Will Warranty Enforcement Be Amazon Marketplace's Achilles' Heel?

When it comes to competing against Amazon, eBay or even Japan's Rakuten, one of the more challenging aspects is their third-party marketplaces, which give each a seemingly endless inventory at minimal risk. But the odds may be getting more even, as shoppers are starting to notice that some manufacturers are strictly enforcing their authorized reseller rules.

The immediate impact on shoppers is they may find that the expensive flat-screen TV, surround-sound speakers or refrigerator that looked like such a bargain on Amazon voids the warranty. The arguably-unrealistic expectation from consumer goods manufacturers—which sharply strengthens the hands of traditional e-tailers trying to fight against these third-party marketplaces—is that shoppers would not only notice the actual name of the merchant shipping the item, but would take the time to run that name on the manufacturer's site to see if they are truly an authorized reseller. Or they could just make the purchase from or and know for certain.

Top Stories


Walmart: Don’t Stop Me Before I Sue (Visa) Again

July 25th, 2012
Walmart really wants out of the $6 billion interchange settlement, and for a very specific reason: The world's biggest retailer doesn't want to be barred from suing Visa and MasterCard again. And the only way to preserve that right is to get enough big chains to bail out of the settlement.

But the real problem—Visa's death-grip on payments—isn't one any lawsuit will solve. Big retailers abandoned their store cards because taking Visa was cheaper than maintaining their own credit infrastructure. Now Visa is holding all the cards, and chains are unenthusiastic about any of the alternatives.Read more...


Can A Mobile Coupon Concept Work With The Cloud And A Single Processor?

July 25th, 2012
Around January of next year, 10 major retail chains will be testing a way to have coupons associated with a shopper's specific payment card. The reductions will then be automatically deducted from the total purchase with no effort—not even a button press—from the store associate. The trick with this trial is that the marriage of card and coupon, along with the automatic reductions, is done by the processor.

If this approach works—it's already been tested with much smaller merchants—the potential is for payment cards to be associated with anything that the full-blown digital wallets have promised: giftcards, loyalty programs, stored value, etc. Read more...


Walmart’s PIN Pads Are Hard To Use, Say Advocates For The Handicapped. They’re Not The Only Ones Who Think So

July 25th, 2012

Walmart was sued on Wednesday (July 25) by a California advocacy group for the disabled, who complained that the retail giant isn’t meeting federal or state laws because its PIN pads are too high for customers in wheelchairs to use. The complaint, filed in U.S. District Court in San Francisco, said Walmart has wheelchair-accessible PIN pads in some of its 200-plus California stores but hasn’t deployed them for the rest of its checkout lanes, forcing some customers to “stretch and strain”—or tell the cashier their PINs.

It’s not clear exactly what the solution would be—two PIN pads at each checkout lane? A swinging arm or mini-elevator that brings the PIN pad up from wheelchair height to a level where a six-foot-four customer can use it without a backache? But realistically, there’s a bigger problem: Most PIN pads are designed to be compact and secure, not easy to use for anyone. They’re hard to read, hard to use and miserable to sign for all customers, not just the wheelchair- and scooter-bound. If this lawsuit can force Walmart to find and deploy a truly usable PIN pad, it could actually make all its customers happier—wheeled and non-wheeled alike.…


The Details On A Pair Of Amazon D-DOS Crashes, Just One Presidential Term Late

July 25th, 2012

Every four years, Americans elect a President, enjoy Leap Year and watch the Olympics. And the last time those things were happening—four years ago—Amazon may not have been perfect at thwarting D-DOS attacks. But even then, it was pretty good at protecting its card data. This comes from federal documents recently unsealed, documents that described three successful D-DOS attacks against Amazon, eBay and Priceline. The first Amazon attack happened on June 6, 2008, at 10:23 AM California time and continued for about four-and-a-half hours, until Amazon fought it off. “During the attack, the bots involved in the attack requested large and resource intensive Web pages on a magnitude of 600 percent to 1,000 percent of normal traffic levels,” according to the newly unsealed federal indictment of a pair of Moscow-based alleged cyberthieves.

