Survey: Retailers’ top IT priority is payment security

CHAIN STORE AGE – Survey results released by Boston Retail Partners found that the top IT priority for retailers in 2015 is focused on improving payment security, and protecting the confidentiality of sensitive information. For the first time in 16 years, more than 63% of the retail respondents in the BRP 2015 POS/Customer Engagement Benchmarking Survey indicated that payment security is among their top priorities for 2015.

Read the full article: Survey: Retailers’ top IT priority is payment security

Transitioning to EMV: Smart and Simple Tips for Getting Ready

VEND BLOG – If you’re a US retailer, then you’ve likely heard about the country’s transition to the more secure EMV (Europay, MasterCard, and VISA) payment standard. Consumers will soon be using chip-and-PIN cards instead of the traditional magnetic stripe (aka “swipe-and-sign”) cards at checkout, and beginning October 1, 2015, retailers who haven’t geared up for the technology will be liable for fraudulent costs incurred through EMV cards.

We decided to get into more detail about the steps you need to take to successfully make the switch.

In this blog post, you’ll find additional information on the right EMV equipment and what you need to do to ensure that you get the technology on time. We also give you a closer look at the distinctions between EMV and magnetic stripe cards, and share tips on how you can best educate your staff and customers about the technology.

Read Blog Post: Vend Blog

Don't be fooled by these 6 data breach myths

CREDITCARDS.COM – Another day, another data breach. Amid a steady stream of headlines about data thefts at large retailers and banks, exasperated Americans are starting to tune out the latest data breach news even if it involves millions of credit and debit cards. This article includes quotes from Perry Kramer, Vice President at Boston Retail Partners.

Seeking Retailers’ Opinions – 16th Annual POS and Customer Engagement Survey

Customers want a personalized seamless shopping experience – we all know that – but what does that mean for retailers? What are retailers doing to offer their customer the shopping experience she wants, when and where she wants it? These are some of the areas that BRP’s POS/ Customer Engagement Benchmarking Survey addresses this year.

This is our 16th year for this industry-leading survey and it is interesting how the survey has changed through the years.  When we first started the survey, we asked questions about “cash registers” and whether retailers were looking at expanding to the Internet. Now we are asking retailers about offering customers the ability to use her own mobile phone to purchase items in the store! And with pervasive data breaches impacting all retail segments, payment and data security has become a retail imperative.

In addition to the core questions on traditional point-of-sale hardware and software, the survey has continued to expand into the key topics that are top priorities for retailers, including:

  • Customer experience and personalizationSuvey Checkboxes with Computer Mouse 01
  • Mobile POS
  • Virtual POS
  • Payment security
  • Order management
  • Unified commerce

Please share your opinions

Our POS/Customer Engagement Benchmarking Survey is open now so please take a few minutes and give us your thoughts today:  TAKE SURVEY HERE.  The results of the survey will be compiled and analyzed and we will release the final report at NRF’s BIG Show on January 11th, 2015.  If you are planning to attend NRF please plan on stopping by Booth #1230 to say hello to all of us and find out what retailers are doing now and in the next few years to engage the customer and personalize the shopping experience.

We appreciate your input and look forward to seeing you at NRF.

McDonald’s needs right message, products along with mobile to drive sales

MOBILE COMMERCE DAILY – McDonald’s is a mobile marketing leader but with same-store sales dropping 3.3 percent in the most recent quarter, the chain’s experience highlights the need for mobile to be paired with the right message and products to be successful. Includes Quotes from Brian Brunk, Principal at Boston Retail Partners.

Three tips to block hackers

INSIDE RETAIL ASIA – The threat to retailers’ data security has never been higher – but there are effective means to reduce the risk of being hacked. Includes insights from a recent BRP white paper: “Best Practices and Tools to Thwart Hackers and Protect Customer.”

Boston Retail Partners recommends EMV compliance, tokenization

CHAIN STORE AGE – Between April and June of 2014, the retail sector led all industries in data breaches with 145 million records, or 83% of the total records compromised, costing retailers $195 per record apprehended. In response, Boston Retail Partners has released recommendations for data security best practices.


Thwart Hackers and Protect Customer Payment Data with the Right Tools

In the wake of major data breaches this year at Target, Home Depot, and JPMorgan Chase & Co., retailers are being forced to reexamine their policies surrounding data and security. Simply being PCI compliant is no longer enough – was it ever? Enhanced measures are necessary to adequately defend against malicious attacks by sophisticated hackers.

DataSecurityWP_CoverArmed with our experience and expertise in retail payment security, we recently published a white paper entitled Best Practices and Tools to Thwart Hackers and Protect Customer Payment Data.” This blog post will highlight the key points contained in the white paper, though the white paper should be referenced for an in-depth analysis on this topic.

Growing prevalence of data breaches

Approximately 43% of all companies experienced a data breach in the past two years. Further, Between April and June of 2014 the retail sector led all industries in data breaches, with 145 million records or 83% of the total records compromised. This has resulted in depleted consumer confidence, devalued brand reputation, and most damaging of all lost sales. Case in point Target, who was negatively impacted to the tune of $148 million. The market for and value of stolen data has grown, incentivizing hackers to devise new ways to steal sensitive consumer data for profit. Retailers must evolve in pace with technology to reduce their risk of exposure.

