Rite Aid Disables Apple Pay Support After Initially Accepting Payments

[Keirasplace]

Old =/= not tech savvy, and young =/= tech savvy. I'm sixty five and regularly explain how to use computer/tech gear to the 20 and 30 year olds I know. Don't assume that the generation that invented the modern personal computer and the Internet doesn't understand smart phones.

Considering today's tech is way easier to use than the one in the 1980s and 1990s, I always find it very funny that anyone think the kids these days are tech savvy. Have you really talked to them about how those devices they're using work? Do they know anything about how they work?

NOT A CHANCE.

Someone who has had a personal computer since 1987 like my mother (Born 1947), knows a lot more about computers and tech than them. She's now used Windows all versions from 3.0 to 8.1 AT HOME, plus had to deal with dos 3.3 and 4.0 and all those ugly memory managers and network stacks! She started using a PC in 1987 (at 40). She doesn't have a tech degree, she basically graduated high school in the 1965 and that'S it; but she could run around those young guns on just about anything tech.

 

[jw2002]

I'll stick with regular credit cards. Simple, secure, and if something happens, they refund the money. Nothing new in Apple Pay that does anything but increase how much time I'll spend messing with things.

100% wrong. You don't understand how Apple Pay works. Exactly which part of Apple Pay will you be spending time "messing with thing"? Touch ID? Holding up the iPhone? Take a look a the demos of how it works. Look at the security analysis of how the transaction occurs. Then get back to us about how clunky old credit cards are faster and more secure.

 

[BruiserB]

None yet. But unless people start wearing gloves when touching their phones, it's plausible.

So hypothetical (or plausible) fraud costs the credit card companies as much as actual fraud?

 

[notabadname]

Tried that web link. Spent a few minutes typing up all my info and a response. Failed.
Why, my valid email address apparently is not valid to them. It's an apple email.
Whatever.

It accepted mine, which is a .mac account as well.

 

[BruiserB]

Considering today's tech is way easier to use than the one in the 1980s and 1990s, I always find it very funny that anyone think the kids these days are tech savvy. Have you really talked to them about how those devices they're using work? Do they know anything about how they work?

NOT A CHANCE.

Someone who has had a personal computer since 1987 like my mother (Born 1947), knows a lot more about computers and tech than them. She's now used Windows all versions from 3.0 to 8.1 AT HOME, plus had to deal with dos 3.3 and 4.0 and all those ugly memory managers and network stacks! She started using a PC in 1987 (at 40). She doesn't have a tech degree, she basically graduated high school in the 1965 and that'S it; but she could run around those young guns on just about anything tech.

Can you stop my VCR from blinking 12:00? And can you start taking my sister's (born 1948) tech support calls?? She's worried about how to change her SIM card when she switches from ATT in a few days!!! Unfortunately a lot of people of all ages ARE clueless. But that doesn't mean that a lot of us do have a clue!

I do fully expect my sister will be bragging to all of her friends about how she saved $40 a month on her cell phone bill just by changing her SIM card! Then I'll be getting calls from her asking me to explain it to them!

 

[flyinmac]

If you've never been inconvenienced by having your account number stolen, and having to do without the card while you wait for a replacement, I can see why you'd be a hard sell.

But your objections ring hollow to those of us who have had our data compromised. I'm in that situation now.

You have a chance at convincing those who feel the current swipe and sign or the coming chip and sign are secure enough. That group is going to be shrinking as time goes on.

I've had my credit card replaced... for example, the Target store issue... My card was never compromised, but because a computer was compromised, my credit card company just sent a new credit card to all of their members on their own. A simple proactive solution. I received a card in the mail, and was like oh, new card, cool.

Choosing who you do business with, picking a card company who is proactive, a place you can walk into in person if you want, goes a long ways towards security.

Signing contracts and obtaining cards from places with no local presence, not reassuring. Likewise, Apple Pay not very reassuring... The only people who matter when there's a problem are not anywhere that they have to deal with me face to face.

