The outlook isn't looking so hot for CurrentC, the rival mobile payment system that major retailers like Walmart, Rite-Aid, and CVS have rallied around instead of Apple Pay. Earlier today (and only a few hours after playing up CurrentC's security features in a blog post), CurrentC owner Merchant Customer Exchange (MCX) informed its early users via e-mail that some of their e-mail addresses had been obtained by "unauthorized third parties."
Fortunately, as MacRumors reports, the notice claims that "no other information" was obtained from the users affected. But of course the incident raises the question of whether it could be stolen. That's especially important for CurrentC, which uses customers' bank account numbers rather than credit cards as in the case of Apple Pay. In fact, that's the main appeal of the service for MCX retailers as it allows them to avoid paying credit card processing fees.
But that's not the only problem MCX is facing. MCX's blog post from earlier today specifically addressed rumors that the group saddles retailers with fines if they support both CurrentC and Apple Pay, stating that "Importantly, if a merchant decides to stop working with MCX, there are no fines." Many critics, including 9to5Mac, have pointed out that this response doesn't actually disprove the rumors of fines, as it only addresses instances in which if the retailer doesn't use CurrentC at all.
In the same statement, MCX made itself look even more vulnerable by stating that "MCX does not store sensitive customer information in the app. Users’ payment information is instead stored in our secure cloud-hosted network." The very fact that Apple Pay's data isn't stored in the cloud but in the phone itself has been one of the chief selling points of the service almost from the very beginning, as it makes it almost impossible for hackers to remotely access your data.
At this rate, it'll be interesting to see if the rival service even lives to see its official 2015 wide-release launch date.