Will Warranty Enforcement Be Amazon Marketplace's Achilles' Heel?

When it comes to competing against Amazon, eBay or even Japan's Rakuten, one of the more challenging aspects is their third-party marketplaces, which give each a seemingly endless inventory at minimal risk. But the odds may be getting more even, as shoppers are starting to notice that some manufacturers are strictly enforcing their authorized reseller rules.

The immediate impact on shoppers is they may find that the expensive flat-screen TV, surround-sound speakers or refrigerator that looked like such a bargain on Amazon voids the warranty. The arguably-unrealistic expectation from consumer goods manufacturers—which sharply strengthens the hands of traditional e-tailers trying to fight against these third-party marketplaces—is that shoppers would not only notice the actual name of the merchant shipping the item, but would take the time to run that name on the manufacturer's site to see if they are truly an authorized reseller. Or they could just make the purchase from or and know for certain.

Top Stories


Is Carrier IQ A PCI Problem? (Hint: The Answer’s Yes.)

December 7th, 2011
Most of the uproar over Carrier IQ and its monitoring software installed on many smartphones has focused on conventional privacy worries—whether an outsider is capturing and storing sensitive private information. But a bigger concern for retailers might be the fact that Carrier IQ can reportedly broadcast payment-card numbers unencrypted over Wi-Fi as the numbers are being entered by online customers or in-store associates.

Never mind whether Carrier IQ or the mobile operator is keeping this information. If it's merely being transmitted unencrypted, a thief monitoring a store's wireless networks might be able to scoop it up in transit.Read more...


Best Buy’s Cloud: Wild West Gives Way To Making The Same Data Mistakes Again

December 7th, 2011
Many chains have seen the cloud as a nice way to get unlimited data storage on the cheap. But Best Buy's initial cloud efforts revealed something much more fun: a lawless area where IT management didn't have any rules.

A funny thing happened, though: "Everybody has always said that if we could do the datacenter over again, we'd make no mistakes and everything would be perfect. It would be this incredible Utopian datacenter, except that we're all making the same mistakes that we made in the datacenter originally, because you go to the cloud like the Wild West," said Thomas Kelly, Best Buy's enterprise architect for cloud services.Read more...


Starbucks Reports 26 Million Mobile Transactions, A Good Sign Of Consumer Mobile Comfort

December 7th, 2011
Starbucks on Tuesday (Dec. 6) released select mobile transaction stats for 2011, showing some 26 million mobile transactions. More meaningfully, the chain said it had tracked $110.5 million reloaded via the mobile app, which is a tiny percentage (4.6 percent) of the $2.4 billion put onto Starbucks Cards through non-mobile means.

The Starbucks mobile app merely displays the same barcode that exists on the customer's plastic Starbucks Card. That means there is no wireless transmission, nor are any meaningful changes to the POS or card-swipe required. It does, however, require a change-of-behavior from the customer, and that might be the hardest and most valuable element.Read more...


The Unexpected Benefits of Tokenization

December 7th, 2011
One of the biggest benefits of tokenization might be the implementation process itself. That is, while using properly constructed tokens can reduce a merchant's PCI scope, the process of planning, designing and implementing can produce significant benefits, too. One result from tokenization is restricting the further spread of cardholder data throughout the enterprise. Another is that the implementation process gives you a running start in complying with PCI version 2.0.

PCI Columnist Walter Conway argues that tokenization requires a lot of work to implement. It would be a shame to not take full advantage of that work and the benefits that come from it.Read more...


Cutting Edge Is The Last Place A Retailer Wants To Be, In Terms Of Tracking Mobile Shoppers

December 7th, 2011
The ongoing debate about how far retailers can—and should—go when tracking customers through their mobile devices is getting confused, thanks to the illegal misinterpretations made by some of the vendors pushing these approaches.

But Legal Columnist Mark Rasch wants to be clear: Be ahead of the curve in tracking consumers, and do it before case law and legislation have a chance to play themselves out, and you could find yourself with legal headaches for years—potentially having to somehow remove all of that ill-gotten data from your systems.Read more...