I can tell you that my credit card company has shown more proactive support than Apple has demonstrated at any point in it's history. Apple is a deny, deny, deny company who won't admit fault for anything until there is a class action suit pending. I've seen how they duck the blame on hardware issues. Is that the company I want involved in protecting my money, not really.

Now, a credit card who has a local location that I can walk into and get high level executives to sit with me, issues me a replacement card before I even realize I might need one, audits all cardholder's charges on their own when they believe something could have affected one of their customers, and calls me if they think something might need to be handled, now that's a proactive security system.

People who blindly trust their money to faceless entities will continue to purchase Band-Aid after Band-Aid and keep trying to find some way to increase their protection level by adding more and more parties to the equation. Only problem, is that the more people you involve, the more opportunities there are to compromise your information.

 

[Keirasplace]

He just wants to wave his torch and pitchfork at something new and foreign that he has little understanding of. Having done security analyst work I understand how powerful 1 time tokens are in systems like these.

They are not immune from attack but are extremely difficult to attack.

They could be attacked if you actually knew how they were created in that moment. But, I don'T see that happening. That's the beauty of these things.

Though there has been really supposedly secure protocols in WIFI that were eventually breached by snifing long enough on an access point. So, I'd never say never. But, the latest ones though are pretty good.

 

[doelcm82]

And then you can spend your time launching apps, and getting things ready for the cashier instead of relaxing.

I'll stick with just setting my store card and credit card on the counter and let the cashier mess with running them when it's time. Or, my favorite... use a store discount card which also has store credit. One card, simple. I drop it on the counter, they bag my stuff, they swipe the card, then when everything is back in the cart, I walk away having enjoyed 5 minutes of relaxation doing nothing. It's a nice treat.

With Apple Pay, you don't have to launch an app. When it's time to pay, hold the phone near the pin pad, and put your thumb on the Touch ID pad. It's easy to get the hang of it, and it's so relaxing to do.

 

[jw2002]

Yeah... ummm.... let's see, an untraceable method of payment provides me more protection? I'd say it provides me less chance of proving I didn't initiate the charges once it's compromised.

There is nothing inherently more secure about Apple's payment method. It just provides new ways to get at my payment information by electronic means.

Wrong again on both counts! There is nothing "untraceable" about the transaction. Apple Pay isn't Bit Coin. The merchant simply doesn't see your credit card info. Yet the transaction is still logged. In fact, you can even use Apple Pay to get refunds from the same merchant that you bought stuff from! And finally, Apple Pay is leaps and bounds more secure than the soon to be antiquated method of providing merchants with your credit card number, expiration date, and security code.

 

[doelcm82]

I've had my credit card replaced... for example, the Target store issue... My card was never compromised, but because a computer was compromised, my credit card company just sent a new credit card to all of their members on their own. A simple proactive solution. I received a card in the mail, and was like oh, new card, cool.

Choosing who you do business with, picking a card company who is proactive, a place you can walk into in person if you want, goes a long ways towards security.

Signing contracts and obtaining cards from places with no local presence, not reassuring. Likewise, Apple Pay not very reassuring... The only people who matter when there's a problem are not anywhere that they have to deal with me face to face.

I can tell you that my credit card company has shown more proactive support than Apple has demonstrated at any point in it's history. Apple is a deny, deny, deny company who won't admit fault for anything until there is a class action suit pending. I've seen how they duck the blame on hardware issues. Is that the company I want involved in protecting my money, not really.

Now, a credit card who has a local location that I can walk into and get high level executives to sit with me, issues me a replacement card before I even realize I might need one, audits all cardholder's charges on their own when they believe something could have affected one of their customers, and calls me if they think something might need to be handled, now that's a proactive security system.

People who blindly trust their money to faceless entities will continue to purchase Band-Aid after Band-Aid and keep trying to find some way to increase their protection level by adding more and more parties to the equation. Only problem, is that the more people you involve, the more opportunities there are to compromise your information.

