Slashdot Mirror
Apple Pay Competitor CurrentC Breached
tranquilidad writes "As previously discussed on Slashdot, CurrentC is a consortium of merchants attempting to create a "more secure" payment system. Some controversy surrounds CurrentC's requirements regarding the personal information required, their purchase-tracking intentions and retail stores blocking NFC in apparent support of CurrentC. Now news breaks that CurrentC has already been breached. CurrentC has issued the standard response, "We take the security of our users' information extremely seriously."
I guess Google Wallet is not in this app space any longer?
Secure? I have no problems keeping on me credit cards with $30k spending limits. Would you keep that amount in cash on you all the time with no fear of getting robbed?
Not anywhere where 'civil forfeiture' is on the books...
...do we get to see Jennifer Lawrence's "account balance"?
Wow... I don't personally care for the Walled iGarden, but you don't just get to make up numbers and then damn them for your imagination.
From the article it said email addresses were obtained. Not much of a breach is it?
Wait until the cops decide that "credit limit" equals "cash on hand".
"How much credit do you have on that there credit card, sir?"
"Um, $28,839.54"
"I have reasonable suspicion that you used your credit to purchase cocaine, online child pornography and uninspected beef steaks. Please hand it over."
The world's burning. Moped Jesus spotted on I50. Details at 11.
Ironic that as we move towards a cashless society, cash remains the most secure form of payment.
Because no-one's ever been able to steal cash before right?
In my time we used to wait for a full roll out to break a system. Kids today lack the common courtesy to wait for the big payoff, and now we see the real price. It gives these folks the time to put another band-aid on their hack of a system and try again. You kids should have the decency to wait until it is rolled out to enough places to make a big score. It saddens me to see what has happened to this once great country.
They're assholes who are about to get completely fucked and lose whatever kind of war they think they can win against Google and Apple.
My chief problem is I'm hopelessly conflicted over which group of assholes I want to win and which group of assholes I want to lose.
The world's burning. Moped Jesus spotted on I50. Details at 11.
"We take the security of our users' information extremely seriously, but in this particular case, you're all screwed!"
They're blocking Apply Pay and Google Wallet.
Good point. It sounds like this could almost fall under anticompeition/antitrust laws.
How is that ironic? It would be ironic if the goal of going cashless was improved security, but that is not the goal. The goal is so that the system and the state can track all financial transactions by the masses. There is also a fake "goal" of improved convenience, but that is just lies and spin to garner support towards the real goal.
This is the problem with a new system like this. Especially one designed to make more money for the retailers, and give them more access to consumer data.
They simply haven't been at this long enough to be trustworthy or competent at it.
And, historically, many of the vendors involved in the creation of this system have been fairly inept at implementing security, and fairly moronic about reporting it when it happens. Or understanding the severity of it when it happens.
So, sorry guys, I'll trust my bank -- because I know they're operating under at least some laws, and I'll trust VISA more than I'll trust you (because they've been at this for a while) ... but I will never use this system if I have a choice.
This is a payment system which is designed to make them more money, and give them more information to consumer information at point of sale. Which means they've primarily focused on those things, and have proven themselves to have done a terrible job at security.
So, what's in it for us consumers? I'd say nothing at all which provides value to us, other than the shiny baubles and discounts they're offering in return for them getting higher profits, and a much more detailed look at how and where you spend your money -- which they don't currently have since the CC processors don't let them have it.
The people making this new system are interested in it for entirely different reasons. Which means everything they do is for their benefit, and not ours.
Lost at C:>. Found at C.
"Security through angry projection"? It ain't workin'.
And I imagine it'll suffer the same fate.
Sorry about the mess.
It's .015%
In this case, I am waiting for CurrentC ;-)
For years, these MCX folks allowed NFC payments, meaning potentially Google Wallet payments. Apple Pay comes out with an EMV based solution, and instantly block all NFC, taking Apple Pay and Wallet down together. So, Google was never seen as a threat, or at least never passing the threshold of needing-to-ban, even after years of use, but Apple is seen as a potential threat from literally Day One.
I wonder why Apple is seen as a threat more? Their network of friends? Number of potential users can't be it - many more Android phones than iPhone 6s. Number of cards already in iTunes? Ease of use (i never even tried Google Wallet)? Did Google leak some of the info back to the retailers where Apple is balking at that info leak?
Just wondering.
They're assholes who are about to get completely fucked and lose whatever kind of war they think they can win against Google and Apple.
Or they could just be using this alliance/app as leverage to try to get better rates than the standard Visa, or MasterCard rates. Not to mention, better access to the data of its own paying customers. After all, you can bet Google and Apple will try to resell ads and intelligence to the highest bidders, whoever those bidders might be, based purely on the data of the purchase history inside those stores.
The vast majority of coverage on CurrentC is negative – now this. It will be interesting to see how long they keep this thing on life support before pulling the plug. Anything after this would seem like good money after bad.