Wal-Mart’s Shopycat Facebook Sends Customers To Other Sites—Really Rarely, Though

December 1st, 2011
Wal-Mart on Thursday (Dec. 1) officially rolled out its Shopycat Facebook app, which lets consumers see WalmartLabs-fueled gift suggestions for all of your Facebook friends, based on their posts and stated likes/dislikes. Wal-Mart said that "Shopycat is designed to trigger gift ideas for friends ranging from music, books and movies to games and electronics, making gifting more fun and saving on time and the pressures of discovering the perfect gift." About time that someone put an end to this pressure to find the perfect gift. Effort, thought and attention are simply making America weak. When I think gifts for loved ones, I think compromise and just get it over with. (And yes, that fits in so well with the image that Wal-Mart is trying to shake.)

The idea is indeed interesting, as the Wal-Mart algorithms have already done the work of predicting what would be desirable. Then again, does it factor in that something of strong interest to someone has likely already been purchased by—or for—them? One nice touch about Shopycat is that it doesn't technically limit its suggestions to and Wal-Mart stores. But testing on the app certainly shows that the overwhelming majority of choices are—coincidentally—only on more... Dumps Clever Idea—And Survives Black Friday

December 1st, 2011
The biggest E-Commerce surprise of Black Friday was probably what didn't happen: The problem-plagued didn't crash. Despite an absent E-Commerce chief for six weeks before the big day, and what some saw as a half-hearted defense of the site by Target's CEO on an earnings call, the chain's online store weathered the Black Friday-Cyber Monday weekend with just some performance degradation—about the same as other major E-tailers.

The most likely reason it survived: deep-sixed its clever but ill-fated experiment in limiting the number of customers who could be on the site at the same time.Read more...

When Will Mall Tracking Make Sense? When It’s Not Anonymous

November 30th, 2011
Maybe using mobile phone signals to track customers isn't looking so sweet after all. On Monday (Nov. 28) two U.S. shopping malls said they stopped using a people-tracking system that used mobile signals, after the malls' developer got letters from U.S. Sen. Charles Schumer (D-NY), who threatened to call in the Federal Trade Commission to investigate privacy issues. That's despite the fact that the system is designed to be anonymous—and the system's legality is untested.

There are some ironies in all this. One is that, with all the genuinely invasive customer-tracking technologies online and even in malls, the mobile signals used in this one really are anonymous to everyone but the mobile phone operators. Another is that if the system were actually targeting individual customers and the data were used by store associates, it might actually be more palatable to shoppers. After all, when location data is anonymously collected, it feels creepy. But when an associate knows you've already been to Wet Seal and Nordstrom, that just means she knows your tastes and can serve you better—or at least it feels that way.Read more...

In The Dillard’s/JDA Software Settlement, Details Of Sleazy Vendor Practices Come Out

November 30th, 2011
Late on Wednesday (Nov. 30), the 11-year-long battle between the 288-store 29-state Dillard's chain and JDA Software/i2 finally closed, when JDA agreed to write Dillard's a check for $57 million. The vendor's check was to compensate Dillard's for what were allegedly lies the software company used when selling a supply chain system. But the filings in the case provide a rare look into how software companies regard sales tactics and it’s essential reading for all IT execs before their next meeting with any software sales rep.

Quick background: JDA was not involved in this matter when the sale was made in 2000 and is only now involved because JDA bought i2 in January 2010. In June 2010, the case went to trial and a Texas jury awarded Dillard's $237 million. That's an impressive amount given that Dillard's had only paid $2.4 million for the software. JDA/i2 appealed and Wednesday's settlement happened while the appeal was still processing. Dillard's position has been that JDA lied to them during the sales process and that the $6.1 billion chain didn't receive the value the vendor had promised.Read more...

Google Wallet Doesn’t Need Operators’ OK—And That Could Mean A Fight

November 30th, 2011
When it comes to mobile payments, mobile operators may already be losing control of their money-handling dreams—to Google. Tinkerers have now figured out how to run Google Wallet on Samsung's Galaxy Nexus—an Android phone from Verizon that isn't supposed to be running Google's mobile wallet service. Some Verizon users were able to install their own Citi payment-card information in Google Wallet, and even collect the $10 credit for the Google prepaid "card" that comes with the service.