Three days later, starting at 10:06 AM California time, the second D-DOS attack against Amazon began. This time, it took Amazon three days to fight it off. The filing also said one of the accused was found with data for more than 28,000 credit cards. But Emily Langlie, a spokesperson with the U.S. Attorney’s Office for the Western District of Washington, said none of the cards were from Amazon, eBay or Priceline, suggesting the payment-card protections did their job.…


RadioShack Rep Used Customer Data To File False Tax Returns. Why Is RadioShack Even Still Collecting SS Numbers?

July 25th, 2012
When a Radio Shack call center representative was sentenced to prison on Monday (July 23), it was because she had pled guilty to filing false tax returns to collect refunds. The information she needed to create bogus tax returns, including valid Social Security numbers, came from Radio Shack customers with whom she had worked. But why was Radio Shack collecting and storing Social Security numbers in the first place?

Turns out the call center rep, Youlanda Rochelle Wright, was collecting Social Security numbers as part of RadioShack's then deal with Dish Networks. Given the bad publicity coming from this 6.5-year prison sentence for a onetime RadioShack customer service rep accused of ripping off her customers, it might be time to call for strict IT rules on refusing to store ultra-sensitive data, such as Social Security numbers.Read more...

Vulnerability Scan Often Says “Pass” Even If You’ve Flunked

July 25th, 2012
Take a look at your most recent PCI vulnerability scan. Do you see any identified vulnerabilities that are assigned a score of 4.0 or higher? Are you still passing? Is the "Exceptions, False Positives or Compensating Controls" column blank? If so, your approved scanning vendor (ASV) is not doing its job, and this will prevent you from passing your next PCI assessment, pens GuestView PCI Columnist Peter Spier.

Until PCI 2.0 kicked in in January, ASVs never had QSAs closely reviewing their findings and comparing those results against what they are supposed to be looking for—namely, the specs from the ASV Program Guide. The problem here is beyond having the PCI assessment not pass. Retailers will now have to go back to their ASVs, explain the problems and get them to work with chains to fix it.Read more...

JCPenney CEO: E-Commerce Is Going To Hit A Ceiling

July 25th, 2012
JCPenney CEO Ron Johnson believes E-Commerce is a toothless threat to stores. On July 18 Johnson told a conference audience he thinks that E-Commerce is like the catalog craze of the 1980s—its share of retail sales will eventually plateau, making it only a minor challenger to brick-and-mortar sales.

That theory is crucial to the century-old chain's makeover, which Johnson said will also include all-RFID sales ticketing within six months, elimination of cashwraps by the end of 2013, and a plan to combat showrooming by making 75 percent of its inventory JCPenney-only products to make direct price comparisons impossible.Read more...

Macy’s Piggybacks On Its Sound System To Locate Customers

July 19th, 2012
Macy's on Wednesday (July 18) confirmed that it is deploying Shopkick mobile marketing throughout its entire chain. Although any chain-wide move by Macy's—especially on a mobile marketing app—is worthy of note, the interesting element here is how it went chain-wide. It piggybacked on its existing store music system, which not only slashes the cost and time of such a mobile deployment but extends the wireless reach far beyond the entrances that Shopkick normally covers.

Behind this approach is a deal Shopkick cut with Mood Media, one of the largest retail in-store music providers. What this means is any chain that happens to use Mood for audio has a quick-and-easy way to offer mobile marketing. But there's a lot more to this. Those speakers can also offer in-store geolocation.Read more...

Walgreens First To Map Every Store In A Mobile App. Now If Customers Just Knew About It

July 19th, 2012
Walgreens on Tuesday (July 17) announced that it has become the first national retailer to map all of its stores in a mobile app. That would certainly be good, were it not for the fact that it's unlikely many of Walgreens' customers will ever know about this.