Everybody in the tech community was already worried about direct access to bank accounts and no fraud protection. How will the consortium behind CurrentC answer the already swirling security concerns when this happens so quickly after members give Apple Pay (and it's biometric locks) the boot?
Letter To Iran
We should demand similar protection against ALL electronic charges, whether or not credit was involved. Telephone slamming should be included too. Our bank accounts need protection too. The burden of proof should be on those who are responsible for the installing and maintaining the system. Not the little guys who are users of the system.
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
CurrentC is NOT aiming to create a "more secure" payment system. That is obvious!
CurrentC wants a link right into your checking account. Sounds real safe. What happens when there is an issue? How long does it take to fixed botched transactions? What liability is there? How happy are the banks going to be working with them?
I'll stick to Apple and Google's model.
After all, you can bet Google and Apple will try to resell ads and intelligence to the highest bidders, whoever those bidders might be, based purely on the data of the purchase history inside those stores.
No, you can bet Google will, and Apple will not.
The credit card companies don't allow stores to charge more for a cc transaction. Perhaps this practice should be stopped as well. So something that costs $100 with cash, you might get a 2% discount for using CurrentC (and surrendering your data) or a 3%-5% surcharge for using a credit card.
It hasn't been breached... they just got a hold of their email mailing list! This is the crappiest bad summary of all crappy bad summaries.
forcing works better then superior solution, thank you
They're blocking Apply Pay and Google Wallet.
Good point. It sounds like this could almost fall under anticompeition/antitrust laws.
Visa and Mastercard already have a near-monopoly on payment systems, to the detriment of most retailers
Making their own payment system is not anti-competitive. It should provide more competition, and more freedom of choice to the retailers who don't want to give away most of their valuable customer purchase history to two advertising giants.
ApplePay does not cost the merchant any more than a standard credit card fee
That's the problem. Merchants (actually customers) are getting robbed by the credit card companies; now Apple is trying to get piece of that action rather than trying to reduce the fee that we pay.
If you've had the experience of being a merchant, it's easy to see why retailers don't want ApplePay.
As a merchant, the credit card companies (and issuing banks) have draconian controls over what the service costs you, both from a simple perspective (rates) and more complex issues (chargebacks).
The basic model is that the merchant/retailer carries 100% of the risk, and most of the cost. For example, when a chargeback occurs, the merchant bears ALL of costs, even though they have little control over the risk, aside from basic features like AVS.
The credit card companies and issuing banks can see every transaction, thus, they have the capability to create a very sophisticated anti-fraud system. They could easily identify a pattern indicating fraud (stolen card, known abusers of chargebacks). But, they don't. Why? Because if someone steals your credit card and purchases something with it, the credit card company and bank don't lose money. They take 100% of the fraudulent purchase amount from the merchant, and then tack on a chargeback fee. Similar for "reward cards". You know where the "reward" comes from? Higher rates for the merchant when a "reward card" is used. Visa and the issuing bank contribute $0 towards the "reward". I could cite many other examples, but suffice it to say that Visa, Mastercard, AMEX, and issuing banks are screwing merchants in every possible way they can.
ApplePay, being as much a Visa product, isn't any different for merchants. Same rates, same lack of control for the merchant. Apple had an opportunity there to find something that would make it appeal to merchants, but they didn't use it.
If there's an anti-trust case here, I personally think it's not with the merchants.
> Secure? I have no problems keeping on me credit cards with $30k spending limits. Would you keep that amount in cash on you all the time with no fear of getting robbed?
Cash equivalents are readily available in those amounts and they can be secured if stolen.
Although it's dubious that you actually require the ability to make a $30K payment. You probably wouldn't get authorization for such a thing even if you attempted it.
Of course what you are describing there is not your actual spending power but your total line of credit.
You are confused and you are muddling terms you don't seem to understand.
A Pirate and a Puritan look the same on a balance sheet.
You sir (or madam) seem not too familiar with Wall Street... Please allow me to introduce myself and the wonderful security offerings I just happen to have! You're guaranteed to make money!*
* ahem, make money for me....
cool frameworks and Languages too!
When are programmers going to wake up and smell the coffee!
You are screwing around with peoples money. You cannot just slap the latest cool frameworks together, write 50 lines of connection code and call it a system.
I would be willing to bet that there is a single database credential that has rights to insert/update/delete/select on all the tables in the system and its is stored in some xml file that the web application has access to and if the web application has access to it so do all the people trying to break in.
I cannot begin to count just how many times I have seen the following:
select * from users where id=? and password=?
and that returns everything about the user. Every modern database supports either functions or procedures to do something like:
validate_user(uname,upass);
and it simply returns true or false, 1 or 0 nothing more, nothing less.
Far far to often I hear, lets use [ fill in the blank ] framework because that is what everyone else uses and besides look how much more productive we are! And so it is taken upon nothing more than faith and 90% of the time the people saying vehemently that that is the way to go, understand perhaps 10% of the framework code and don't investigate any further. When you are considering a framework that is 100's of thousands of lines of code that more then likely wouldn't pass the particular languages version of Lint or Bounds or any other validation tool you have already lost the security war.
