Posts

No chips: A slow go for new credit card technology

CNBC – Less than half of American businesses have adopted the credit card chip technology that was all the rage in the fall of 2015.

Only 37 percent of businesses are currently able to accept chip-enabled credit and debit cards, according to a survey by The Strawhecker Group. TSG’s sample included 92 payment service providers that service more than 3.9 million merchants, or about 50 percent of the U.S. card-accepting market.

Chip cards, also known as EMV cards (for Europay, MasterCard and Visa), are touted for safety and improved security over traditional cards. Retailers, credit card companies and merchants were supposed to adopt the new technology by Oct. 1, 2015, or face penalties. Missing the deadline made U.S. card-accepting merchants liable for fraudulent transactions.

Ten percent of retailers are performing EMV-enabled transactions that are working well, and another 12 percent say their EMV-enabled transactions need improvement, according to a report from Boston Retail Partners.

Read Full Article: No chips: A slow go for new credit card technology

Beyond EMV: Best Practices for Payment Security

There is no single strategy that can entirely eliminate the risk of a data breach. To provide retailers practical tips on how to improve the security of their customers’ payment card and personal data, we recently wrote this white paper: Beyond EMV: Best Practices for Payment Security.

2016 White Paper - Payment Security - CoverEMV continues to gain the attention of retailers – mostly driven by the very large number of retailers who are seeing 6-digit monthly charge backs for EMV non compliant transactions. Most retailers who knew they were going to miss the EMV dealine had budgeted for some amount of charge backs. However most retailers are seeing the amount of charge backs far exceed the budgeted amount.

This is a significant challenge and could result in retailers running to EMV and skipping some security opportunities. However, many retailers are finding that moving to EMV, E2EE, and tokenization at the same time is faster than trying to push EMV implementations forward without closing some of their existing payment attack vectors.

Industry best practices dictate that the most effective strategy is a multi-layered security approach. Retailers’ security strategies need to include: integrated EMV-compliant payment terminals, strong e-commerce controls, network segmentation, secure communication protocols, E2EE, tokenization and a thoroughly documented and comprehensive internal set of security policies and practices.

Increasingly, retailers are realizing that simply meeting PCI compliance standards is no longer sufficient to protect customer data. Hackers are becoming more sophisticated, requiring organizations to reanalyze and revamp their current security protocols to adequately protect their customers’ payment and personal data. Retailers who have not implemented these technologies are at high risk, as the likelihood of being targeted by hackers increases every day.

Unfortunately, even as retailers focus their efforts on EMV and increasing data security in-store, fraudsters have recognized gaps in online security and are shifting their efforts to the exploitation of e-commerce sites. Online transactions create a unique set of security challenges. To protect against fraudulent online transactions, retailers must implement a rules-based fraud detection tool, auditing suspect transactions and authorizing legitimate ones.

In addition to providing a best practices comprehensive payment security strategy, this white paper includes recommended “quick wins to beat online fraud.”

Download the complete white paper:

Beyond EMV: Best Practices for Payment Security

As always, I appreciate your opinions on this topic. Please share your comments below.

Perry

Three-Quarters of Retailers Aren’t EMV-Ready at Checkout

Progressive Grocer – Only 22 percent of retailers are equipped to process new EMV cards at the checkout lanes of their stores, according to a new special report from Boston Research Partners (BRP).

EMV cards have an embedded chip, which is a small metal square on the front of the card that adds a higher level of security to the transaction when used in chip-enabled terminals.

According to the new BRP report, entitled Payment/Data Security in an Omni-Channel World, 38 percent of retailers indicate that payment/data security is a top priority and 53 percent of them say they plan to deploy and activate chip-enabled terminals within the next 12 months.

This special report is based on insights gained from BRP’s 2016 POS/Customer Engagement Survey and highlights the payment security objectives and challenges facing leading retailers today. Specifically, the report addresses topics such as: EMV compliance progress, alternative payment type adoption, payment card processing architecture approaches, and the increased shift to online fraud.

Read Full Article: Three-Quarters of Retailers Aren’t EMV-Ready at Checkout 

Retail Lags on EMV; Online Fraud Soaring

Response Magazine – A new report from Boston Retail Partners says only 10 percent of retailers are performing Europay, MasterCard, and Visa (EMV)-enabled transactions that are working well, with another 12 percent saying their EMV-enabled transactions need improvement. More than half of retailers plan to start EMV within 12 months.

EMV is the technical standard for smart payment cards and for payment terminals and automated teller machines that can accept them.

While the use of EMV-compliant terminals weakens the incentive for thieves to steal credit card information, EMV adoption by a retailer in and of itself does not do anything to actually reduce the risk of a breach.