A multi-tiered approach is vital
A security approach that employs separate but operationally conjoined layers of protection is a retailer’s most powerful line of defense. Industry best practices dictate implementation of the following:

Numbers Word Cloud 01

  • Single encryption point at the time of card swipe or data entry and a single decryption point at the processor (E2E) and;
  • Tokenization at the earliest point possible outside of the environment and for all data at rest
  • EMV technology to validate the card authenticity (for in-store purchases);

Unified commerce hurdles

One of the biggest challenges will be deploying a strategy that provides adequate protection without quashing progress that has been made in unified commerce.

As customers exceedingly desire a seamless retail experience, this will remain a struggle for retailers who desire to innovate yet are held back by technological constraints. Implementation of a best practice strategy can help retailers navigate this sphere effectively.

I encourage you to download the white paper to see our “6 Quick Hit Protective Tactics” and more details on payment security practices.

A top priority for all retailers must be to examine the adequacy of current information security practices. Retailers’ need to budget resources and funds to identify and implement measures that will protect the valuable consumer data your organization processes every day.

Do you have a comprehensive inventory of all sensitive data and a prioritized plan, which involves your vendor partners, to address all of the risk points associated with this data?

I am interested in any feedback or suggestion you have on this topic, including strategies and tactics that are working well for you. Please enter your comments below.


How will Apple Pay impact retail?

BRP_Insights_Apple_PayWith the recent introduction of the NFC enabled iPhone 6/6+, many of our clients are interested in how, or if, its new proprietary Apple Pay app will impact retailers. To help answer some of these burning questions, we recently published our thoughts on Apple Pay in a document titled “BRP INSIGHTS: How will Apple Pay impact retail?

This blog post will touch on some of the key points of this document, but is not as comprehensive, so I encourage you to download and read the entire paper.

Low Market Acceptance of NFC and Mobile Wallets

NFC and mobile wallets in general have struggled to gain acceptance and adoption in the U.S. Will the introduction of the massively publicized Apple Pay be the catalyst to drive retailers and consumers to embrace NFC payments?

Apple’s loyal followers, who are typically quick to adopt new technology, will likely help accelerate the learning curve and acceptance of NFC payments. Apple Pay has the strong likelihood of being the tipping point for adoption of NFC-based payments and will probably become an early NFC leader in the US.

The advanced security of Tokenization will help

Despite the public’s trust being nearly obliterated with the Target and Home Depot security issues of late, the tokenization processes which Apple Pay will use to protect data will help alleviate the growing consumer concerns with credit card and data security.

How will Apple Pay impact traditional retailers?

There will be a very slow but steady impact on retailers that will depend on several factors:

  • Consumer demand for faster transactions – With the impending implementation of EMV in the U.S., consumers may need to leave their cards inserted in a payment terminal for 6-10 seconds. In contrast, NFC based transactions may be quicker based on a retailer’s implementation. Once consumers begin demanding faster payment processing, NFC payment adoption will accelerate.
  • Consumer inertia – NFC will receive a boost with Apple championing the technology, but this will be a slow process of building demand for something most consumers have zero bearing on. Consumers need an incentive to change.
  • Retailer capital investments – Many retailers are not clamoring to make capital investments in the NFC compatible hardware and certification process.
  • Potentially greater impact on online retail – Apple Pay will provide online shoppers an alternative to Google Wallet and PayPal, which in turn may spur special deals and lowered transaction fees as these entities battle for market share.

The actual impact of Apple Pay on retail remains to be seen, but it will certainly be interesting to see how it unfolds.

I welcome your opinions on this topic. Please share you comments below.

Data Breach Costs Reach Galactic Proportions

The Target breach could cost more than $1 billion!

There is no single solution to the challenge facing retailers!

This isn’t a joke….

According to John Kindervag, the vice president and principal analyst with Forrester Research, “I don’t see how they’re getting out of this for under a billion, over time,” he said, adding, “$150 million in a quarter seems almost like a bargain.” The New York Times, August 5, 2014

And Costs in the US are among the highest in the world!

Based on an independent study conducted by Ponemon Institute, consolidated findings show that malicious or criminal attacks are the most costly data breaches incidents in all nine countries. US and German companies experience the most expensive data breach incidents at $277 and $214 per compromised records, respectively.

Protect your data. Protect your customers. Protect your brand. Protect your job.Credit-Card-with-Chains-and-Lock-01-1024x854

Data security is the most important issue facing retailers today. One of the foundational principles of security is to take a layered approach. An integrated approach of combining Tokenization, EMV, and Network Segmentation is the best way to reduce a company’s risk. Anything less than all three leaves a company at the top of the target list for criminals.

Remember the intangible Costs when prioritizing your security initiatives

That’s obvious, but not everyone realizes the indirect effect data breaches have beyond the tangible costs. The impact on customer perceptions and purchase behaviors for brands that have highly publicized breaches have significant costs that could potentially exceed the tangible costs. Oh, and by the way, don’t forget that many breaches result in “key” individuals getting fired!

When evaluating and implementing changes in this rapidly changing area rely on industry experts to assist in the development of short-term and long-term designs.