Those tinkerers didn't actually hack Google Wallet—they just changed settings on the phone to let it run Google's payment application. And for now, this isn't something ordinary customers would likely do. But the tinkering did demonstrate that Google doesn't need a mobile operator's cooperation to run Wallet on an Android phone. If telcos push back and try to block Google Wallet, that could create a new fight at the POS—with retailers caught in the middle.Read more...

Google’s Retail Experiment With In-Store Location Is Encouraging, But Needs Much More Fine-Tuning

November 30th, 2011

When Google on Tuesday (Nov. 29) announced a retail program for inside product tracking—with initial trials from Home Depot, Macy’s, Bloomingdale’s, IKE, Japan’s Mitsukoshi plus the Mall of America—it offered a relatively easy path for in-store navigation for retailers. But it also hasn’t licked the most daunting challenge: location precision. Google’s not even claiming location accuracy of better than “within several meters.”

The Google program, initially limited to Android phones, works by getting detailed floorplans from the retailer. Once the system detects the consumer has entered that address, it defaults to that map and then uses in-store tracking to show the customer’s location compared with product aisles. But “several meters” could be dozens of feet in either direction (the term “several” has deliciously vague. Merriam-Webster helpfully defines it as “more than two but fewer than many”). The altitude feature is supposed to know which floor you’re on and to display the correct floor map—that’s a nice touch—but without more finetuning, it will have trouble navigating someone to the right aisle, let alone within that aisle, as Meijer recently discovered.…

JCPenney Uses Mobile As A Clever Way To Track Where Gifts Go

November 30th, 2011
The elves at JCPenney have come up with something rather clever: a mobile app that allows for gift recipients to hear custom voice messages from a gift-giver. And a program that packs a multi-layered CRM data-collection punch. The recipient scans a QR code that is taped to the gift and instantly hears the gift-giver's voice relaying a holiday-friendly message. (In my family, it would something sweet like "Here are the ^#&! gloves you wanted. So where's the $50 you borrowed from me?")

The reason this idea has such potential is the chain is using the mobile device solely as a tool, where both JCPenney and the app quickly get out of the way and let the recipient and the gift-giver truly communicate. From a CRM perspective, it's clever for JCPenney because they set it up to force the system to call the gift-giver back to record the message. Therefore, the chain can gather lots of mobile numbers for later messaging use and, depending on future tracking purposes, perhaps much more through in-store interactions. The first step, though, is to collect those numbers and this is a wonderfully innocuous way to start.Read more...

Pizza Kiosk Raises Creative In-Store Options

November 30th, 2011
The mundane underappreciated customer kiosk has been undergoing some radical changes recently. Among the most far-reaching and/or strangest: one that serves live crabs, offers ice cream in exchange for a literally measurable smile, a porn kiosk that asks a lot of specific questions and promises privacy protections, a Pepsi social kiosk that allows you to buy soda for strangers, a convenience store sandwich machine that uses privacy to boost sales, a wine kiosk that detects if you're already drunk and a machine that measures customers for custom suits.

But this new kiosk out of Europe may just take the record (although that live crab-dispensing kiosk is pretty hard to beat). It makes pizza—from scratch. This thing shows customers its realtime process of kneading dough, forming the round, adding tomato sauce and toppings and then baking it—all in three minutes. A kiosk that creates and delivers a fresh pizza may not play well in every retailer environment, but it's worth a shot. Honestly, Nordstrom, would a pizza kiosk in your aisles really kill you?Read more...