That means no signage telling customers about it, no references on the retailer's Web site (and certainly not its homepage), no marketing, no reference in E-mails to customers and no associate training so that at least they can tell customers. The mobile map app itself doesn't even have Walgreens' name, so if a customer using either an Apple or an Android smartphone went searching for Walgreens, he or she wouldn't find it. The only way to download the Walgreens map app is for a shopper to happen to know to search for the vendor's name.Read more...

PIN Pad Pong: Is Verifone Playing Games With German POS Security?

July 18th, 2012
The most popular PIN pad in Germany may have a major security hole—at least that's what a German security lab says. Verifone insists it can't reproduce the problem. In response, the researchers on July 12 went public with a demonstration on German TV in which a PIN pad was hacked to turn it into a Pong game. Yes, it looks like this started by being about security, and then about money—now, it's personal.

The problem with this needle match is that what sticks in the minds of consumers is a PIN pad playing Pong—and with that image, who can take payment security seriously?Read more...

Amazon Same-Day Delivery? Stores Not The Target

July 18th, 2012
This week saw a wide range of media reports stating that Amazon, thanks to its recent state tax deals, may offer shoppers same-day delivery and that this, as one Slate headline said, "will destroy local retail." Just a few problems: First, the tax deals are years in the making and have little to do with this. Second, no, Amazon offering same-day delivery won't mean the end for almost any retailers. How do we know? That's the third point: Amazon has already been delivering products same day—for more than three years.

There are a lot of interesting twists involved in this same-day delivery strategy—including some unusual ways one Amazon insider said the master site could deploy it—but there's a bizarre trend here.Read more...

Amazon’s Latest Pricing Glitch: What Will It Take For Third-Party Controls To Be Put In Place?

July 18th, 2012
On Tuesday (July 17), a wide range of third-party products on Amazon showed special pricing: one cent. The pricing glitch was, yet again, caused by some third-party integration and a coding error. How many third-party hiccups will Amazon—not to mention every other major E-Commerce site—suffer prior to putting in place serious checks before partners can do some serious damage to Amazon fundamentals?

A lot of Amazon sellers will have a lot of cleanup to do, but there's a bigger issue here. Customers who go to Amazon had their orders canceled and, third party or not, that's going to undermine their faith in Amazon. Buying from a third party on Amazon's site is supposed to be the best of both worlds: a chance to give business to small players while enjoying the security and reliability of the Amazon environment.Read more...

Best Buy’s Security Alert: Good Letter, Lousy Link

July 18th, 2012
If there's an art to warning E-Commerce customers about security problems, Best Buy may need a course in Remedial Security Finger-Painting. This month, the chain sent an E-mail to an unknown number of its online customers warning that logins and passwords stolen from other sites were being used in an attempt to hijack accounts. But the letter managed to convince at least some customers that the E-mails were phishing spam.

The problem: Links in the letter that customers were supposed to use to reset their passwords—but those links clearly weren't going to The irony: In trying to fix a situation where customers' passwords were stolen for bad purposes, Best Buy's letter was inadvertently crafted such that it looked like an attempt to steal customers' passwords for bad purposes.Read more...

If Apple Can’t Stop One Fraudster, Can It Ever Challenge Visa?

July 18th, 2012
Apple's status as the Great Fruit Hope for alternative payments took a hit this week, after it failed to stop a Russian hacker who broke the iPhone's security for many in-app purchases. It's roughly the equivalent of customers somehow tweaking their payment cards, and then swiping them at an in-store PIN pad, which tells the POS the transaction has gone through—except the card is never charged.

Apple's billion-dollar third-party payments business takes a larger than Visa cut, sets less flexible than Visa operating rules, and then offers less help than Visa in securing transactions. And this is the company that's supposed to rescue retail from Visa's interchange rates?Read more...

The Interchange Settlement: Cards Won

July 18th, 2012
The major interchange fee settlement deal between Visa, MasterCard and various retailers and other industry players was huge, in that it was the result of the big showdown retailers have awaited for years. Winner: card brands. It's not hard to judge the winner of such an event, simply look at the statements both sides issued afterwards.

