Evan Schuman's StorefrontBacktalk

Personally, I've never met someone who was as personable, intelligent and just plain nice as Walt. He will be missed far more than any words can convey.Read more...

Most of the retailers did OK, including Walmart, CVS, Costco, Home Depot, Target, Walgreen, Lowe's, Best Buy and Sears. The grocery chains (Kroger, Safeway and Supervalu) did poorly, but mobile commerce is generally a low grocery priority. Then we get back to Amazon, the retailer—let alone e-tailer—that has generally made all matters tech a huge priority. Amazon got beaten up on the ratings partially because the spreadsheet said it didn't have a true mobile site. But it seems to have a true mobile site—a very nice-looking one, too. They do, but it's apparently not done in the way that Google has in mind.Read more...

But on Thursday (June 27), Citi reissued that investors' note at Target's prompting, because in reality Target's IT spending will actually rise next year. It seems there was a communication problem between Target's top executives and Citi. The new version of the note reads: "TGT is investing approx. $0.20-$0.25 per share more in technology this year than last year. Next year, the incremental spending on technology is expected to be worth $0.05-$0.10/share YOY." No slashed IT budget. No wild swing between investing in new systems and digesting the results. In short, a much more conventional IT budget story. But wait—what if Citi had gotten it right the first time? Could that even have worked? Read more...

The details of the breach illustrate how innocuously these problems can crop up and how destructive they can be. And when your shoppers are hurt because the data they shared with you gets stolen, the blame falls on the retailer regardless of whether your team had anything to do with the breach. It's not pleasant, but there is something you can do about it.Read more...

By looking at the different choices made by Walmart, Target, Home Depot, Nordstrom, Staples, Tesco, Wet Seal and Lowe's, Oracle categorizes three IT lab approaches. But how a lab is corporately structured will make little difference if senior management isn't willing to first learn (and to pay a lot for those lessons) and to be open to a future that they may not like. The job of a chain is to adapt to the reality in its market. The job of a dying chain is to cling to its current tactics if the future doesn't look like what it wants it to look like.Read more...

Jay Dunn, the site's chief marketing officer, told Internet Retailer that he thought the approach has strong potential, but he's skeptical until he sees how it does with the site's full launch later this summer. "I have not yet seen conventional responsive design handle a true retail site. I have 6,000 products and more than 24,000 product images, not counting color swatches, marketing, video and animation," Dunn said. "I haven’t yet seen the pure responsive design technology that handles that smoothly and efficiently across multiple devices." The historic problem with server-based approaches has been that it ultimately slows down the experience after the initial download, as the shopper needs to do a lot of back-and-forth interaction with the site.Read more...

There are many factors behind those numbers, but it really comes down to the fact that Walmart's massive global supply chain needs to support more than 4,000 physical stores—a feat that Amazon need not worry about. Given that huge physical burden, Walmart's costs are quite impressive. But no one ever said that fighting against a pure play was particularly fair. Like all major chains, Walmart initially had two choices. Run the chain as one big happy merged channel family or separate and run online and offline as separate companies. Neither approach is perfect.Read more...

Let's start with the basics on this one. Setting aside for the moment the counter-conclusion ("Why is it that 69 percent of online Canadians are not apparently more likely to purchase after following a brand on Twitter?"), the implication of this stat is to suggest a connection between the Twitter efforts and an increase in purchases/conversions. But isn't a shopper who chooses to follow a retail brand almost certainly already a fan of that brand and, as such, already someone who is quite likely to make purchases?Read more...

As a practical matter, though, very few consumers would bother (or even know) to ask such a question. They hear their bank say that their card is being re-issued due to something fraud-like. If a survey asks whether they have personally experienced fraud, they're almost certainly going to say yes. For retailers, this is a very key problem.Read more...

These days, it's just as likely for shoppers to use the Best Buy site as a way to explore products before buying them at another physical store or a rival's Web site. In effect, the Best Buy site is becoming a showroom for other e-tailers.Read more...

That something was the iCloud Keychain. Put simply, it's a cloud-based feature of both Apple's new iPhone operating system, iOS 7, that lets users store passwords, logins and payment-card numbers for use with mobile commerce sites. Yes, it does all the things password managers do these days, including automatically filling in the forms that make online retail so much more miserable for customers on a phone than on a PC. But it's adding card numbers that makes this interesting.Read more...

An online publication of Consumer Reports magazine, the Consumerist, has taken the lead in this coverage, and Rakuten's shopper victims have created their own site, much to the presumed non-delite of Rakuten. The site's called simply Rakuten Fraud. What's worse than having a security hole on your site on the eve of a major rollout impacting lots of customers? How about being unable to figure out where the hole is? Bernard Luthi, the COO of Rakuten.com, has become the public face of this breach and is arguing that there's little his team can do until they can somehow replicate or trace the source of these breaches.Read more...

And repeated rumblings from House leaders about major—and unspecified—changes they may force into the bill is absolutely not helping retailers' comfort levels. To try and help a little, StorefrontBacktalk and FierceRetail have assembled some of the key players in this battle to help answer some of these questions with a webinar slated for Tuesday, July 9, 2 pm ET/ 11 am PT.Read more...

The argument really comes to a simple choice: scrolling versus clicking. The argument for clicking is that it makes for a cleaner and shorter page and that all of the additional detail is there, but it's not cluttering up the page until the shopper wants to see it. There might be a link for technical specs, but those numbers will only appear when it's clicked on. No need to distract the reader who doesn't care about those specs. The argument for scrolling (or using a lot of the PageDown button) is user apathy or lack-of-awareness. If the shopper truly thinks the product is complicated, that shopper would have no interest in clicking the demo button. But if that really-simple demo just autoplays, it might persuade the exact shoppers who would have never been likely to click. The other key part of this debate is shopper desires/expectations.Read more...

