Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
CurrentC Alerts Users of Unauthorized Access to Email Addresses
- Thread starter MacRumors
- Start date
- Sort by reaction score
Really? So hackers didn't steal email information? You are saying that CurrentC is lying? Or maybe you are the one who doesn't have a clue.
Lmfao!!!!!! This is too good.
I feel like I'm watching a soup opera unfold.
Dun, dun, dun....what will happen next!?
Singing chicken noodle?
Since you understand it so well, how can a hacker, who hacks email, gain access to the middleware, the servers, and the processor servers (which are hosted by multiple sub systems and processor vendors?)
Please explain.
BTW: I get paid to build payment processor systems, which I why I felt the need to join this discussion.
Haha, wow.....I definitely want to give them my bank account number and SSN now!
Bring on Apple Pay and Google Wallet. Give customers what they want. Secure and hassle free payment options.
Bring on Apple Pay and Google Wallet. Give customers what they want. Secure and hassle free payment options.
The little guys (CVS, RiteAid) will jump ship first with the negative press, especially if Fox News covers it. Says a lot about a brand that aligns itself with a company that's so frivolous with personal data. They won't want the attention.
Walmart will bide it's time.
Well, technically MCX is storing your information (checking account number) and they pass the token to the retailers in order to process the transaction. You're right, it's not more or less safe than existing systems b/c they use the same credit card encrypting protocols that everyone else does.
But they don't create and store a token like
Pay does b/c that would require cooperation with the banks to create a unique identifier to replace the account number, which I doubt they have or will ever get.This doesn't really matter because most people won't make such distinctions. CurrentC's reputation will be ruined before it launches.
$500,000 is a small price to pay for a company wanting to avoid a huge amount of negative press once CurrentC loses customers' SSNs.
Most companies are switching to the RSA method which is the little pop up box you see asking for VMAAD data (CVV2 etc.) CVV2 cannot be stored anywhere its against the law and is the main number used for VMAAD or verification.
At this point in time it's probably not well protected at all, but there is also very little money to be made from it. So I'd say some bored hacker looking for a bit of light entertainment.
A professional trying to make money wouldn't have broken in _now_ but would have waited until it rolls out successfully. Which might be a long wait...
Switch
Why do people in the US seem to use Credit Cards for everything, don't you have Chip&PIN systems? Here in the UK we can already use our ATM cards to pay for stuff at the checkout using Chip&PIN. If you do this, the money is transferred from your checking account to the store directly, so does not involve a Credit Card company. A bit like the CurrentC system, without all the scanning hassles.
However, using this method, you don't have to give your bank or other details to any third party (unlike CurrentC) and this service is run by the banks themselves. I would guess the banks are charging the retailer for the service, as some smaller stores will not let you pay this way unless your purchase is above a certain amount, usually £5.
Clearly MCX can't operate this payment clearing service for free, so they are going to use data mined advertising, which means these stores are basically transferring their banking charges to their customers.
I am also wondering if the CurrentC system could be vulnerable to a Man-in-the-Middle attack. Where someone may be able to scan the QR code shown on your phone screen (perhaps with another phone) and then take money from your account using your code?
Finally, do you have these kinds of ATM cards in the US and if you do, can you store and use them with ApplePay?
Why do people in the US seem to use Credit Cards for everything, don't you have Chip&PIN systems? Here in the UK we can already use our ATM cards to pay for stuff at the checkout using Chip&PIN. If you do this, the money is transferred from your checking account to the store directly, so does not involve a Credit Card company. A bit like the CurrentC system, without all the scanning hassles.
However, using this method, you don't have to give your bank or other details to any third party (unlike CurrentC) and this service is run by the banks themselves. I would guess the banks are charging the retailer for the service, as some smaller stores will not let you pay this way unless your purchase is above a certain amount, usually £5.
Clearly MCX can't operate this payment clearing service for free, so they are going to use data mined advertising, which means these stores are basically transferring their banking charges to their customers.
I am also wondering if the CurrentC system could be vulnerable to a Man-in-the-Middle attack. Where someone may be able to scan the QR code shown on your phone screen (perhaps with another phone) and then take money from your account using your code?
Finally, do you have these kinds of ATM cards in the US and if you do, can you store and use them with ApplePay?
But they don't create and store a token like
As long as its PCI-DSS compliant people will store as much as they can, Apple included. Whether "they" store it or their vendor does, it doesn't matter. Its all in the way you market the product right!
Apple Pay is great BTW I just hate how people on this website acts as Parrots.
25% of the MCX members have been hacked. Who DIDN'T see this coming?
..And I suspect it will only get worse when and if anyone trusts them with bank account info, social security number, and driver's license number - the identity theft holy grail.
..And I suspect it will only get worse when and if anyone trusts them with bank account info, social security number, and driver's license number - the identity theft holy grail.
Frankly I don't care. Company A is asking for information I don't want to give to them - given the marketing desires of company A and the fact that they can't even hold on to email addresses securely, I'm not really all that confident.
I'm not giving Apple anything more than I already had given them - my credit card info (which is backed by fraud protection anyhow). If MCX wanted to do this by CC, that's fine. But then that makes their entire goal moot.....
Personally I don't dislike them or anything, they want to do business their way so be it, it's a free market. But, I won't use it, speaking from process wise CurrentC is just too many steps, and the whole linking to my bank account. I will still visit those stores, but I will simply use my good old credit card.
Don't think the merchants will leave as they are saving money on each customer transaction. This is the only reason they've decided to jump in bed with CurrentC.