The people who are actively trying to break into large systems do their homework! They spend weeks or months looking at your generated web code looking for patterns that reveal the underlying frameworks and then comb through that code looking for even the most subtle vulnerabilities and then they make a plan and execute it.
When you are building systems like this if you don't start with security as priority #1, for the entire stack you will lose, it is just a matter of time.
Hey KID! Yeah you, get the fuck off my lawn!
Payments in App Store apps have 30% commission. ApplePay does not cost the merchant any more than a standard credit card fee (which apple splits with the banks).
If by "split" you mean the banks take 99.985% and Apple takes 0.015%. While the term is probably technically accurate, its use here is misleading, especially after mentioning the 30% figure. It's more like Apple takes their very small cut, and even that makes it sound a lot bigger than it is.
Hmmm, if DivX is to Xvid, then CurrentC is CtnerruC? Doesn't have the same ring.
Why was this modded down? You don't think this might happen, if it hasn't already, considering what we see the cops do these days? While it may be speculative at this point, it most certainly is plausible. I hope the moderation will be corrected.
“He’s not deformed, he’s just drunk!”
the 1990's DiVX pushed by circuit city with the play once DVD's you can rent
> The credit card companies and issuing banks can see every transaction, thus, they have the capability to create a very sophisticated anti-fraud system. They could easily identify a pattern indicating fraud
You mean like American Express.
The strange (don't even know what to call them) shills like to whine about AMEX fees but they are actually rather diligent when it comes to trying to detect fraudulent spending patterns.
Merchant accounts are "such a burden" that even single person operations can manage to accept the major credit cards.
A Pirate and a Puritan look the same on a balance sheet.
Just CHIP-IN-PIN and be done with it. Tech is amazing at making a mountain out of shit and calling it a better alternative.
Chip-in-pin works with basically every merchant systems, credit card processor, and Bank (or will sooner or later). The fees are dependent on the credit source.
- If the merchant accepts credit cards at all, the credit card fees are built into the cost of the product NO MATTER WHAT (unless they're defrauding the contract of the CC by offering discounts)
- If you pay with debit cards / cash, you pay for the CC fees and its just more net profit for company
- Liability for CC's are on retailers, and at least recourse, buying limits, and some government insurance on checking accounts
- I'd like my bank / CC provider to send notifications on every purchase made either through email (login to actually view info) or SMS / application
All that's left is the new vacuum of change that is flooding into the credit market to fill their pockets during the current industry volatility caused by the death of magstrip / signature and the rise of internet based buying patterns (significantly increasing). Google/Apple/CurrentC/Amazon/PayPal/etc.. all want their hedge into the market so that they can make money from your purchases. They're not altruistic, and their sole benefit for SOME are convenience (but not for me. I like chip-in-pin).
I see room for existing technologies to evolve (mostly to fix the broken internet buying based security limitations) but I don't see myself using google, apple or anyone else in a retail setting besides a recognized merchant service/(credit card for insullation maybe)/bank because hell, the fees are already there and built in, so I may as well use what I'm being charged for anyways, plus I get the reassurance that I know it works (and has for a very long time).
Bye!
Dunno about pissing people off, but massive Streisand effect for Apple Pay. The payment so good it's been BANNED. I don't think anyone now thinks about how it wasn't ready when 8.0 shipped, all that lag and slowness is now lost to "they banned it, the punks".
The odd thing is, Apple is actually pushing a standard here, the EMV standard. (though I guess you can say MCX is a standard too). It's just they have the best hardware for it, with decent (but not unhackable) security with TouchID. TouchID hit a sweet spot in the balance between security and convenience.
CurrentC Spokesman: Hello everyone, We're CurrentC. Screw Apple Pay and it's 1 million users! We're gonna go head-to-head with a major technology company using our tried and true 40 year old technology. Sure, all of our members have had huge data breaches in the past year but we're serious about it now and we're doing it right, for you, our customer. Trust us!
Spectator: Umm, you dropped something there -points at ground-
CurrentC Spokesman: Awww, Mother Pussbucket #*@^% #$)!( , @*!))(!
Warning: Teh poster of this messaeg is lysdexic
not limited to cash
Apparently they pissed off the wrong people When these retailers started turning off NFC.
Never attribute to malice what can easily be explained by greed. I think the publicity made a lot of people who hadn't previously known about MerchantC, some of which are crooks, say "Hey, there's a new payment system? Let's see if it can be hacked." Seems that during round one they only got non-financial data, but let's wait for rounds two through 100,000.
A credit card isn't cash, credit cards emit a very long paper trail. Imagine how easy the police's job would be if criminals actually used credit cards in the manner you describe.
Don't blame me, I voted for Baltar.
Those hackers could have been sitting on a gold mine if they could just keep it in their pants. ah well, better luck next time. hope you left some decent rootkits to get back in.
CurrentC: I'd suggest you format all machines and reload all modable firmware. curious, does it suck more this way? or if and when you have customers?
