• expired

Wendys - Free Crispy Chicken Burger - App Only - No Purchase Required

140

Free Crispy Chicken Burger through the Wendys app.

Small freebie with a bit of effort, however, no purchase required.

To use:
Install app
Set up account
(set up payment settings first to make life easier later)
Go to offers & Deals
Claim the coupon
Then move to 'my coupons' and select use coupon.
You then need to select your store for pick up and confirm the order.

Only available by ordering through the app.
Must put in visa/mastercard details - there will be no charge - have tested and confirmed

Related Stores

Wendy's
Wendy's

Comments

  •  

    Awesome.. I didn't even have to enter my actual credit card info. Any random test credit card works :)

  •  

    Is the app crashing after login for anyone else?

  • +1 vote

    Be wary about the data you enter there, they send out confirmations of password changes in plain text.

    •  

      Its true i reset my password this is what the email said.

      <[email protected]

      "Your new password is:
      (Password)">
      App connects to
      apps.wendys.co.nz
      So admins can read the passwords and the credit card details must not be secured too.
      Hopefully they dont get hacked.

      •  

        Did you report it? It's bad if they are doing this

      •  

        Sending out a password change/new password email with a plain text password is bad practice. It probably means the password will end up recorded somewhere in their system long term in plain text, since it's quite difficult to design one which can do that and not end keeping it somewhere. It may also end up stored on an intermediate server long term. Not to mention the email on your server etc. But it doesn't guarantee the password is stored in the database as plain text though, or that it's easy for admins to access. (Although anyone, including hackers, could use a variety of means to bruteforce look for any passwords accidentally kept.) The way you know this if they send out your existing (not new) password in plain text. In other words, if the forgot password form doesn't require you to generate a new password, it provides you your existing password. (Whether by email or on the webpage.)

        Remember that nearly everything does server side hashing of passwords, so nearly every site you login to received a plain text password. Ideally this should be hashed in memory and then deleted. (Although a number of security guides now recommend checking new passwords again databases of leaked passwords and rejecting any that match.) What is happening when they email you is they are taking this password and emailing you. This is a complicated process and is likely to mean it will end up stored somewhere on more long term storage at least temporarily. But they may still be storing it in their database in hashed form, as there's nothing surprising about them having a plain text copy of the password you just provided to them and their ability to do something with this plain text password doesn't mean they've stored it in that form in the database.

  •  

    When adding a credit card these addresses popup. Credit card is hopefully stored on the phone only.

    Paypal payment gateway.

    assets.braintreegateway.com payments.braintree-api.com
    svcs.paypal.com
    www.paypalobjects.com
    api.braintreegateway.com

    •  

      Fairly sure that achieving PCI-DSS compliance if you're storing credit card details on the phone is very difficult or impossible so they would be stupid if they are doing that.

      More likely Wendy's is using some third party payment provider who are the ones storing the card details, that would concur with you finding Braintree and PayPal. It's also possible no one is storing the full card details and they're simply using tokenisation although I'm not totally sure what the state of play is with tokenisation and NZ cards.

      •  

        This was their reply.

        Thank you for sending us your feedback and concerns.

        Unless there is a fault that we are not aware of, you should get a screen with the question that you have initially setup when you created this account.

        However, the password should be covered and that is the confident information that no one can see, including yourself.

        For your own peace of mind, Wendy’s does not store any payment information at all and is all processed by an International Certified Gateway called Braintree. (https://www.braintreepayments.com)

        Any other concerns or questions please send them through to this email address and would address them as soon as possible.

        Mobile App Team | Wendy’s Hamburgers NZ

  •  

    Are others getting this deal? It's not showing up for me…

    • +1 vote

      It didn't work for me at first but when I made a new account the coupon appeared. Probably only for new users.

    •  

      just worked for me. I've never used the app before so it was a new install and new account. No coupons showing at first, but lots there to claim including free crispy chicken burger after I changed screens then went back to coupons, I did also allow access to my location, not sure if that helped it.
      I didn't enter any payments details but it says they are required to redeem coupons.
      Just wish there was a Wendy's in Wellington (CBD) or Hutt!

  •  

    Not showing for me either ((

    •  

      Usual odd variations occurring we see. I just now worked for me on a new wendys app download, but used my usual mobile no. (They knew it years ago). And wait for it…. I didnt need ANY card etc payment details entered in order for the free coupon to appear and clicked and loaded now :) .

  • +1 vote

    FYI when you create your account, make the birthdate the current date. i.e 28th feb for today and you will get a birthday coupon which is free loaded fries with any purchase over $5. if you get the $5 mates rates deal plus the two coupons it makes for a pretty good value lunch.