That sounds like a lot of work. Apple Pay is a lot easier to set up than going into banks and demanding to meet with high level executives.

 

[tmiw]

So hypothetical (or plausible) fraud costs the credit card companies as much as actual fraud?

Eventually. Fact is, Apple Pay will get hacked. It might not happen for an incredibly long time and we might all be using something else by then, but it will.

 

[Mukist]

I've had my credit card replaced... for example, the Target store issue... My card was never compromised, but because a computer was compromised, my credit card company just sent a new credit card to all of their members on their own. A simple proactive solution. I received a card in the mail, and was like oh, new card, cool.

Choosing who you do business with, picking a card company who is proactive, a place you can walk into in person if you want, goes a long ways towards security.

Signing contracts and obtaining cards from places with no local presence, not reassuring. Likewise, Apple Pay not very reassuring... The only people who matter when there's a problem are not anywhere that they have to deal with me face to face.

I can tell you that my credit card company has shown more proactive support than Apple has demonstrated at any point in it's history. Apple is a deny, deny, deny company who won't admit fault for anything until there is a class action suit pending. I've seen how they duck the blame on hardware issues. Is that the company I want involved in protecting my money, not really.

Now, a credit card who has a local location that I can walk into and get high level executives to sit with me, issues me a replacement card before I even realize I might need one, audits all cardholder's charges on their own when they believe something could have affected one of their customers, and calls me if they think something might need to be handled, now that's a proactive security system.

People who blindly trust their money to faceless entities will continue to purchase Band-Aid after Band-Aid and keep trying to find some way to increase their protection level by adding more and more parties to the equation. Only problem, is that the more people you involve, the more opportunities there are to compromise your information.

You are still dealing with your bank, no faceless companies are involved. Apple is not even involved when it comes to the transaction, all they are doing is providing a platform for which banks can let their members use their money more securely. Yes they are getting paid for the banks and consumers to use their platforms when transactions are made. You still walk into your bank for fraudulent charges and they still sort it out.

Your argument holds no merit.

 

[BruiserB]

I've had my credit card replaced... for example, the Target store issue... My card was never compromised, but because a computer was compromised, my credit card company just sent a new credit card to all of their members on their own. A simple proactive solution. I received a card in the mail, and was like oh, new card, cool.

Choosing who you do business with, picking a card company who is proactive, a place you can walk into in person if you want, goes a long ways towards security.

Signing contracts and obtaining cards from places with no local presence, not reassuring. Likewise, Apple Pay not very reassuring... The only people who matter when there's a problem are not anywhere that they have to deal with me face to face.

I can tell you that my credit card company has shown more proactive support than Apple has demonstrated at any point in it's history. Apple is a deny, deny, deny company who won't admit fault for anything until there is a class action suit pending. I've seen how they duck the blame on hardware issues. Is that the company I want involved in protecting my money, not really.

Now, a credit card who has a local location that I can walk into and get high level executives to sit with me, issues me a replacement card before I even realize I might need one, audits all cardholder's charges on their own when they believe something could have affected one of their customers, and calls me if they think something might need to be handled, now that's a proactive security system.

People who blindly trust their money to faceless entities will continue to purchase Band-Aid after Band-Aid and keep trying to find some way to increase their protection level by adding more and more parties to the equation. Only problem, is that the more people you involve, the more opportunities there are to compromise your information.

So you don't expect Chase, or Citi, or Wells Fargo, or AMEX to continue to support you just because they chose to select Apple as a provider of enhanced security? You are still dealing with the same provider of credit and they will still continue to back you against fraudulent transactions. How do you think their alignment with Apple will change this?

And I wouldn't be surprised at all if your local bank is among the 500 who have signed on for future implementation!

 

[BruiserB]

I've gotta admit I'm kind of loving this as the anti ApplePay folks come up with more and more implausible reasons to hate on it! I wish I were an Apple shill as I'd be getting paid handsomely. Instead I'll just be a satisfied customer and will wait for future rewards as a shareholder.