Apple: it's time to crush this insolence while the iron is hot, play up your security, i hear it's ironclad, better than android.
Visa: when the hell are those pin based cards coming?! don't you hear the horde of startups clamoring up your walls?
Why not? It works on the campaign trail... Made up numbers win elections and gain more customers all the time. We reward the vivid imagination, the more flamboyant and extravagant the better. That's how you make the sale. Yes, it sets a bad example, but there's little to no negative feedback, quite the opposite, so expect more of it.
“He’s not deformed, he’s just drunk!”
Was referring to DIVX, instead of DivX, how confusing.... http://en.wikipedia.org/wiki/D...
Sorry about the mess.
Yes, that is what I was referring to... http://en.wikipedia.org/wiki/D...
Sorry about the mess.
My chief problem is I'm hopelessly conflicted over which group of assholes I want to win and which group of assholes I want to lose.
Well golly gee! It's not like there's not a choice of "none of the above". Ah, but, *Give me convenience, or give me death* :-)
“He’s not deformed, he’s just drunk!”
My understanding is that even on NFC-equipped Android phones, Google never had a proper deployment strategy; they only partnered with a few card issuers, they didn't really work with any merchants to get them on board, Verizon blocked their app on their phones, it was only limited to the US, etc.
Over that first weekend, we know now that ApplePay adoption was in the millions, and in those first few days CVS probably saw this deluge of NFC transactions and were like, the jig is up, the train is leaving the station, and if we continue to allow NFC transactions through the 2014 Christmas season the Payments War will be over and CurrenC won't have even been a contender.
Don't blame me, I voted for Baltar.
Cash equivalents are readily available in those amounts and they can be secured if stolen.
You mean like traveler's checks? Not very convenient.
Ironic that as we move towards a cashless society, cash remains the most secure form of payment. Because no-one's ever been able to steal cash before right?
I believe what he meant to say, don't hold me to this though, is "The more we move towards a cashless society, the more we should be using cash."
Supporting World Peace Through Nuclear Pacification
The credit card companies don't allow stores to charge more for a cc transaction.
At least here in North Carolina, as well as in Virgina, and in Kansas, I've seen chains of gas stations that have a "cash price" (also the price that you get if you use the chain's own brand credit card) and a higher price (usually about 8 to 10 cents higher per gallon) if you use a major Credit Card. I don't see Visa doing anything to prevent this. In fact, the law was changed recently at the federal level to explicitly allow merchants to tack on a credit card processing fee, although many major merchants such as WalMart have said so far that they will not do that (although one has to suspect that the politicians who passed this were motivated to do so by someone with an interest in doing it).
I'm an American. I love this country and the freedoms that we used to have.
Don't the police already have a method of obtaining your financial history/data? Why would they need the actual card?
NFC is not EMV. They are using technology that's compatible with Mastercard's Paypass, Visa's payWave, and so on. EMV is chip and pin.
Actually the 30% was/is their take from all iTunes and App Store sales. They also charge a licensing fee (MFi) to make accessories with the 30 pin and new lightning connector. This fee is currently rumored to be ~$4 per connector or a percentage of the devices cost whichever is greater. { Fun fact: It is this licensing fee that led Square inventor Jack Dorsey to design the Square reader to use the audio jack instead of Apples connector. It cost $1 to manufacture the reader and it would have cost $4-$8 per reader to use the 30 pin. } I'm sure Apple has negotiated a comfortable fee with Visa/MC to use Apple Pay.
"A person is smart. People are dumb, panicky dangerous animals and you know it." - K
why is parent not modded funny?
Because people who actually pay attention have noticed that Apple has been making privacy protection an important, heavily promoted, feature to help distinguish their products in the market. People who actually pay attention have noticed Apple's description of the lengths to which Apple Pay goes to be secure, and to provide NO tracking information. But go ahead and bash away if it somehow makes your day a little more tolerable ;-)
A guy running a one man shop selling foam hassled me when I wouldn't give him my name, address, and phone number for a $10 piece of foam. He actually said, "what are you worried about the FBI or something?", and this was in Canada. I started to walk away, leaving him with the unsellable piece of foam he already cut for me, and he wised up and suddenly figured out how to process the payment in whatever shit POS system he was using. In short, merchants are complete idiots when it comes to stuff like this.
Inconceivable!
That is all.
they just got a hold of their email mailing list
From registered email addresses, you can get things like home address/phone number, and lots more data that may be of interest.
Basically the breach got a bunch of primary keys they can use to get something more juicy later.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
A credit card isn't cash, credit cards emit a very long paper trail. Imagine how easy the police's job would be if criminals actually used credit cards in the manner you describe.
1) Set up legitimate business storefront -- a health spa.
2) Sell drugs out of business.
3) Charge customers for $1500 "luxury massages" at your health spa.
4) Profit.
Would you consider home address, and phone number also to be a bit of a breach?