More than half of retailers plan to start EMV within 12 months.

EMV is the technical standard for smart payment cards and for payment terminals and automated teller machines that can accept them.

While the use of EMV-compliant terminals weakens the incentive for thieves to steal credit card information, EMV adoption by a retailer in and of itself does not do anything to actually reduce the risk of a breach.

Read Full Article: Retail Lags on EMV; Online Fraud Soaring

Sophisticated hackers call for refined payment security systems: report

Luxury Daily – As retailers innovate and enhance the omnichannel shopping experience, one of their biggest challenges will be creating an inclusive payment security strategy, according to a new report by Boston Retail Partners.

Payment security is one of the top concerns for retailers today, with hackers becoming more sophisticated and even high-profile institutions falling victim to data breaches. In order to protect themselves, brands need to update and strengthen their security systems, which may now be out-of-date.

“Hackers and fraudsters are in a constant back and forth with retailers as it relates to payment security,” said Ryan Grogman, vice president at Boston Retail Partners. “As retailers close certain loops, the hackers move on to the next most vulnerable spot in the transaction, and retailers are then forced to develop new measures to address the weakness.

“This cycle has been going on for many years, and the biggest change in payment security today is the sophistication and level of technology available to both sides,” he said. “The advent of PCI standards really moved the needle forward in terms of retailer defenses, but even with these controls in place, we are seeing high-profile retailers subjected to massive data breaches and the associated public relations fallout.

“For the card issuers and banks, they are driven by a need to reduce the amount of fraudulent charges. For retailers, it is the fear of being the next company in the headlines for a breach along with having their valued customers’ sensitive information exposed that is driving many of these changes. EMV is another attempt by the issuers to deflect the fraud liability back to retailers, and that financial liability has driven many retailers to allocate more budget to enhance payment security and implement EMV.”

Boston Retail Partners’ “Payment/Data Security in an Omnichannel World” is based on data from the consultancy’s 2016 POS/Customer Engagement Survey.

Read Full Article: Sophisticated hackers call for refined payment security systems: report

How do your Payment Security Practices Compare to other Retailers?

According to a new special report from Boston Retail Partners (BRP), the threat posed by payment security breaches continues to consume retailers’ resources. While only 22% of retailers currently support EMV (Europay, MasterCard and Visa) transactions, another 53% of retailers plan to implement this capability within 12 months. According to the BRP SPECIAL REPORT: Payment/Data Security in an Omni-channel World, 38% of retailers indicate that payment/data security is a top priority.

2016 Payment Data Security Special Report coverThis Special Report provides insight into BRP’s 2016 POS/Customer Engagement Survey and highlights the payment security objectives and challenges facing leading retailers today.  Specifically, this report addresses topics such as:

  • EMV – Where Are We Now?
  • Beyond EMV
  • Mobile Payments are on the Rise – and so is the Competition
  • Increased Options for Getting Data to Processors
  • The Shift to Online Fraud
  • Quick Wins to Beat Online Fraud

“Hackers and fraudsters are becoming increasingly sophisticated; requiring retailers to reanalyze and revamp their current security protocols in order to adequately protect the interests of themselves and their customers. The good news is that retailers realize the magnitude of payment risks and continue to focus resources to lock-down payment and data security across all touchpoints.” – Perry Kramer, vice president and practice lead, Boston Retail Partners.

“While the use of EMV-compliant payment solutions weakens the incentive for thieves to steal credit card information by requiring that the physical card be present at the transaction, EMV adoption in and of itself does not do anything to actually reduce the risk of a breach. The most effective approach for securing payment card transactions is a multi-tiered approach which includes implementing end-to-end encryption (E2EE) and tokenization in addition to support for EMV.” – Ryan Grogman, vice president, Boston Retail Partners

I encourage you to read the report to see how your payment security practices stack-up to other retailers.

Download the complete report:

BRP SPECIAL REPORT: Payment/Data Security in an Omni-Channel World

I hope you enjoy the report and welcome any comments or feedback. Please share your comments below.

David

Different Retail Personalities, Different Security Needs

PYMNTS.COM – Every retailer wants security — that’s a no-brainer. As for what particular areas they want to focus on, however, not all of them are in agreement. A couple of recent studies that asked retailers the same question came up with some varying answers. Retail security is a shifting target. Just as point-of-sale security seems to be shored up, a leak invariably pops up in mobile wallets, or in-store digital browsing, or omnichannel systems. For retailers to succeed, they must learn to master the art of split focus. As two recent reports on what matters most to retail professionals show us, it’s easier said than done.

As Chain Store Age reported, the Boston Retail Partners’ 2016 POS/Customer Engagement Survey shows that an overwhelming majority (85 percent) of respondents state that having a unified commerce platform, which seamlessly operates across all commerce channels, is top priority for them.