Despite The Hype, E-Commerce Sales Stats From This Holiday Season Show Flat Percentage Growth

November 29th, 2011
Amidst all of the reports this week detailing record-breaking revenue for the start of the holiday shopping season, one critical point has been overshadowed. While E-Commerce sales have indeed been strong, the rate of increase has been essentially flat for the third year in a row. Indeed, the rate of increase of sales this year is projected to be lower than either of the other two most recent years. EMarketer's comparison stats only go back to 2007, showing a 19.4 growth in 2007's holiday season, an unusual drop in 2008 (-7.8 percent) and then three similar growth stats for 2009( 16.9 percent), 2010 (17.4 percent) and 2011 (16.8 percent). On the happy side, in this economy, a steady 16-17 percent annual growth rate is pretty nice. And given the steady (other than 2008) E-Commerce revenue increases through this year's projected $46.7 billion online holiday season, the slight drop of growth percentage is certainly acceptable.

But with the revenue hype fest that has been going on the last few days, it's worth remembering that this year is simply projected to have the same kind of season-over-season growth that it's enjoyed the last couple of years.Read more...

Is PCI Skimping On Skimming?

November 29th, 2011
PCI does not address skimming at your point-of-sale (POS) devices, especially those self-service areas that are not under constant control of a clerk or manager. PCI Columnist Walter Conway thinks it should and that now may be the perfect time to make a change in your POS practices and PCI itself. Although this may be the season of sharing, that should not include sharing your POS devices with the bad guys. The PCI Council recognizes the risk from card skimming. They have held information sessions highlighting the threat at the Community Meetings and they published in 2009 a document informing retailers of the risks of skimming.

However, as of today, there is nothing in the PCI DSS directly addressing how retailers should protect their POS devices from being compromised by a bad guy installing a skimmer. The timing for updating or clarifying PCI now is excellent. Each version of PCI DSS has a three-year lifecycle and we are now into the second year of PCI version 2.0. That means that as of November 1 we are in the formal period when Participating Organizations worldwide provide feedback on improving payment security and the PCI DSS itself.Read more...

Quick-and-Dirty (And Dangerous) Wi-Fi Retail Deployments Likely To Be Rampant In 2012

November 28th, 2011

As mobile trials of all kinds kick into highgear next year, there’s almost certainly going to be a trend that will signal very bad security news: a soaring number of retail Wi-Fi trials, many of which will likely be quick-and-dirty efforts to be able to support customers who want to use mobile in-store. Wi-Fi security is bad enough as is, let alone what will happen with lot of slapdash rollouts.

Some of the security problems with Wi-Fi are well known and there isn’t a security consultant worth the paranoia they sell who can’t spout their list of the dumbest retail Wi-Fi deployments. There is a small ray of hope. Although Wi-Fi is often quite insecure, the newest Wi-Fi offerings today are a tad bit better. If we can assume that many of the new deployments will be using somewhat more robust approaches, it might be a somewhat smaller catastrophe. Remember that a Wi-Fi mobile disaster doesn’t have to be a security breach. Given how easy it is for a children’s toy or a wireless microphone to disrupt Wi-Fi and potentially halt mobile payments or, even worse, cause double billings, even a data-secure network could cause mobile nightmares. Ahhh, the joys of Wi-Fi.…

DDoS Attackers Switch Gears: Hit The Router, Not The Web Server

November 17th, 2011
Distributed denial-of-service attacks on commercial Web sites have taken a nasty turn since last year: They're now throwing four times as many packets, and the type of packets are more likely to bring targeted sites to their knees. That's according to security vendor Prolexic Technologies, which on Thursday (Nov. 17) is slated to release a report that says since Q3 2010, attackers have shifted from attacks that aim at Web servers to those that target routers—a change that could require retailers to put up much stronger defenses against brute-force attacks.

It's hard enough defending against a botnet firing an endless stream of "show me your homepage" requests at an E-Commerce site. Retailers have already seen those attacks amped up to 50 times their previous level during a few days after Black Friday last year. But the new style of attack (so far aimed mainly at online gambling sites) is likely to require a lot more hardware to pick off nasty packets—and it's hardware that's only necessary until the attack ends, at which point it's very expensive bric-a-brac.Read more...

