CurrentC is basically trying to side step the issue of retailers needing to update security for PCI Compliance and PCI DSS. PCI compliance is effectively a consumer
protection that requires retailers to maintain an adequate level of security in all of their systems that handle credit or debit transactions.
It incentivizes security by placing 100% responsibility for fraud on retailers that fail to provide the minimum pci compliant level of security. It also prohibits the use of EOL operating systems that are no longer security patched such as WindowsXP and mandates firewalls, antivirus and other security.
But CurrentC put all liability on the consumer and completely bypasses the penalties and merchant liabilities associated with PCI DSS. Credit and debit cards provide a buffer of security and dispute resolution between consumers and merchants but CurrentC wants to go straight into people bank accounts.
This is a hot sweaty nightmare of bad. I dont think anyone is realizing how nearly impossible it is to reverse a fraudulent bank transfer.
Having said that I can see where banks could provide protection to consumers by creating consumer accounts that require individual consumer authentication prior to any ACH transfer from the account. However Banks dont provide that level of security to non-business account customers.
My prediction is that within 6 months of going live the amount of fraud will force the FTC to step in. I personally think credit card companies are the devil but CurrentC is worse.