Something these banks seem to miss is that merchants pay them for risk management. Issuers want to just sit back and collect all the free-flowing money that magically appears, forgetting that some of it actually requires them to work. Also, what are the real costs to the issuer? Key word here, "real" costs, not "inflated for a profit." Let's see: $2 for the plastic, $1 mailer, $1 postage, a generous $4 for labor and overhead. That works out to $8 total and these numbers are grossly padded. So why do I see reports by issuers claiming $25-75 "cost" to replace a card? Can you say exaggerated?Read more...

What does this mean for retailers? Retailers collect, store, collate, share and use a great deal of personal information and personally identifiable information. Whether through PCI terminals, CRM databases, loyalty programs, surveillance cameras, credit checks or credit reports, website and e-commerce operations or marketing activities, they have a lot of personal information. They also share it with people that they never consider in their privacy policies. For example, they may state that they share information with vendors and suppliers to deliver goods and services. But what about lawyers, accountants, auditors, regulators, consultants and others? And how will those parties use the information? How will they protect it?Read more...

Rakuten wouldn't be the first to make such a move, but its results in other countries coupled with its non-traditional way of working with retailers gives it a fighting chance of making a difference. Although we'll touch on the advantages and challenges Rakuten will have, one thing is clear: Rakuten and Amazon's approaches are 180 degrees different. For starters—and this will get the attention of the Jakob Nielsen devotees among the Web designer crowd—Rakuten wants long initial Web pages with lots of video, opting for the "scrolling is better than clicking" school of thought.Read more...

The interesting background to these trials is that Target—as its name implies—has always been precisely focused. These trials, as the CFO pointed out, are the chain admitting that many fundamental shopper assumptions may no longer be valid. "We spent 50 years honing, moving products one direction to our supply chain and ultimately to the back door of the store. Then through the front door and trying to do that as quickly as possible. Now we're moving product different directions depending on what our guest wants and for us, we need to learn how to operationalize that," Mulligan said.Read more...

PCI DSS Requirement 11.3 has a lot of detail on when retailers need to conduct pen tests. It recommends, for example, "at least annually and after any significant changes to the environment." In practice, this means retailers need to perform and/or re-perform pen testing after such events as upgrading their operating system, adding a sub-network to the Cardholder Data Environment (CDE), or even adding a Web server to the CDE. However, the requirement does not specify details on what the pen test should cover other than it should include "network-layer" and "application-layer" testing, pens PCI columnist Walt Conway.Read more...

Visa has now reacted, arguing to a federal judge that Genesco's complaint should be dismissed for three reasons. First, Visa said that Genesco cited the wrong California state law, one that cannot be used in cases where there is a contract dispute. Second, Genesco didn't claim sufficient facts to make its case. The third Visa argument was that one claim—that Visa had made fraudulent statements—wasn't valid as the statements didn't influence "consumers or the public," nor did even Genesco rely on them. (It's an interesting defense: Our lies didn't harm anyone because nobody ever believes us anyway. For the record, of course, Visa hasn't conceded that it lied, arguing that the law in question only envisioned lies that deceived the public.)Read more...

That goes far beyond the original lawsuit, which only covered default interchange rules, honor-all-cards rules and anti-steering rules. If the case went to trial and lost every claim, that would still just lock in the card brands' control of interchange and card-acceptance rules. But the proposed settlement would go far beyond that—extending to block any challenge to PCI and breach penalties.Read more...

But a recent case with Neiman Marcus takes these retail defenses to the next level. When Neiman Marcus received its letter, the retailer didn't respond. It sued immediately, even before knowing the name of whom it was suing. And as if to underscore how big a mess this all is, the day Neiman Marcus sued that patent troll, an unrelated patent troll sued Neiman Marcus.Read more...

But Saks, according to Citi, is only deploying one iPad for every three associates. That suggests some 66 percent of associates either won't have a tablet to help their customers or they will have to awkwardly borrow one from another associate. But one associate can't borrow a tablet from another associate who is working with a customer, so an idle associate will have to be located. On a busy Saturday afternoon, that could be almost impossible. Does Saks really want some of its associates to have tablet-powered capabilities while others do not? Will some shoppers be at a disadvantage? Wasn't the whole point of tablets that their pricepoint is such that it's economical for every floor associate to have one while they are actively working the floor?Read more...

On Wednesday (May

29) morning, we ran into a strange error on Target.com (NYSE:TGT) that seemed to be more accusing of the retailer’s shoppers than it probably intended. The problem was a big one, namely that products marked to be purchased were not showing up in the shopping cart. When we clicked New Guest, it delivered this delightfully phrased text-only Internal Server Error: “The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator (no address given) and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log.”

Beyond the obvious that this is not an error message a retailer wants to show its shoppers—who hopefully don’t have access to its server error logs—the best part is the “anything you might have done that may have caused the error” line. Love how the system just assumes it’s the shopper’s fault. This is like a bank that automatically responds to any error with a form to the teller that asks, “OK, what the —- did you do this time?!” (The glitch seemed to go away about an hour after we first detected it.)…

A quick ping to all ye browser lovers (and, I suppose, some browser haters) out there who are planning to drop by Chicago next week for Internet Retailer‘s E-Commerce show (IRCE 2013): StorefrontBacktalk editorial will be at the show, so if any attendees know of the best places in town to deepen our understanding of the nuances of e-tail strategy (i.e., to get truly and reliably drunk), I’d love to hear from you at eschuman@storefrontbacktalk.com.

Looking forward to connecting with as many readers as possible while there. Also, if you see anything especially noteworthy at a booth or hear a strange utterance from a panel, I would love to hear about that, too.…