Retailers like CVS and Rite Aid that block Apple Pay are taking a big security risk

“Apple wants to make it easier for people to use their phones to pay for everyday goods at retail stores using a new system called Apple Pay,” Jason Del Rey writes for Re/code. “But two major drugstore chains [CVS and Rite Aid] recently banned the technology, setting the stage for a showdown with Apple.”

“They’re taking a huge risk that could have catastrophic results if any of them suffer security breaches like their peers did last holiday season. That’s because the mobile payments app that they’re backing, called CurrrentC, won’t launch until sometime next year, leaving customers with the same old clone-friendly credit cards they’re using now,” Del Rey writes. “Apple Pay, on the other hand, is a much more secure payment method than traditional cards. What happens when one of these stores gets hacked during the holiday season like Target, Home Depot and Michaels were last year? They’ll be on the receiving end of pure customer outrage coupled with hard questions from elected officials.”

Del Rey writes, “MCX retailers like CVS and Rite Aid are choosing to ban a payment method that is more secure than what is currently the default non-cash method.”

Read more in the full article here.

MacDailyNews Take: In just one week, Apple Pay has already facilitated more transactions than all other ‘contact less’ payment methods combined! (Which shows how much of a flop Google Wallet is – it released over three years ago on September 19, 2011!)

Boycott CVS and Rite Aid and any other company that willfully turns off NFC in a effort to block the vastly more secure, much more private, and far easier-to-use Apple Pay service.

• Email complaints to CVS Customer Relations here.

• Email complaints to Rite Aid Customer Relations here.

Related articles:
Apple Pay tussle with CVS, Rite Aid the first shot in mobile payments war – October 28, 2014
In one week, Apple Pay already No. 1; used more than all other mobile payment systems combined – October 28, 2014
Alibaba’s Jack Ma says open to working with Apple on Apple Pay – October 28, 2014
Tim Cook blasts CVS, Rite Aid over Apple Pay blockade: ‘You only are relevant if your customers love you’ – October 28, 2014
Seeking personal data, Walmart, Best Buy, and others won’t let shoppers enjoy Apple Pay privacy – October 27, 2014
Boycott CVS and Rite Aid – October 27, 2014
Bad business: CVS and Rite Aid antagonize their most well-heeled customers by blocking Apple Pay – October 27, 2014
CVS stores reportedly disabling NFC to shut down Apple Pay – October 25, 2014
iPhone users earn significantly more than those who settle for Android phones – October 8, 2014
Yet more proof that Android is for poor people – June 27, 2014
More proof that Android is for poor people – May 13, 2014
Apple’s iOS dominates in richer countries, Android in poorer regions – March 25, 2014
Twitter heat map shows iPhone use by the affluent, Android by the poor – June 20, 2013
iPhone users smarter, richer than Android phone users – August 16, 2011
Yankee Group: Apple iPhone owners shop more, buy more, remain more loyal vs. other device users – July 20, 2010

42 Comments

  1. I’ve heard it said that any publicity is good publicity.

    I’m not sure this is the case with CVS and Rite Aid at this moment. Basically it’s advertising to the world that they have an inferior payment method and it could be less secure than say, Apple Pay.

    Hmm…… I’ll be I know which one Target will go with. Hehe

    1. And guess which companies hackers are going to be targeting this holiday season (and especially after CurrentC is [eventually] introduced)?

      That’s right, CVS, Rite Aid, and all those other companies who just announced that they are refusing higher security so they can get more customer data to store on their servers.

      1. Exactly. I have my phone, it knows my bank already, I just wave and OK the transaction. CurrentC involves actually setting something up and answering a lot of intrusive questions is my understanding. Who needs to do that? I have neither the time nor the inclination. I just want to spend the money I have safely. Time to shop around a little more for a store that actually cares about their customers and does not view them as a bunch of dumb ‘marks’….

      2. It’s not because of CurrentC. It’s because they’ll still be using the same old credit card systems this holiday season before CurrentC is available next year, and still be vulnerable to the same type of attack that affected Home Depot, Target, etc.

      3. Not what I was talking about. I was talking about widespread hacks on the scale of Target and Home Depot. Nobody is going to use CurrentC, they are going to use traditional credit cards, which are vulnerable to this type of attack. While stores that embrace Apple Pay will have less risk because more people will shift to that payment method, and for those who don’t switch that’s their own fault.

  2. Free publicity for Apple…. Right now at least tens of thousands plus people are asking “What’s ApplePay?”

    And various corporate board members are screaming: “Our customers are trying to give us money, and we aren’t taking it. In fact, somebody turned the system off. Can anybody tell me who did it and why?”

    Apple has developed a simple, secure and convenient system for those of us with iPhone 6’s… A simple, secure and convenient system that is working so unbelievably well that it is even “accidentally” working in some locations the retailers don’t want it to be. How often does that happen? …I still can’t get my TV remotes to talk to all the TV’s DVD recorders and cable boxes in my house… Yet ApplePay is chugging along by accident in some locations? Good luck to anybody fighting ApplePay.

      1. It’s much more than that. CurrentC is the creation of Merchant Customer Exchange (MCX), a consortium company created in 2011 and spearheaded by Walmart, particularly Lee Scott, their former CEO. For details, see this excellent article about it in TechCrunch: http://techcrunch.com/2014/10/25/currentc/

        I also suggest that you read some other excellent articles, such as this from John Gruber’s daringfireball.com: http://daringfireball.net/2014/10/nfc_apple_pay

        And this from Ron Shevlin: http://snarketing2dot0.com/2014/09/03/failed-currentc/

        It’s yet another reason why I refuse to step into a Walmart. The company is evil to the core.

  3. CVS and Rite-Aid didn’t just ban Apple Pay. It was working in their locations. They flat out undermined it. They stabbed it in the heart. They went in and surgically removed a functioning POS component they had in their stores, so it wouldn’t work.

    They went from 2011 to 2008 just so Apple Pay wouldn’t work at their locations.

    KARMA is going to be a real sore bitch, for CVS and Rite-Aid.

  4. As noted elsewhere, it could be that both Rite Aid and CVS are contractually obligated to CurrentC in which case they are better to take the hit and opt out.

    Their loyalty programs can continue to flourish with Apple Pay, things will just continue as today with payment and Loyalty being 2 separate programs.

    There has to be some serious questions being asked somewhere. They had to have seen a huge uptake to actively shut these systems off.

    My advice: Cut CurrentC and pay them whatever you need to get out of their currently laughable payment system.

    1. Better advice – add pressure to rewrite the CurrentC contract to allow alternative NFC payment methods. There’s no reason all systems can’t co-exist and let the customer choose which one to use. That would be their best step forward.

      1. Yes, there is a reason AP and CC can’t coexist, AP will bitch slap CC, and CC knows it.

        Right now, CC is in Samsung’s boat, sinking and wondering wtf hit them.

  5. CVS and Rite Aid are going to start circling the RIMM pretty soon just like blackberry and Nokia. It’s going to be like the amateur hour fiasco played out all over again.

  6. Taking a hit because you have something better in the pipeline is one thing, doing it for an inferior future product is daft.

    The iPhone teardowns at Samsung have given them a start but I wonder how long it will be before the Android copy is mature and secure enough for banks to trust it for fingerprint payments

    1. Actually it may be less “daft” than it seems. I read somewhere they were contracted in the development of CurrentC and may be obligated to promote it in this way. How long that contract lasts or if it is even true remains to be seen. If it is true, they were still stupid to sign up for it without checking with Apple long ago. Now they might not have a choice other than to try to spin it as some bold option….

Add Your Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.