would any corporation want to tend to whining customers who haven't encounter an issue but "envision" issues happening to them. This raises a red flag that you may have boogieman issues.

You are a mere grain of sand in a ocean of beaches.
Your voice was not heard or will be acknowledged.
They just want you to go away, which they were happy to oblige.

Thanks for sharing your story.
Click to expand...

He didn't whine. He exercised his right to walk from Target Redcard. They asked why he leaving and he told them. *shrugs* If they didn't care, they would not have asked why. Whether they take action on the reason he was leaving .... well, the ball is in Target's court. Corporations actually sometimes do care why customers stopping using their products. Sometimes, it something they can fix or sometimes they can't.
 
I'll continue to shop at Target and use my REDcard too. I like Target's products and most of their product pricing. I also like their employees and cleanliness. And I like the REDcard discount and it's 1% kick to my daughter's school. If Target offered ApplePay I wouldn't use it there for those reasons. I will shop at Walgreens and drive past CVS.
 
nsayer said:
If Karma is a thing, then why do 5-year-olds get terminal leukemia?
Click to expand...

Yikes, simple joke got twisted around...

Pretty sure emails being stolen had nothing to do with children having a terrible disease...
 
This basically is 'walking in the wilderness... than stick to the road that is lit safely..'

A turn for trouble..

CurrentC doesn't want to use Apple Pay, but it reckons its system is more secure ? If so, then why was it hacked *before* it was even public.

A recipe for total disaster.

Your ISP's knows more about you by the way....
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back