Because you can get those and a lot more with just the email address and a call to the CurrentC web service.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
I thought the idea was to confiscate the money under the suspicion you would use it for something illegal if you were carrying so much. So they would take you card since it has that kind of purchasing power.
Obviously it does no good for the cops to confiscate CASH if they're trying to track your history/data.
Ease of use.
5) Police get warrant for health spa's credit records.
6) Police now have a list of hundreds of suspects. And the spa doesn't even know it's happened.
These people don't use credit cards, boss, it's like sticking a big flag on your head saying "arrest me."
Don't blame me, I voted for Baltar.
Especially one designed to make more money for the retailers, and give them more access to consumer data.
Retailers are not making money from this service. In fairness, a retailer does not make more money from a credit card company either. The people making money from these services are in essence middlemen acting as the proverbial money changer and money lender.
That's not to claim retailers get nothing from the arrangement. They don't have to carry cash every day to deposit in the bank, and "skimming" is much less of an issue. For a retailer, it's probably worth the few percent on every transaction to be paid.
Retailers, for the most part don't care about the data aspects either. Sure, the mega stores do.. but.. they tend to creep people out already.
How this works with these secondary services is not the same arrangement, and as you claim "their benefit' is all that's considered. Making the issue more severe it the fact that these newer services lack the protections of the established services.
-The wise argue that there are few absolutes, the fool argues that there are no probabilities.
Uh, pretty easy considering the police ARE the criminals in that scenario...
I'm not OP but I've bought a secondhand car at £14500 on a Chip & PIN card here in the UK. Wasn't even called to confirm.
I guess today is a passable day to die.
Because Google Wallet and Apple Pay work in opposite ways.
For a retailer to support Google Wallet, they need to work with Google and their merchant processor to support Google Wallet. Because what really happens is the transaction details are forwarded to Google who then charges your payment method (credit card, debit, Paypal, bank account, etc). This is why Google knows everything about your transaction whenever you use Google Wallet. (Basically Google gets to know everything about what you're buying).
Apple Pay is nothing more than EMV so it's just an electronic credit card. Once you register your card through Apple Pay, Apple is no longer in the transaction. As long as the retailer takes credit cards, and has an NFC reader, Apple Pay will work. Most of the retailers listed by Tim Cook? They did diddly squat to support it. They just had working readers and probably someone came over and tried it and was successful.
Because to support Apple Pay means you need an EMV compatible terminal (swipe, chip+pin, NFC) and processor, and because of October 2015 legislation, people are supporting it by default since practically all new terminals have it. So all a retailer needs to do to get Apple Pay support is make sure their hardware (terminals) is upgraded (which they're doing anyways over the next year) and their processor supports EMV (which if they're doing chip+pin, they're going to have support for).
However, for Apple Pay to work, Apple needs to work with banks to ensure when a user scans a credit card,, they can get a token assigned in its place (the token is private between the user and the bank, and is basically just an index so the bank can determine who to bill).
So Google Wallet requires no effort by banks, etc., and effort by retailers to support. Apple Pay only requires hardware updates they're doing anyways which is minor, but effort by the banks to support EMV.
That's why Google Wallet's penetration has been low - there are probably more retailers that support Bitcoin than Google Wallet just because. (Though if your processor is adding support for Bitcoin, they probably have Google Wallet support as well).
For Apple Pay, because for retailers it "comes for free", which means its market penetration is far higher than what Tim Cook had in his presentation. Because retailers who already have NFC terminals practically already support EMV and that makes them Apple Pay compatible with zero effort.
So retailers may be inadvertently supporting Apple Pay when they don't want to because Apple Pay just shows up as a credit card.
My chief problem is I'm hopelessly conflicted over which group of assholes I want to win and which group of assholes I want to lose.
Well golly gee! It's not like there's not a choice of "none of the above". Ah, but, *Give me convenience, or give me death* :-)
At first I was going to mod this up, but then I thought a bit more about it. Let me give you a better example of what the grandparent was likely getting at:
RealNetworks, Inc. v. DVD Copy Control Association, Inc.
Let's face it, I sincerely doubt that ANY slashdotter uses Realplayer on a regular basis. Most of us file it under "relics of the 90's" or "squandered tech opportunities" or something similar. Had RealNetworks won that case, I sincerely doubt anyone here would have actually purchased or used this application. However, this court case was one where many of us were hoping that RealNetworks would win - not for the amazing software or for the continued growth of RealNetworks, but for the court precedent. If RealNetworks won, it would be the first piece to fall of the problem of legislatively backed DRM. The war would continue, of course, but it would be a start.
I can't speak for the GP, but I concur with his sentiment. I don't think that Apple, Google, or these retailers have my best interest at heart. Not in the slightest. However, they all want the same thing: money. Apple seems generally better about not directly selling marketing data, but there's also no guarantee that they're not doing it under the table. Even without the tin foil hat, Apple may keep all that data in-house, and if iCloud security is any indication, that database security is questionable. Aunt Google, we all know, sells marketing data - they compete just as much with ClearChannel as they do with Microsoft - arguably more so. Retailers have their own science about how to psychologically manipulate you to buy stuff in their store. Apple may be the 'least offensive' in this lineup since their biggest crime is still a matter of speculation, but they're still no saint, even by corporate standards.