Moments after the settlement was announced on July 13—by the way, the deal being announced on Friday The 13th was just the first of many bad omens—all of the players had their say.Read more...

How Real Are Facebook Likes? It Turns Out Not Real At All

July 17th, 2012

Just about everyone involved in E-Commerce knows deep down that social media “Likes” are not indicative of anything and that even most consumers are not impressed with lots of Likes. But it’s nice to see concrete proof every now and then. And so a report on July 13 was quite interesting. The BBC piece described an experiment where a reporter created an entirely non-existent business, which he called Virtual Bagel, with a tagline “We send you the bagels via the Internet. Just download and enjoy.” The reporter observed, “Seems like nonsense. Surely, nobody is going to be interested in that.”

Well, some 3,318 Facebook Likes later, the BBC found that the Likes were coming overwhelmingly from Malaysia, India, Indonesia and Egypt with almost none from the U.S. and the U.K. “People in certain parts of the world are incredibly keen to click, for no apparent reason, on random” sites such as the bagel “imaginary business,” the BBC report said. When it comes to exposing the absurd claims of social site Likes, I think it’s safe to say I like this BBC report.…

With Mobile In-Store Apps, Will Reliable Beat Sexy?

July 12th, 2012
In the latest round of in-store mobile app vendor battles, the goal seems to be to capture the title of easiest to use. That's an ideal goal, but "easy" is a word that in tech circles has a deliciously paradoxical nature. The easier and more intuitive an app is, the more sophisticated and complex is its programming. That generally means there's a lot more that can—and will—go wrong and glitch.

A company called QThru, for example, is making waves with a mobile app that handles product identification and completes mobile payment through scanning an old-fashioned barcode. Its claim to fame: that the app identifies the product within two seconds even when the hand holding the phone (which is taking the picture of the barcode) and the hand holding the product with its barcode are both shaking and when the barcode is incorrectly positioned.Read more...

Is JCPenney Dumping The Datacenter?

July 12th, 2012
JCPenney's IT layoffs announced on Tuesday (July 10) aren't just the next shoe dropping after the 1,100-store chain's COO publicly shredded its IT operations in May. The job cuts—which now represent more than one out of every four headquarters IT staff, according to JCPenney sources—also signal that the retailer is preparing to dump a huge part of its current IT operations without necessarily having anything ready to replace it with.

The purge also sets the stage for the chain's "new technology platform" that CEO Ron Johnson said will be announced in August. From all indications, the focus will be on mobile and in-store, not the datacenter.Read more...

Best Buy’s Customer Satisfaction Problem: How To Measure Happiness

July 11th, 2012
Best Buy has been busy telling investors of its plans to give bonuses to store associates when good customer-service scores are found, in addition to bonuses for strong sales. At a glance, this is commendable and could be a sign the chain now understands that the only true way to fight showrooming—and, ultimately, to survive at all—is through much happier customers.

But dig deeper into the vague statements and it's unclear if any of those happy conclusions are warranted. It might be that the only meaningful bonus involved here is the one Best Buy had hoped Wall Street would give it for even talking about customer-service score bonuses.Read more...

Google Burned By Partners To The Tune Of $22.5 Million

July 11th, 2012
Hidden in Google's $22.5 million deal with the FTC to settle a Web-privacy failure involving Apple users is a reminder to online retailers about just how messy the E-Commerce game is: Lots of players are involved in every transaction, and any one of them can change the rules at any time.

Sure, this is chump change to Google, customers don't care much about privacy and you're not Google. But the same dynamic could leave any E-Commerce site with holes in security or PCI compliance, especially because your carefully vetted procedures can get sidestepped as soon as an emergency fix is required—and any glitch qualifies as an emergency.Read more...

