clock menu more-arrow no yes

Filed under:

CVS and Rite Aid turned off Apple Pay and that's a terrible idea

Nothing gold can stay, Ponyboy: CVS turned off support for Apple Pay and Google Wallet on Saturday.

“Our customers found it too easy and convenient,” according to a fake company spokesperson whom I made up because I’m disappointed and spiteful. “To say nothing of the fact that it encouraged people to shop more at our stores. Letting customers use a safer and more secure method of payment is just plain bananas,” the spokesperson said, before handing me a 7-foot-long banner of coupons and special offers.

The actual CVS chain had nothing to say about the move. Instead, corporate sent an email to all stores informing them that their computers would be receiving an update to disable contactless payments.

CVS wasn’t alone in disabling NFC-based electronic payments. Rite Aid also pulled support for those two systems. An internal email obtained by SlashGear told store employees to explain to disappointed customers that Rite Aid planned to have its own electronic wallet system available in 2015.

Both Rite Aid and CVS are members of a large consortium of store chains backing “CurrentC,” a forthcoming “pay with your phone” system that looks God-awful from all possible angles except for that of the retailers. TechCrunch has a good rundown of what CurrentC will look like in operation.

Here’s my own breakdown.

Apple Pay/Google Wallet:

  • Pay by bringing your phone close to the payment terminal. Radios in the phone and the point of sale terminal handle everything. All you have to do is wait for a beep that confirms payment.
  • Works as an extension of your existing credit card.
  • Exposes no data to a new party.
  • The security mechanisms are proven and battle-hardened.
  • Security of your financial data remains the responsibility of your card issuer.
  • Your card’s existing fraud protection applies to any fraudulent actions made through this system.

CurrentC:

  • Pay by selecting CurrentC on the payment terminal; manually launch a special app on your phone; manually select a payment function; aim phone camera at a QR code displayed by the terminal. Unless it’s a place where you have to make the phone display a QR code and aim it at the cashier’s camera, or it’s a place where you need to punch in a special code number generated by the phone app.
  • Requires you to allow CurrentC to have direct access to your bank account.
  • Creates a brand-new security hole that you didn’t have before signing up.
  • You’ve never heard of CurrentC and you haven’t a clue as to their track record for keeping data safe.
  • Security of your actual bank account is in the hands of someone you’ve never heard of.
  • Good luck getting your money back if criminals successfully get into CurrentC’s systems and drain thousands of dollars of actual money from your actual checking account.

To say nothing of the fact that you’re engaging in transactions with every retailer in the Merchant Customer Exchange consortium every time you use CurrentC. If the MCE has placed any consumer protections whatsoever against freely sharing your personal transaction information among members, there isn’t a whisper of that to be found on their corporate website. There’s no reason not to believe that when you order the Garlic Glutton’s Gorge at the Olive Garden, that information will be immediately sent to CVS to help them sell you mouthwash and breath mints.

So: CurrentC is harder to use, it makes your banking information vulnerable to a whole new entity, this entity is utterly unproven, and every purchase you make adds another piece of data to an expanding and increasingly valuable marketing dossier on you and your habits.

Oh, and I forgot to mention: whereas Apple Pay and Google Wallet don’t give retailers any access to your phone data whatsoever, CurrentC is an app. And apps can conceivably get access to your location data, call history, contacts, and a wealth of other personal information.

Will the final, public version of the CurrentC app try to acquire and leverage that private data for the benefit of its member retailers? Unknown…and that’s one hell of a bad thing not to know about. It worries me that CurrentC’s site doesn’t have a consumer-facing informational page explaining what the app can and can’t do with your data. The fact that there isn’t one makes me wonder if the organization behind it doesn’t consider customer privacy as an important issue.

I try to speak cautiously of things I haven’t used myself but I can’t steer clear of my clear reaction to CurrentC: what a piece of garbage!

So why are retailers embracing it? To avoid paying transaction fees to credit card companies: These stores can save a few percent per purchase by moving money directly out of your checking account.

And the savings will be rolled right back into the pockets of consumers, through lower prices!

Sorry. I know, I’m a professional, and sarcasm is the enemy of clarity.

Why Apple Pay is the way you want to spend money

CurrentC is a 100 percent bad deal for consumers and I can’t for the life of me imagine why anybody would want to use it.