Thus, we have ourselves a bit of a conundrum. Even if you and I continue to use cash, the order invariably goes "opt-in, opt-out, alternatives disincentivized, alternatives socially unacceptable, alternatives impossible/illegal". Thus, the question becomes "who do we want blazing that trail?" That's the true question being asked by the GP, and unfortunately, I agree.
What timely hack, makes one wonder.
"If any question why we died, Tell them because our fathers lied."
Cash will always be with us. If the government stops making physical dollars and currency and forces all transactions to be numbers, then people will move to another currency (imported Euro coins or Loonies.) If that gets banned then gold. If gold gets outlawed, silver. If precious metals get outlawed, then there will be some BitCoin successor. Worst case, people will raise and trade chickens.
The problem with CurrentC is that it is just getting known. Right now, it now has an ugly, black eye... and since they don't use credit card mechanisms, a loss of money won't be reimbursed, so they NEED to run a tight ship.
I'm not a fan of Apple... but I'll take SoftCard (formerly ISIS), Apple Pay, Google Wallet, or any other method over these guys.
The other thing CurrentC seems to have goofed on is that there is no way in hell this system will ever see the light of day outside the USA.
The USA may still live in the backwater side of banking where people still commonly pay for groceries by cheque, but in the rest of the world the idea of giving a third party your bank account information is quite foreign nowadays. There is absolutely no way in hell I would ever use this system, and if someone at Walmart asked me for my chequeing account information I would laugh in their face.
DivX and DivX ;-) were a pun on CC's misguided DIVX.
I think it's an appropriate association and for people who think CurrentC or its future incarnations is a bad idea should associate it with DIVX.
"CurrentC, the DIVX of the 21st century."
Which is evidence of racketeering not that the cash was from the proceeds of drug sales. That setup gets the bank account seized though.
BTW you are correct. Just so you know for next time. Apple's actual fee is .15% and that is being paid as an intermediary processor fee, which is normal and already part of credit card transactions.
My question remains, what chances are you ready to take to produce the necessary changes? The "order" invariably comes from us. We reward the people who do this to us, for a piece of candy.
“He’s not deformed, he’s just drunk!”
The proper term is not 'robbed', it's "civil forfeitured". By confusing the two terms, you sully the reputation of thieves who ply their craft without the aid of crooked DA's and the DEA.
Does anyone know where I can order some high-quality clown shoes, preferably with some amount of customization options?
I'd like to starting mailing pairs of bright, ostentatious clown shoes to idiots who fuck up royally. Everything from shit like this to politicians who stay stupid shit or get caught lying and cheating to Ubisoft and Microsoft dicking around with shitty parity clauses.
The proper term is not 'robbed', it's "civil forfeitured". By confusing the two terms, you sully the reputation of thieves who ply their craft without the aid of crooked DA's and the DEA.
No, I just don't live in the jurisdiction of these agencies.
they only partnered with a few card issuers
They didn't partner with any card issuers; you can use any credit card with Google Wallet. The way it works is that you're actually paying with a Google-issued MasterCard debit card, then Google charges whatever credit card you gave them on the back end, so there are no restrictions.
they didn't really work with any merchants to get them on board
Untrue.
Verizon blocked their app on their phones
That was true for a while, but hasn't been true for about two years now.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
You sir (or madam) seem not too familiar with Wall Street.
When was the last time you bought securities on Wall Street with cash?
People who say "sheeple" have about as much sophistication as an AOL user, and in fact are probably actually AOL users.
A payment system needs some thought put into it. As a fallback, if a credit card is abused, the money is reimbursed, charges are reversed. This is a tried and true system for over 40+ years.
Other systems don't have this protection. Debit cards, once the money is out, it is gone. Third party providers? I have read stories of some various payment providers permanently banning people from using them if fraud happens and a charge is reversed, so at best one winds up going through their "fraud" measures, which likely will result in nothing.
I don't see anything that even remotely approaches Visa/Mastercard for a reliable, secure, system where if a customer gets screwed (even if it is a double-charge at a restaruant, and the place refuses to bother going back), money would be returned. Visa/Mastercard also demand a level of security for all links in the chain. In virtually everywhere else in the computing industry, there are no useful laws (FERPA/SOX/HIPAA are never enforced), no regulations... nothing at all to ensure security regulations are kept. The CurrenC hack would not have happened if PCI-DSS3 guidelines were in place.
Yes, Visa/MC are a near monopoly, but they have earned it, and have earned a trust, which is very hard to get. No, they are not perfect, but they do quite a good job at at least doing something to stem the tide of credit card fraud, and reimbursing if/when it happens.
I don't see other payment systems, other than the ones that are based on credit cards, having this innate protection. Consumers read about many, many places getting hacked on an almost daily basis, so they have almost zero faith in security measures. If a payment system can't undo bogus charges, then consumers will stick with one that does, and if nobody gives guarantees against fraud, the end users will go with cash, as it takes far more than an Internet connection to make coins or paper money.
