CurrentC

CurrentC was a mobile payment system developed by Merchant Customer Exchange (MCX), a consortium formed by several of the largest retail corporations operating in the United States. The platform aimed to let consumers pay for goods and services in physical stores by using a smartphone application that generated a scannable QR code at the checkout terminal. Unlike many competing solutions that relied on near‑field communication hardware, CurrentC’s approach required only the merchant’s ability to display a code and the consumer’s ability to capture it with their device’s camera. Users enrolled in the service by linking their personal bank accounts directly to the app, which allowed transactions to be debited from those accounts without routing through traditional credit‑card networks. This model was intended to reduce merchant processing fees and to provide an alternative to emerging mobile wallets such as Apple Pay and Google Wallet that were gaining traction at the time. Before any public rollout, CurrentC operated in a limited pilot phase with a select group of consumers and merchants to test usability and security. In October 2014, while the service was still undergoing this pilot testing, a data breach occurred that exposed the email addresses of participants in the trial program.

MCX notified the affected pilot users promptly and advised them to be vigilant against possible phishing attempts that could exploit the disclosed email addresses. The company emphasized that no financial information, such as bank account numbers or transaction histories, had been accessed in the incident, attributing this to the fact that the payment functionality had not yet been fully activated for the pilot. Despite the breach being limited to contact data, the event drew attention to the security measures surrounding CurrentC and prompted broader discussion about the risks associated with linking bank accounts to mobile payment apps. CurrentC’s distinguishing technical attribute was its combination of direct bank‑account linkage and QR‑code transmission, a design choice that differentiated it from NFC‑based systems that required specialized readers on both the merchant and consumer sides. Structurally, the platform was not an independent entity but a product of MCX, which is governed collectively by its member retailers; consequently, ownership and strategic direction resided with the consortium rather than a single corporate parent. Following the breach and amid intensifying competition from established mobile payment services, MCX ultimately decided not to pursue a full public launch of CurrentC, and the project was gradually phased out.