According to MCX (Merchant Customer Exchange), the maker of the Apple Pay mobile wallet competitor CurrentC, email data of its beta testers was breached in the past 36 hours. This couldn't have been worse timing, considering some MCX members started banning all NFC payments in their stores to stop people from using Apple Pay, because they wanted them to use CurrentC exclusively (when it's launched next year).
This is the e-mail MCX has been sending to its users, according to TechCruch:
Thank you for your interest in CurrentC. You are receiving this message because you are either a participant in our pilot program or requested information about CurrentC. Within the last 36 hours, we learned that unauthorized third parties obtained the e-mail addresses of some of you. Based on investigations conducted by MCX security personnel, only these e-mail addresses were involved and no other information.In an abundance of caution, we wanted to make you aware of this incident and urge you not to open links or attachments from unknown third parties. Also know that neither CurrentC nor Merchant Customer Exchange (MCX) will ever send you emails asking for your financial account, social security number or other personally identifiable information. So if you are ever asked for this information in an email, you can be confident it is not from us and you should not respond.MCX is continuing to investigate this situation and will provide updates as necessary. We take the security of your information extremely seriously, apologize for any inconvenience and thank you for your support of CurrentC.
Unlike Apple, which keeps no user data -- even the credit card number is stored locally in Secure Element (opens in new tab), while giving merchants only unique tokens when the purchase is made -- MCX intends to collect much more data from its users including e-mail, bank account numbers, location and more.
What Target, Staples and Home Depot breaches have shown us is that not only can most of these stores not be trusted to hold such valuable information about their customers, but even if the stores' "clouds" are as secure as they can be, the potential for extreme damage (such as having hundreds of millions of users' account data leaked) is too high to be an acceptable way of doing business.
The malicious hackers, be they individuals, organized groups, or rival states only need to hack these databases once to get that data. Even if the data is properly encrypted, that only helps as far as the users' passwords were strong and unique enough. Unfortunately, it's common knowledge by now that most people either use predictable passwords or passwords that are easy enough to bruteforce. Apple's own iCloud easily fell prey to the same type of attack earlier this year.
Apple Pay may not be completely impenetrable either (nothing really is), but so far it's using a rather solid security design that stores the credit card data locally in hardware, with very little exposure to the OS or anything else. Even if that system is breached, the potential to have hundreds of millions of credit cards leaked through it is much smaller. If there's a serious vulnerability, hackers can only attack or infect one phone at a time, minimizing the total damage of such a hack.
We should be demanding that more systems that involve collecting valuable data from us, whether it's credit card numbers, fingerprints or facial recognition data, should store this data locally and securely in hardware. That data should also not be accessed directly, but through "virtual layers" on top of it, such as the unique tokens Apple Pay generates for purchases. This way, if a breach happens, the attackers will only get access to worthless "virtual" data.