Emerging Retail Technologies Aren’t without Challenges
Emerging shopping platforms and services promise to help retailers open the door to new customers while building stronger and deeper bonds with existing customers.
Yet every one of these systems must be carefully planned, fully tested and intelligently deployed. Detailed planning and thorough testing ensure that a new system meets its performance goals and is fully compatible with the current IT infrastructure and existing business processes. Problems, when they arise, must be dealt with quickly and logically in cooperation with the system’s vendor and other relevant partners.
Planning and testing: Project planning begins as soon as the retailer identifies the need for a specific solution, such as the deployment of a mobile shopping app or the installation of a digital signage system. All key stakeholders should be involved in the planning to ensure that current and future needs are addressed across the board.
Once planning begins, the next step for many retailers is finding a knowledgeable technology partner to work with. A partner must have the insight and experience to guide the project through to its successful deployment. Working in close collaboration, the retailer and technology partner jointly define the project’s requirements, goals and deadlines.
Integration: To reduce the possibility of creating disruptions, a new technology must be completely integrated into the retailer’s existing systems. Front-end retail solutions, such as point-of-sale (POS) stations and self-service kiosks, must be fully supported by the retailer’s back-end technology, including servers, storage systems and wired and wireless network infrastructures, as well as software such as an enterprise resource planning solution.
Hardware and software compatibility issues are a leading cause of integration problems. It is not unusual for a retailer to implement new software or hardware only to discover that it is not compatible with the existing IT infrastructure, or that current systems are not robust enough to support it. The retailer must then allocate additional workforce and financial resources to an unanticipated data center upgrade. Retailers can avoid this unpleasant surprise by working closely with a technology partner and vendors to determine software requirements long before deployment.
Failing to accurately anticipate future demands on the back-end infrastructure created by emerging technologies, as well as trends ranging from rising sales volumes to expanding databases, can lead to performance issues that slow down business processes and can potentially anger customers. Careful planning can help a retailer avoid such problems.
Security: Virtually every technology a retailer adopts creates a new security concern. Websites, wired and wireless networks, mobile devices, payment systems and other digital platforms and services must be protected against internal and external threats. Attackers will take advantage of any security oversight or loophole to target business and customer accounts, potentially creating significant financial and reputational damage to the parties affected.
To protect business and customer data, retailers should never store credit card information in the front end of a POS system, where it is vulnerable to being hacked. If a payment system stores credit card information in the cloud, it should be protected by a provider that uses security certificates.
Retailers should also ensure that payment card information goes directly from the card reader to the payment processor. A device running point-to-point encryption will ensure security by transmitting encrypted card data straight to the payment processor.
Network security technologies: Because attackers routinely use networks as pathways to compromise servers, POS systems, mobile payment platforms (such as smartphones) and other connected devices, retailers should take steps to protect their network infrastructure.
Firewalls, particularly next-generation firewalls (NGFWs), are important network safeguards. NGFWs, which are essentially integrated network security platforms, use advanced technologies such as website filtering, intrusion prevention algorithms and deep packet inspection to protect networks against attacks and infiltration. Other important network security steps include the deployment of commercial anti-malware protection tools (including security and incident event monitoring) and implementation of a vulnerability management program. Retailers also should invest resources into employee training in security practices as well as the creation of an incident response team that can immediately react to intrusion alerts.
Fortified network and device access and authentication tools are also essential to prevent an attacker from directly accessing POS systems and other devices, either from the Internet or from within a retail store. Servers, POS systems and other key IT assets also must be physically secured to prevent both unauthorized access and tampering.
Payment card security: Compliance with the Payment Card Industry Data Security Standard (PCI DSS) is essential for all retailers that accept payment cards, whether online or offline, because it provides the best approach for keeping customer payment card data secure. PCI DSS was created jointly in 2004 by four major credit card companies: Visa, MasterCard, Discover and American Express.
The standard specifies a minimum set of requirements for protecting cardholder data that may be enhanced by additional controls and practices to further mitigate risks. PCI DSS applies to all entities involved in payment card processing, including merchants, processors, acquirers, issuers and service providers, and all other entities that store, process or transmit cardholder data.
Payment card security can also be built into the actual cards that customers use. Determined to reduce payment card fraud, European retailers joined together several years ago to develop and deploy EMV (EuroPay, MasterCard, VISA), a system that uses a computer chip instead of a magnetic strip to store cardholder data. With EMV, cardholders enter a personal identification number rather than a signature for verification.
EMV cards provide a far more secure purchasing technology. The chip embedded on an EMV card generates a fresh code for each transaction, rendering stolen data useless.
After years of holding back, more U.S. payment card providers are now issuing EMV cards to their customers. As a result, U.S. retailers are now rapidly adopting EMV terminals and EMV-compatible POS systems to process customer payments.
Learn more by downloading the white paper, "Driving Retail Success With Technology Innovation."
