Apple Pay Rival CurrentC Has Been Hacked

by
in security on (#2TT4)
story imageTechCrunch reports:
MCX (Merchant Customer Exchange), the coalition of retailers including Walmart, Best Buy, Gap and others, who are backing a mobile payments solution CurrentC meant to rival newcomer Apple Pay, has been hacked.
CurrentC is still in its pilot phase. Only emails of the early app testers have been stolen. No payment data or other personal informations. Furthermore since the project is still in the pilot phase, many of those emails belonged to dummy accounts.

Since there might be a war coming between CurrentC, Apple Pay, Google Wallet, and perhaps the established credit card companies, it would be easy to construct a nice conspiracy theory. However: Never ascribe to malice that which is adequately explained by incompetence. And even incompetence does not describe it correctly. The developers of each of those systems on the one side are probably vastly outmatched by the black hats, who try break it, on the other side. And the black hats just need to find one single implementation error, while the developers have to anticipate everything. I cases like this, where real money can be made, the Linus's Law is definitely applicable.

What does it mean for the customers? They should be extra careful. Neither Apple, nor Google, nor MCX have much experience as payment service providers. Their technologies are new and most certainly will have weaknesses, which is bad. But also for the courts these system will be uncharted waters. For a duped user this might even be worse. So before using one of those shiny new and convenient payment options: Read the fine print in the contracts. Check who carries the risk and the burden of proof in case of a misuse.

Neither Apple, nor Google, nor MCX have much experience as payment service providers. (Score: 1)

by kwerle@pipedot.org on 2014-10-30 20:47 (#2TT9)

... I dunno about that. Certainly Apple and Google have a lot of experience transacting with customers, taking their money and getting them something in return. Hardware, software, media (songs, movies, etc).

OK - that's not exactly the same thing, but it's a lot of closely related stuff.

In addition to that, Apple has let you buy stuff in their stores by just scanning it with your iphone. So they are acting as their own payment service provider.
Post Comment
Subject
Comment
Captcha
What is five + nine?