Just to add to what you said in addition to fraud there are disputes like the service rendered was unsatisfactory. Many places have terrible return and customer satisfaction policies (though the internet has helped this greatly). Credit cards were a big part of ending all sorts of unethical behavior by merchants.
They aren't making their own payment system. They're basically just giving you a debit card that hits your checking account without asking for a PIN. But that's ok because it can only be used at Wal-Mart, CVS, and Rite Aid? I'm surprised this is even legal.
"CtnerruC" suggests something of Cthulhu to me. That doesn't so much "ring" as "slither".
Visa and Mastercard already have a near-monopoly on payment systems, to the detriment of most retailers
I hold it as self-evident that if accepting credit cards wasn't in some way beneficial to the merchants, they wouldn't accept credit cards. The merchants are crying about the fees while conveniently forgetting that taking credit cards greatly increases sales.
You can't have it both ways.
People who say "sheeple" have about as much sophistication as an AOL user, and in fact are probably actually AOL users.
Not to defend CurrentC (I'm not), but I read that in order to be a part of the MCX consortium a retailer had to sign a three year contract not to use any other mobile pay system. I wouldn't be surprised if this played some part in turning off Apple Pay functionality.
Not to say that would also explain why Google Wallet was accepted up until Apple Pay went live...because it doesn't...
The NSA: The only part of the US government that actually listens.
But they don't. They have paid off the politicians and are legally looting from small players.
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
It seems that the hoo-hah about CurrentC is local to the USA; I'd never heard of it until this week. Here in Australia most retailers have installed paywave terminals in the last 18 months - it's now almost ubiquitous alongside chip and pin terminals. In fact, it's so ubiquitous that it's becoming a minor annoyance when a retailer hasn't got it yet. I do think that it has reached the point of maximum convenience really - getting your card out and waving it at a terminal is probably about the minimum effort it's ever going to be. Even getting out your phone instead is slightly MORE effort, as it involves (in the case of the iPhone anyway) the extra step of authenticating using the fingerprint scanner. That additional step might be acceptable as it adds a layer of security that your card doesn't have.
However, from what I've read about CurrentC, there's no way that it's going to get any traction. It's nowhere near as convenient and it seems it's nowhere near as secure. It's also conflicted in that it's trying to be attractive to the retailer as well as the consumer - those things can't be easily reconciled. But the killer is that paywave is already here and people are already getting used to that degree of simple convenience - anything that goes backwards now is never going to be popular. The horse has bolted, CurrentC is trying to close the stable door. The fact that some retailers have been forced to turn off paywave because they signed up to support CurrentC betrays their thinking: we know paywave is far more convenient and we haven't got a hope in hell if people get used to it, so let's pretend it never happened.
If I had anything to do with CurrentC, I would be packing my things.
The problem is that by supportingCurrentC you're not opposing Apple, but locking out all NFC vendors. Since NFC is the world standard for touchless point-of-sale, this would be like shunning the metric system not in favor of imperial measure, but in favor of some system that you dreamed up yourself and operate by your own rules.
The payment so good it's been BANNED. I don't think anyone now thinks about how it wasn't ready when 8.0 shipped, all that lag and slowness is now lost to "they banned it, the punks".
lol, I don't have mods point, but I agree, they banned the whole NFC tap n pay like the NBA, banned allen Iverson's crossover..
I do hope that this does happen. If my card all of a sudden was putting through a credit-maxing transaction it would send off all sorts of alarm bells at my CC company. If there is one entity that could shut this whole civil forfeiture sh**t down (Jesus Christ America, how is this even a thing) it would be the banks.
I don't think the cops could coerce you into getting your signature or PIN, but they could take your card. You would just have to dispute the $30,000 dollar transaction and let the bank have fun with the police department.
It wouldn't matter, in the US the credit card company will regard the transactions made by the cop as fraudulent (the cop isn't the card holder) and will leave the merchant who allowed the sale holding the bag on the charges provide the card holder reported the card as stolen and the charges as fraudulent.
It would also give merchants a finical incentive to not trust credit from cops.
Yes. I don't live in a violent ghetto.
Neither do I. I would carry $30k once if I had too. But I wouldn't carry it for no reason just in case I decide to purchase a trip or a car.
I regularly see people with over $10000 of clothing and jewelry on and nobody gets robbed.
These used clothing and jewelry aren't probably worth more than $500 as soon as they are taken out of the store. Cash is much more interesting for a robber. Also you can loose your wallet. I don't really care if I loose $50. It will bother me to have to call my credit card to cancel the old one and get a replacement, and to do the same for my driver's license, health insurance and such. But I'd be way more pissed off if I just lost 30k$ cash.
I've made ~$30k purchases on a credit card a few times with no problems. On the other hand I've had problems before with $20 purchases at convenience stores... so there's that.