I have to guess that CVS and Rite Aid’s action is motivated less by pig-eared idiocy than it is by contractual obligations to a payment system that doesn’t exist yet. Whatever the reason, it’s still a major fumble. These stores have taken away a system that’s getting boatloads of positive energy from Apple’s entry into contactless payments. They’ve replaced it with … nothing. And now, CurrentC is getting the kind of intense scrutiny that no service-in-development can afford.

As for CurrentC itself? I’m amazed that Merchant Customer Exchange retailers — many of which are run by people who have received some form of formal education, I guess — are ignorant of the hard lessons learned by the music industry during the turn of the millennium. Remaking a consumer experience in a form that only suits business is a rocket sled toward disaster.

There was a time when music publishers could ignore the consumer shift toward digital media. Eventually, though, even Sony had to realize that the popularity of Napster and CD-ripping software represented an irreversible trend. Instead of seeing digital music as a threat to their business, they at last saw it as … an opportunity!

An opportunity to create a terrible format that served every need and many fantasy scenarios of Sony Music, and create a customer experience that was wretchedly horrible in every conceivable way!

The consumer bought a Sony digital music player and installed the required software on their PC. The app merrily went about searching their hard drive for music files and converted all of them to Sony’s proprietary digital music format. All of the music they’d ripped from CDs that they legally owned, everything they might have bought elsewhere, everything they might have recorded themselves … all of it got thrown into Sony DRM Jail. Their music collection became a “library” in a very real sense: Copying music to an external device or a different library required that they “check it out.” What if they wanted to listen to it again, on your home PC? Go to hell; you bring that music player right back here, young man or lady, and sign it back in before Sony will even consider allowing you to ever hear your daughter’s holiday recital!

And the app was crashy and buggy and often wouldn’t work even if the user tried to satisfy Sony’s utterly insane DRM requirements. I once called customer service while testing the system and was told, in cheery seriousness, that perhaps Sir should just buy a second copy of the album, “for maximum playback flexibility.”

In Sony’s fantasy scenario, the system was a way to finally lock the consumer out of behavior that a music publisher finds inconvenient. Copy a CD onto tape, for use inside the car? No way. Lend a CD to a friend? Nuh-uh. Transfer it to another format, so that in 10 years’ time, the consumer can keep listening to the music they’ve paid for? The very idea! How about if the user upgrades their PC? Can they transfer their library? Mmmmmmaybe. No promises; Sony has licensed you to only play this music on this device. Customers had been doing those things for decades, via CD, tape and LP formats, but Sony would like to goddamn know just how the hell any of it benefitted Sony in any way.

And the best part! If Sony closes the store … the user loses all of their music as soon as they upgrade their computer!

Sony could do whatever they wanted! After all, what power did the consumer have? Under this fantasy world, they would have no alternative but to repurchase all of their music! From Sony! This is truly a land of miracles that we have created!!!

Oh, wait, whoops: Consumers could just steal music.

Which they did.

Apple had a point when it opened the iTunes Store: If music publishers wanted to fight piracy, Apple said, then they had to build a system that made buying music easier than stealing it. The iTunes Store opened with a much more flexible DRM system in place, and the behind-the-scenes drive to eliminate DRM entirely was already long underway.

The worst-case scenario for CurrentC isn’t as bad as that: Taking things from CVS is the sort of capital-“S” stealing that attracts the attentions of store security and the local gendarmes. The lesson is the same, though: CurrentC will fail because consumers will hate it. Some consumers will try, maybe, but it’ll be such a terrible experience that they’ll still use their credit cards.

CurrentC might stand a chance if the retailer consortium were satisfied to just create a system that’s almost as easy as Apple Pay or Google Wallet. But they’ve loaded it with so much anti-consumer claptrap that every tech journalist and educator has placed it on their “Actively warn people against using it” list.

I’ve been drilling deep into the Merchant Customer Exchange site, looking for any sort of encouraging signs. I’ve found none. But I did discover that the MCE’s headquarters is in Needham, Massachusetts, a town that I drive through every time I go to The Outer Limits in Waltham to buy comics.

The difference between Middle-Aged Andy and previous editions is that whereas all of us realize that we could totally go over there and TP their offices on Halloween, only 16-year-old Andy would be able to hook up that idle thought to the twin engines of serene self-righteousness and a frolicking disregard for consequences.

One thing’s for sure, though: If I were to follow through on that idea, I’d be buying the toilet paper at Walgreens. There’s one right across the street from my usual CVS store … and it takes Apple Pay.