Amazon Lockers: When Urban Dwellers Find Home Delivery Really Inconvenient

July 11th, 2012
Amazon has been expanding its network of Amazon Lockers—relatively secure holding areas for Amazon packages in the middle of stores—in the U.S. since last year. They were initially limited to New York, Seattle and Washington, D.C., and inside chains including Rite-Aid and 7-Eleven. The concept has been picking up considerable traction in the U.K., though And one key reason is that package delivery is more problematic there.

The home-delivery problem for E-Commerce is hardly only a British issue; it is an apartment and city issue. But the fact is that a huge percentage of the E-Commerce decision-makers in this country do not live in apartments or urban areas.Read more...

iPad As Kiosk? That’s Not As Elegant An Idea As It Sounds

July 11th, 2012

Maybe Apple can’t dominate every in-store device niche after all. A blog discussion at KioskMarketplace this week has kiosk developers debating whether the iPad’s lack of wireless-only connections, relative screen fragility and regular need to be reset makes it a poor choice for kiosk conversion. (The original July 2 post is headlined “iPad kiosks: The cheap, unreliable kiosk solution.”)

As commenters to the post point out, there are workarounds to some of the technical problems (though not to the persistent problem of Apple’s lack of enterprise support). But with a burgeoning crowd of iPad-to-kiosk vendors and given the fact that lots of chains are looking hard at such as approach, it’s worth asking how much of the vaunted Apple experience customers will get from an iPad buried in a kiosk. Customers won’t get to handle it or switch between apps—from their point of view, it’s just another touchscreen running a single kiosk application. Which may make iPad conversions just not worth the trouble for retail chains. But who knows? Maybe Apple has finally found a retail use for the Macintosh: as an oversized iPad emulator.…

Will Cloud Complexity Be The Death Of Us All?

July 11th, 2012

As retailers are embracing cloud computing more, they are rapidly discovering there’s plenty of bad to go with the good. And the complexities and unanticipated gotchas are making the cloud experience decidedly less than thrilling. Four recent incidents beautifully illustrate those gotchas.

The cloud is still a wonderful experience. But its nirvana-like reputation is now coming down to Earth a bit, we argue in our July column for Retail Week. The column resides here at Retail Week, but those who have yet to subscribe to the U.K.’s largest retail publication (for shame!), we have a copy here, too.…

U.S. Appeals Court Gives Retailers Fraud Loss Victory

July 10th, 2012
In a decision that has huge implications for retail chains, a Federal Court of Appeals ruled on July 3 that a contractor in Maine could successfully sue its bank for losses from a hacked bank account. The problem is that many of the "thefts" of money from retailers don't occur at the bank itself. A hacker may attack the retailer's computer, obtain user IDs and passwords, and then log into the bank's computer either using the stolen credentials or even logging in from the compromised computer itself. To the bank, it sure looks like the login came from the retailer.

Once the bad guy gets in, it's only a few keystrokes to wire transfer all of the account funds to a waiting account in Latvia, Bulgaria or wherever, writes Legal Columnist Mark Rasch. The retailer only learns of the transfer later, when the funds are gone. Who eats the cost of that loss? Read more...

New PCI Rules Will Force Retailers To Set The Risk Level

July 10th, 2012
One key change in the new PCI rules—which took effect July 1—is Requirement 6.2. It states that merchants and service providers must "establish a process to identify and assign a risk ranking to newly discovered security vulnerabilities." What changed from the previous PCI version is that it is the merchant or service provider who develops the risk ranking, writes PCI Columnist Walter Conway.

This change generated a lot of discussion and anxious questioning when the Council unveiled it at the 2010 PCI Community Meeting. The Council's intent was to give merchants flexibility in identifying and ranking risks based on their own industry and operating environment. The tone of the questions from the floor, however, challenged whether merchants had the security knowledge, expertise or even the time to assign these risk rankings.Read more...


StorefrontBacktalk delivers the latest retail technology news & analysis. Join more than 17,000 retail IT leaders who subscribe to our free weekly email. Sign up today!
Our apologies. Due to legal and security copyright issues, we can't facilitate the printing of Premium Content. If you absolutely need a hard copy, please contact customer service.