Apple Inc. Chief Executive Tim Cook announced over a million credit cards activated on Apple Pay within 72 hours of its October 20 debut. Cook happily proclaimed that Apple’s new Pay product was seeing quick adoption. This was very exciting, because NFC payments have been trying to get traction for the last three years.
But soon after, several Apple Pay users discovered that they would not in fact be able to utilize the NFC chips already installed at several of their favorite retailers (Rite Aid, CVS, Wal-Mart, Target, 7-11, Best Buy, The Gap – all of the companies in the MCX family.)
By disabling the NFC readers, these stores also effectively shut down any Google Wallet transactions. The checkout processes were programmed to display a prompt to customers asking them to utilize a different form of payment. Many payments that had already been processed ended up being denied as well. The reason for this? According to internal company memos, the directive issued was as follows:
“Please note that we do not accept Apple Pay at this time. However we are currently working with a group of large retailers to develop a mobile wallet that allows for mobile payments attached to credit cards and bank accounts directly from a smart phone. We expect to have this feature available in the first half of 2015.
If customers attempt to pay for a transaction with Apple Pay, a message will prompt both customer and cashier for a different form of payment. Please instruct cashiers to apologize to the customer and explain that we do not currently accept Apple Pay, but will have our own mobile wallet next year.”
This “mobile wallet” referred to in the internal memo was said to be CurrentC – which would not even be available until 2015. All these years that NFC has been available, and the MCX family couldn’t get a process right – nor could they simply allow the payment form that many of their customers were excited to use.
Why? Many reports point to the fact that the transaction fees incurred to the retail would be lower, and the collection of data for customers would be easier. In other words, no consumer-facing benefit to the denial of Apple or Google NFC payments. Reportedly, the MCX sign-up process for their internal payment system would include gathering social security and drivers license numbers.
So, the news today that within the last 36 hours, the CurrentC system was hacked is not comforting to potential customers who may have intended to sign up and hand over their very personal data. The data breach was reportedly limited to the theft of email addresses, and it appears that only the emails of app testers were accessed.
The message sent to those impacted was as follows:
“Thank you for your interest in CurrentC. You are receiving this message because you are either a participant in our pilot program or requested information about CurrentC. Within the last 36 hours, we learned that unauthorized third parties obtained the e-mail addresses of some of you. Based on investigations conducted by MCX security personnel, only these e-mail addresses were involved and no other information.”
MCX, the developer of the CurrentC app, released a statement assuring the public that “MCX is continuing to investigate this situation and will provide updates as necessary.”