In contrast, only 38 percent of respondents mentioned payment security as a main concern. This marks a significant decrease from the 2015 findings, which saw 63 percent of respondents stating it was a top priority. One possible explanation, which Chain Store Age posits: The switch to EMV and the attention it brought to updating in-store systems most likely (and rather ironically) drove this reduction in prioritization of overall security.

Read Full Article: Different Retail Personalities, Different Security Needs

Announcing Mcommerce Summit 2016 New York May 5

Luxury Daily – Join senior executives and decision-makers at the 6th annual Mcommerce Summit: State of Mobile Commerce 2016, the nation’s No. 1 conference discussing retailing and marketing with mobile as the key influencer. Speakers from retailers and marketers such as Walmart, Walgreens, IKEA, Staples, Google and Boston Retail Partners.

Focus: The state of omnichannel retail with mobile influencing consumer decision-making and the marketing and retail efforts needed to acquire, retain and reactivate customers and prospects. How retailers are measuring up with their mobile commerce efforts in 2016 and what it means for the overall retail ecosystem

Why you should attend: Get inside knowledge of how the nation’s leading retailers are deploying mobile in their retail and marketing efforts, with a special focus on strategy, tactics, execution and results. Also network with fellow attendees who are senior executives and decision-makers at leading marketers and retailers in this daylong transfer of knowledge

One more reason why you should attend: This is the nation’s oldest and leading mobile commerce event attracting Fortune 100 companies to share insights and analysis on mcommerce and mobile-influenced retail. Pure retail, plain and simple

Venue: National Museum of the American Indian, Diker Pavilion, One Bowling Green, New York, NY 10004 (directly across from Battery Park in Lower Manhattan)

Read Full Article: Announcing Mcommerce Summit 2016 New York May 5

How to Create Mobile Apps for Real-time Retail

CDW – Effective applications can reshape retail, but only if they’re backed by a coherent mobile strategy. Retailers have been offering mobile apps to their customers for years, but that relationship is undergoing a revolution. The latest apps are driving fundamental changes in consumer behavior, creating what some industry analysts are calling real-time retail.

“Real-time retail is the ability to bring the Amazon experience to brick-and-mortar stores,” says Ken Morris, principal at Boston Retail Partners, a management consulting firm. “This includes knowing what’s in the closets, lockers and garages of the customers who are standing at the checkout counter.”

Read Full Article: How to Create Mobile Apps for Real-time Retail

Houston, We have a Problem! – 2016 POS Survey Identifies Issues with Retail’s Faux Omni-Channel

Retailers recognize the need to create a holistic customer experience that transcends channels, but most attempts are falling short.

85percentAccording to the 2016 POS/Customer Engagement Survey, 85% of the respondents indicate that unified commerce is their top priority. Many retailers have taken the “just get something done” approach to deliver a seamless customer experience that transcends channels. The unfortunate result of this quick fix approach is a “faux” omni-channel model that doesn’t execute as promised and has the risk of disappointing customers. While 60% of retailers indicate they have implemented “inventory visibility across channels,” 80% of those retailers indicate that the system “needs improvement.” According to another recent study, this is a real issue, as 60% of click-and-collect orders placed on Cyber Monday had problems.[i]

“Saddled with legacy systems that are not designed to accommodate today’s retail environment, retailers have scrambled to cobble things together in attempts to deliver the omni-channel capabilities customers expect. Retailers need to invest in infrastructure, networks and service oriented architecture (SOA) layer and do it right. The risk of losing customers due to disappointing shopping experiences caused by a flawed omni-channel architecture is deadly and that is why “real” unified commerce is retailers’ top priority for 2016.” – Ken Morris, principal, Boston Retail Partners

The 2016 POS/Customer Engagement Survey of top North American retailers offers insights into retailers’ current point of sale and customer engagement initiatives, priorities, and future trends as the physical and digital worlds converge within the store.2016 POS Survey Cover

Key findings in the 2016 POS/Customer Engagement Survey include:

  • Creating a true unified commerce environment is the top priority – 85% of retailers indicated this was a top priority for 2016
  • Improving customer engagement and the customer experience is critical – 68% of retailers indicated this was a focus for the upcoming year
  • Retailers are still occupied with payment/data security – 38% of retailers stated this was a top priority

I encourage you to download and read the complete 2016 POS/Customer Engagement Survey: https://brpconsulting.com/2016-pos-survey/.

I hope you enjoy the report and welcome any comments or feedback. Please share your comments below.

David

[i] “Buy online, pick-up in the Store. Simple, right? Not this Christmas,” Washington Post, December 20, 2015.