Google failed at advertising the product. You could use any card with Google Wallet and any NFC reader. They didn't need to setup deals like Apple Pay did.
Unfortunately there are a LOT of phones out there which have been capable of mobile payments for years but people have no clue.
I don't think that is right.
Google Wallet was never supported in Australia, none the less you could jump through hoops (till they closed the hole) and get it working on compatible Android phones. Back when it was working it worked everywhere I could find an NFC reader from big merchants to small butchers. It literally worked everywhere I tried it.
NFC transponders in current CC still allow you to get names and full numbers similar to regular stripes. There is plenty of code for reading it online.
Custom electronics and digital signage for your business: www.evcircuits.com
I dunno, so why do you think the uptake on Google Wallet has been so poor? I think the other fella down there has a good point -- they never properly marketed the thing.
NB. Swillden is either an employee of has an "It's Complicated" relationship status with Google Inc.
Don't blame me, I voted for Baltar.
They are not the same thing. While similar and while both use NFC that's about where the similarities stop: http://arstechnica.com/gadgets...
This discussion is kind of silly.
I agree, it is a bit silly. The problem is freeze128 is under the impression the police are after financial history information when they do civil forfeiture. They aren't. They only take cash because they assume you'd only carry such a large sum for use in something illegal, making the money itself evidence. But the cash can't really tell them what it was used for (unless it's marked, or logged in a ledger in evidence already in a very precise amount that matches what they find).
I had Google Wallet on my last phone (Evo 4G LTE) and used it a couple times when I got my phone. I stopped using it because it wasn't any more convenient than grabbing a credit card out of my wallet. I had to unlock my phone, find the Wallet app, type in a PIN code, and then tap my phone to the reader. Sometimes it would work, sometimes it wouldn't, sometimes it'd crash.
I've heard rumors that the experience has gotten better, but I no longer have a phone that I can try it out with.
I dunno, so why do you think the uptake on Google Wallet has been so poor?
Because Google never advertised or promoted it to users.
Swillden is either an employee of has an "It's Complicated" relationship status with Google Inc.
If you look at my /. user page, you'll see I'm an employee. However, that really has nothing to do with my comments, except that since I worked on some of the Wallet supporting infrastructure I'm more familiar than most with how it works and how it evolved.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
A credit card isn't cash, credit cards emit a very long paper trail. Imagine how easy the police's job would be if criminals actually used credit cards in the manner you describe.
Who says they *don't*? They just use someone else's credit card.
Fraud paper trails are useless when your shadow is working from a different country outside jurisdiction. And even from within the US --most fraudsters take years before they leave enough bodies of evidence for the cops to care to track and stop them.
At most you will be offered a new CC number, and the criminal will pick on someone else... but there's no certainty that
1) the pseudonymous perp has gone to jail because of messing up
2) that he won't find you again.
Scary stuff.
They are getting the "card present" rate of less than 2%. They had to get retailers to sign on too, and retailers aren't going to pay more than they are now.
This is an initiative for Apple that does slightly better than break-even, but adds a shload of value to present and future iPhone models.
Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
Whoops, people below me say it's 15 basis points (0.15%). Yeah, they're really putting the screws to people - and by "people" I mean the intermediary processor that usually gets that 0.15%.
Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
They are reducing the fee - Apple Pay is always a "card present" transaction which has a lower fee.
Slashdot still doesnâ(TM)t support Unicode after it was added to the HTML standard in 1997.
I am willing to bet that, EVEN THOUGH your facts are presented very well, and make a whole lot of sense, atleast two things will happen
1) Many people who signup after CurrentC initial rollout, either don't understand or don't care or both.
2) Retailers will "sweeten" the deal of signup with 10% off or 90% off, and all sorts of money back or cash back or discount type deals to where, these same people will care even less
3) What is worse in my opinion is that many people who understand such intricacies as you have mentioned, will also cave in, or just give up at some point for these sweet deals We see this type of mob mentality in almost every thing happening around us.
Oh, don't get me wrong. There will be a few people who will be 100% opposed to this with every fiber of their being, but that mob will be very small and will not have enough power to sway popular opinion, and will eventually be driven to fringes of society.
Paypass/Paywave/etc are all compatible with EMV's contactless ISO standard. But I see that as somewhat different than saying they are the same thing.
To answer my own questing, my best guess is Data.
Ever notice how sometimes they ask you what your zip code is AFTER your transaction goes through? What's the likelihood that your name (as read from your credit card, Track 1) is near unique in your area code (I think I'm unique in my state). So they can associate your purchases with you, those points cards notwithstanding. If Google Wallet uses a single credit card, then they can do much the same thing, just lose the name info but can still profile you.
But, now you have pseudo-random credit card numbers with EMV/ApplePay. They can't track you using credit card numbers.
So what is good for you (changing credit card with essentially one time credit card numbers, for security and privacy) becomes bad for the merchant (they can't track you across purchases).
On a side note, check out news about Axciom. I had a friend work there, and I'm glad they're gone. They can tie a huge amount of info to you, a scary amount.