 

[Mukist]

They could be attacked if you actually knew how they were created in that moment. But, I don'T see that happening. That's the beauty of these things.

Though there has been really supposedly secure protocols in WIFI that were eventually breached by snifing long enough on an access point. So, I'd never say never. But, the latest ones though are pretty good.

Yep, point being It's more secure than our current system is right now. There is no reason for anyone to say they trust magstrip credit and debit cards more than they trust mobile payments systems from either google or apple.

 

[notabadname]

The current system is rarely compromised. . . . . .

. . . . There is nothing inherently more secure about Apple's payment method. It just provides new ways to get at my payment information by electronic means.

Wow, you simply could not be more incorrect. Billions in fraud, well documented, because of how insecure the current credit card system is. Target and Home Depot are only the most recent massive breaches of credit card data. An Apple Pay transaction would've been immune to that type of breach. The U.S. normally doesn't even used chipped cards yet. If you buy products over the phone, all you need is the info on the face of the card, name, number and expiration. That's why the fraud is so easy. Even if you deny the charges, it is still stolen money that the Card provider pays, and passes the costs back to the consumers in higher fees, or lower interest on savings, or higher transaction fees. All fraud, costs ALL of us, even though the person holding the card is not liable for the charges (normally). You need to read up on how NFC payments work and why they prevent fraud, and Apple Pay is another step stronger due to biometric of fingerprint, which prevents anyone else from using your phone to pay.

 

[BvizioN]

it just works.

It doesn't, when you don't read the article.

 

[flyinmac]

Oh, right... Anecdote trumps what the credit company know, and the thousands of different news items about identity theft, security breaches, etc. Bravo for pushing a non sensical argument. You never lost anything, so it cannot and will not happen.

Funny that you would assume I know nothing about Identity Theft. Yeah, the stuff on TV where they try and sell you Identity Protection... yeah that's useless.

Grabbing a credit card number doesn't lead to your identity being fully compromised. People knowing your other information is more useful. Trust me, I know. And, it's a lot harder to recover from than if they had just swiped my credit card number.

I've dealt with the federal government, numerous agencies, etc. And, got it all straightened out over time. But, it didn't start with a credit card number that someone swiped, that would have been extremely easy to correct.

It comes from someone having access to your other information. Things like social security numbers, addresses, full legal name, date of birth. That's all you need, and you're in business.

And, that information is far easier to obtain than your credit card number, I know.

I'd actually rather plaster my credit card number on every sign in town than fill out the forms that ask for your name, address, telephone number, social security, date of birth, etc.

Unfortunately, it is usually someone you have personally met, are otherwise related to, a government agency who's records were compromised, a medical record that was compromised, etc. that commits this offense.

Give me credit card fraud any day. 30 seconds and it's fixed.

 

[Jvanleuvan]

I think rite aid is making a mistake here. From what I understand of CurrentC, it's likly going to be a non-starter. It isn't really a new payment system, like apple pay or Google wallet, but more of a new card brand. It only support "store branded" cards and gift cards, like a wall-mart card. People have existing relationship with their credit card company, they may have, maybe high limits, good rates, transferred ballances, and most of all, the "perks" Such as miles, or cash back, etc.

Now, I think we are just on the cusp of a new paradigm in payment, simmilar to when we switched from cash only to credit/debit, if a store didn't take credit in 1988, it wasn't too big a deal, but today, even the taco truck takes credit.

Now, not today, or tomorrow, but in The coming years, people will expect to be able to pay with their device, and may not have any other form of payment on them.

Now, I know, that currentC WILL support "smart device payment". BUT NOT with the cards I already have. I have to get a new "walmart card". So if I need to shop at a currentC location, I have to use my "old fashioned" plastic cards.

Eventually this may put the currentC vendors is the same place as a cash-only vendor today. As a second-choice.

