Pixel Envy

Written by Nick Heer.

CurrentC, Not PrivaC

John Gruber:

And the reason they don’t want to allow Apple Pay is because Apple Pay doesn’t give them any personal information about the customer. It’s not about security — Apple Pay is far more secure than any credit/debit card system in the U.S. It’s not about money — Apple’s tiny slice of the transaction comes from the banks, not the merchants. It’s about data.

They’re doing this so they can pursue a system that is less secure (third-party apps don’t have access to the secure element where Apple Pay stores your credit card data, for one thing), less convenient (QR codes?), and not private.

Bingo. Josh Constine, over at TechCrunch:

CurrentC notes it may share info with your device maker, app store, or developer tool makers. Oddly, it will collect health data. Precise location information is used to verify you’re at the retailer where you’re making a transaction, and if you opt in it can be used for marketing or advertising. CurrentC notes that you can opt in to be able to capture and store photos in the app for a hypothetical visual shopping list or other features down the road.

After his investigation of the app, Aude told me “CurrentC borders on the creepy line” due to it pulling health info. He also that found that its Terms Of Service leaves high liability for fraud to the user if someone else is able to get access to a user’s phone and make CurrentC payments.

Let me get this straight: a group of retailers — including Michaels, Lowe’s, and Target, all of which have had significant security breaches in the past year — are trying to launch a payment system based on QR codes and a steady hand, and want to access significantly more data so your purchase history can be sold to advertisers. Good luck with that.