MasterCard And Intel Want To Put Contactless Readers In Laptops—Maybe Even Soon Enough To Matter

November 16th, 2011
E-Commerce has been depending on the trustworthiness of strangers for a long time—customers typing in what might easily be stolen payment-card numbers from thousands of miles away. That might be changing soon, and with a real advantage for E-tailers. On Monday (Nov. 14), MasterCard and Intel announced a push to install a contactless reader in laptops, so they'll function as PayPass readers to take contactless payment cards—with a lot less trust required.

A MasterCard spokesman wouldn't commit to the card brand accepting such transactions as "card present," at least not at this point. It's early—MasterCard and Intel expect to get all the authentication issues nailed down by 2012, with actual payments by laptop-owning online shoppers starting shortly thereafter. But anything that uses built-in hardware to close the gulf between the retailer and the physical card should help push interchange rates down.Read more...

A Wireless Tracking Way To Solve The In-Aisle Digital Receipt Verification Problem

November 16th, 2011
The biggest practical challenge to in-aisle mobile checkout is verifying the receipt as the customer tries to leave. Verification is not foolproof, but it will dramatically slow traffic, which is counterproductive. What retailers need is a way to associate that phone with the customer and the purchase, and to track all three throughout the store, up to the exit. Fortunately—and simultaneously unfortunately—the very nature of a smartphone provides just such a wireless way.

By using the phone's signals, the store could track that customer and could know exactly when that customer is approaching the exit and alert the greeter/loss-prevention associate to the approach. No need to verify the receipt, no need to stop the customer at all (unless the greeter sees something beyond the purchased items, but that's always been the case). There are clearly hurdles to this approach. But it's one of the few that addresses most of the current in-aisle mobile payment headaches.Read more...

What Wal-Mart Didn’t Say About Its POS Move

November 16th, 2011
Wal-Mart's newest mobile acquisition may be a lot more than the world's largest retailer is admitting. On November 10, the chain announced that it acquired Grabble, a tiny Australian mobile POS startup that can deliver receipts to customers' phones. Wal-Mart also did a good job of scrubbing the Internet of information about what Grabble actually makes: hardware that attaches to POS systems to capture purchases and other customer data in real time, so that information can be used without having to change existing back-end POS software. Mobile receipts are just one obvious application.

It never really made much sense that Wal-Mart would go all the way to Australia for a mobile-receipts startup—that's hardly a new idea. But a box that plugs into a POS, so it's easy to experiment on a store-by-store basis with everything from mobile receipts and coupons to plug-and-play CRM, inventory and analytics systems, sounds like it's worth the trip. And that could explain why Wal-Mart worked so hard to make most details about Grabble disappear.Read more...

Tablet Retail Impact: Sometimes, No Change Is The Best Strategy

November 16th, 2011
What, if anything, should retailers do differently about tablet computers, in an M-Commerce context? Not much, it turns out. But it's hard to glean that from the flood of stats out there. Consider some numbers IBM Coremetrics has been talking up recently. The company reported that "shoppers using an iPad will lead to more retail purchases more often per visit than other mobile devices," with iPad conversion rates at 6.8 percent versus 3.6 percent for all mobile devices. That may be true, of course. But it's also obvious that the larger screen of a tablet will enable more activity than the typical smartphone. What if IBM Coremetrics had said that shoppers using a laptop or a desktop computer will deliver more purchases than a smartphone? What if IBM Coremetrics had said that shoppers using a laptop or a desktop computer will deliver more purchases than a smartphone?

That said, tablets are becoming quite popular, and a migration of sales from PCs and laptops down to tablets is inevitable. From the chain's perspective, though, that change may be barely felt, because the tablets will simply be accessing your regular Web site. At best, it might be a slightly tweaked version of your site. Most of the current tablets don't really need much—if any—tweaking to deliver an acceptable experience.Read more...

Could Lord & Taylor’s “Claim Your Prom Dress” Effort Be Improved With ZIP Codes And Some Pull-Downs?

November 16th, 2011
Lord & Taylor recently tried an experiment where high-school girls were able to purchase a prom dress and then claim it for that event at that school, to theoretically make it less likely some other girl would show up at the prom wearing the same dress. The idea is interesting but limited, in the sense that the same dress is being sold at other retailers. It also suffers from the problem of only working when the customer bothers to go through the tagging process.