 

[Mukist]

Wow, you simply could not be more incorrect. Billions in fraud, well documented, because of how insecure the current credit card system is. Target and Home Depot are only the most recent massive breaches of credit card data. An Apple Pay transaction would've been immune to that type of breach. The U.S. normally doesn't even used chipped cards yet. If you buy products over the phone, all you need is the info on the face of the card, name, number and expiration. That's why the fraud is so easy. Even if you deny the charges, it is still stolen money that the Card provider pays, and passes the costs back to the consumers in higher fees, or lower interest on savings, or higher transaction fees. All fraud, costs ALL of us, even though the person holding the card is not liable for the charges (normally). You need to read up on how NFC payments work and why they prevent fraud, and Apple Pay is another step stronger due to biometric of fingerprint, which prevents anyone else from using your phone to pay.

His arguments seem to be extremely ill-informed, I have tried to explain exactly this myself but I keep getting replies with even more ill-informed comments.

 

[bushman4]

ApplePay offers better security than is currently available.
but getting back to topic, RiteAid has put itself before the customer by refusing to take ApplePay.
As customers we have to shop where bargains, customer service and convenience prevail. Obviously RiteAid doesn't fit this category.

 

[BvizioN]

or...you could just take out your damn wallet like you have been for years

Yeah man, you also can use your horse if you missed the bus to town.

 

[notabadname]

His arguments seem to be extremely ill-informed, I have tried to explain exactly this myself but I keep getting replies with even more ill-informed comments.

His "rarely compromised" remark is absolutely hilarious.

From the headlines:

Total global payment-card fraud losses were $11.3 billion in 2012, up nearly 15% from the prior year. The United States—the only country in which counterfeit-card fraud is consistently growing—accounted for 47% of that amount, according to the Nilson Report: card issuers lost $3.4 billion and merchants another $1.9 billion.

It is amazing, and embarrassing that our nation accounts for basically half of ALL the fraud in the world.

 

[Mukist]

ApplePay offers better security than is currently available.
but getting back to topic, RiteAid has put itself before the customer by refusing to take ApplePay.
As customers we have to shop where bargains, customer service and convenience prevail. Obviously RiteAid doesn't fit this category.

Pretty terrible move especially since walgreens is much more preferred than rite-aid anyway in my opinion. They shot themselves in the foot with this one, I am a security first kind of guy and would rather not risk it if I don't have to.

 

[BruiserB]

Funny that you would assume I know nothing about Identity Theft. Yeah, the stuff on TV where they try and sell you Identity Protection... yeah that's useless.

Grabbing a credit card number doesn't lead to your identity being fully compromised. People knowing your other information is more useful. Trust me, I know. And, it's a lot harder to recover from than if they had just swiped my credit card number.

I've dealt with the federal government, numerous agencies, etc. And, got it all straightened out over time. But, it didn't start with a credit card number that someone swiped, that would have been extremely easy to correct.

It comes from someone having access to your other information. Things like social security numbers, addresses, full legal name, date of birth. That's all you need, and you're in business.

And, that information is far easier to obtain than your credit card number, I know.

I'd actually rather plaster my credit card number on every sign in town than fill out the forms that ask for your name, address, telephone number, social security, date of birth, etc.

Unfortunately, it is usually someone you have personally met, are otherwise related to, a government agency who's records were compromised, a medical record that was compromised, etc. that commits this offense.

Give me credit card fraud any day. 30 seconds and it's fixed.

All you say is true.....I had a breech of my CapitalOne account when someone apparently knew my SS# and birthdate and were able to change my online user ID and password with that info. At least CapOne had systems in place to email me to tell me that my UserID was changed and I called them before any fraud actually happened.

Hopefully Apple will be clever enough to figure out a way to secure this info as well.

Credit card fraud is relatively easy to solve as a consumer. But it costs the banks real money. This is why they have chosen to pay Apple. It might not save you money or much hassle, but it will save your bank money....and that will lower your cost....either directly or by them being able to charge merchants lower fees...which will eventually be passed on to you.