Apple Pay rival CurrentC just got hacked

How Apple Pay works

Apple Pay rival CurrentC has been hacked.

The mobile payments app -- which isn't even officially out yet -- was created for the sole purpose of getting stores away from credit card fees they pay every time you swipe your card.

CurrentC partners CVS (CVS) and Rite Aid (RAD) made news earlier in the week for boycotting tap-to-pay technologies like Apple Pay and Google Wallet in favor of their own flavor of mobile payments.

On Wednesday, those taking part in the CurrentC pilot program received a warning from the consortium of anti-credit-card retailers called MCX, or Merchant Consumer Exchange: The program was hacked in the last 36 hours, and criminals managed to grab the email addresses of anyone who signed up for the program.

MCX confirmed the hack, adding what's become a go-to line for any company that loses your data: "We take the security of our users' information extremely seriously."

It's a rough start for an app that aims to be a competitor to Apple Pay and Google Wallet.

'Apple Pay' may be safer than plastic

CurrentC has also come under recent scrutiny because of the data it collects on customers. A close look at the app's privacy policy reveals that signing up will require your "driver's license number, Social Security number, date of birth" and more "to authenticate your identity." The CurrentC app promises it doesn't use such information "for marketing purposes."

But MCX is free to share with marketers and other companies the rest of the data it collects: your name, home address, email, phone number and actual location at all times. Aside from payments, the app will also deliver coupons and help stores better track shoppers to target them for advertisements.

CNNMoney interactive: What do hackers know about you?

Apple (AAPL, Tech30) doesn't ask for your Social Security number. Google (GOOG) does. But that information is not passed on to retailers. MCX is itself a consortium of retailers.

This latest episode will give CurrentC critics -- who cite Apple Pay as better, safer technology -- even more ammunition. In an FAQ page, MCX claims "consumers' privacy and data security are our top priorities." This hack disproves that notion.

Cherian Abraham, a mobile payments expert, said this CurrentC hack is unfortunate but isn't reflective of the security of the actual app itself. But it still doesn't stack up to Apple Pay.

"Nothing comes close to the security apparatus Apple has created," Abraham said.

CNNMoney is investigating recent hacks. Have you had money stolen from your bank account? Has someone stolen your identity? Share your story.

Social Surge - What's Trending

Search for Jobs

CNNMoney Sponsors