Breach Could Spell Real Trouble for CurrentC

currentc-200Just eight weeks after it announced a private pilot mode launch of its customer-centric and secure mobile payment solution, CurrentC, the Merchant Customer Exchange announced its email database has been hacked.

So what does this mean for CurrentC, which was built by leading merchants to simplify, enhance and secure their customers’ shopping experience, and has MCX’s retail members turning its back to Apple Pay?

If this is just the tip of the iceberg, it could spell real trouble for CurrentC, said Tim Erlin, director of IT risk and security strategy for cyber security firm Tripwire.

“One has to wonder if any provisions around security were built into contracts with retailers,” Erlin said. “It was a smart move for CurrentC to build in restrictions on accepting competing payment systems, but incidents like this will make it hard to maintain that stance moving forward.”

However, CurrentC said on its company blog that many of these compromised email addresses are “dummy accounts” used for testing purposes only. CurrentC added that the CurrentC app itself was not affected.

“We have notified our merchant partners about this incident and directly communicated with each of the individuals whose email addresses were involved,” MCX wrote on its blog Oct. 28. “We take the security of our users’ information extremely seriously. MCX is continuing to investigate this situation and will provide updates as necessary.”

The breach happened sometime after Oct. 27, and was discovered within 36 hours.

CurrentC plans regional and national rollouts of its mobile wallet in 2015.

Ken Westin, a security analyst with Tripwire, said the CurrentC system benefits the retailer by allowing them to keep their existing hardware, whereas Apple Pay requires them to upgrade their systems. CurrentC also sidesteps the need for credit cards thereby avoiding the fees, whereas Apple Pay is backed by the credit card issuers and banks.

“The Apple Pay model has been a bit more focused on privacy and security with their technology to help gain traction and trust in the market place,” Westin said. “The CurrentC system is tied to loyalty programs with the retailer and that raises a whole host of privacy and security concerns.”

Partner Content

The Gift of Wow: Preparing your store for the holiday season - Netsuite
Being prepared for the holiday rush used to mean stocking shelves and making sure your associates were ready for the long hours. But the digital revolution has changed everything, most importantly, customer expectations. Retailers with a physical store presence should be asking themselves—what am I doing to wow the customer?
3 Critical Components to Achieving the Perfect Order - NetSuite
Explore the 3 critical components to delivering the perfect order.
Streamlining Unified Commerce Complexity - NetSuite
Explore how consolidating multiple systems through a cloud-based commerce platform provides a seamless experience for both you, and your customer.
Strategies for Maximizing Mobile Point-of-Sale Technology - NetSuite
Learn the top five innovative ways to utilize your mobile POS technology to drive customer engagement, increase sales and elevate your brand.