Why not use ZIP codes (IP address locations are typically too inaccurate and/or cover too wide an area to be practical for a prom no-duplicates strategy) and a high school pull-down menu (with a behind-the-scenes list of each school's primary ZIP codes) to flag likely repeats? This approach pushes this idea beyond high-school proms and could be used to flag apparel conflicts at any type of event or formal function. Weddings? Theater? This could even be helpful beyond events. What about giving an option to indicate the name of an employer? Depending on the size of the employer, it might be nice to know if that business suit you've been eyeing has already been purchased by anyone else within that company.Read more...

StorefrontBacktalk Will Not Publish Newsletter For Thanksgiving

November 16th, 2011

Given the dominance of the key U.S. holiday next week (we mean Thanksgiving, not Black Friday), StorefrontBacktalk‘s weekly newsletter won’t publish on November 24. Everything else will still be live (the Web sites, our Kindle version, our Twitter tweets, our mobile sites, etc.), but we need a little time off to burn some turkey and over-season some stuffing.

Speaking of which, we want to tap into the knowledge of our audience with a question that has nothing to do with retail technology. One of us here at StorefrontBacktalk is going to try something new for Thanksgiving: Cooking the turkey on a gas grill. The problem is that, well, it’s me. And my Weber grill seems to have two temperature settings: 750 degrees Fahrenheit and OFF. To be precise, it has tons of settings, but those two numbers seem to be the only heat levels the beast is capable of delivering and maintaining. In a short duration grilling (say 5 to 8 minutes), it’s easy to compensate. But when dinner for a dozen people needs to cook for five hours, I’m open to any tricks to get the temperature to get down to 325 degrees and to stay there. Any suggestions? If you do have any suggestions, please E-mail me at Help Evan To Not Turn His Entree Into Sawdust Held Together By Static Electricity.…

Mobile Tracking Would Be Great, If It Weren’t Illegal. (What, Everything Has To Be Perfect With You?)

November 16th, 2011
When we told you recently about the Australian shopping mall that tracked customer movement through mobile phone signals, it presented a very compelling CRM opportunity. It would also almost certainly be illegal in the U.S.

Here, it is illegal to intercept the contents of a cell phone call or to force a cell phone provider to pony up information about a user without—at a minimum—a court order based upon a certification by a law enforcement or other official that the information is relevant to an ongoing criminal (or sometimes intelligence) case, writes Legal Columnist—and former federal prosecutor—Mark Rasch. The federal pen register law makes it a crime to "install or use a pen register or trap and trace device" without such a court order, unless you are a "provider of electronic or wire communication service" and your use of the pen register is for certain limited purposes. There is little doubt that neither a mobile nor a mall operator would be considered a "provider of electronic communication services."Read more...

EMV Is Simply Not Worth The Effort. Not Even A Little

November 16th, 2011
Ever since Visa reversed itself and embraced EMV this summer, GuestView Columnist Trinette Huber—who by day is information privacy and security manager for the 2,700-store Sinclair Oil company—has been wondering why. She has concluded it's not for the security. For the last five years, Huber pens, she has been advising, cajoling, arguing and sometimes arm-twisting when it comes to PCI compliance for Sinclair's distributors and c-store operators. "We've been waiting for technology that protects credit-card data. Stop coming back to the trough to get retailers to pay for something that doesn't remove PCI compliance requirements and protect online transactions."

Huber adds: "Chip-and-PIN doesn't eliminate your requirement to be PCI compliant. You still have to do that. If we adopt Europe's old technology, the card data will still pass in the clear. You still need to spend all of that money securing your point-of-sales, auditing your network and reporting on your compliance status. Well, maybe not reporting to Visa—if you meet its requirements—but there's still MasterCard, American Express and Discover."Read more...


StorefrontBacktalk delivers the latest retail technology news & analysis. Join more than 17,000 retail IT leaders who subscribe to our free weekly email. Sign up today!
Our apologies. Due to legal and security copyright issues, we can't facilitate the printing of Premium Content. If you absolutely need a hard copy, please contact customer service.