Evan Schuman's StorefrontBacktalk

Among the changes are a centralized search box, new categories and comments that are much more easily accessible.Read more...

Dan Mullen, President of the Association for Automatic Identification and Mobility (AIM) said the proposals "could be pretty traumatic for businesses and consumers." Read more...

It's the Great PCI divide: The Dids and The Never Dids. The problem with this divide is that the retailers who need PCI's guidelines the most are the ones most likely to be put off by the guidelines, seeing them as unreasonably demanding and expensive.Read more...

VDC is now slashing its RFID projections for this year by a billion dollars, with growth rates “no more than 9.2 percent over 2008 levels.”

The new figures, according to RFID Update, are attributed entirely to the economy. “There is still going to be growth. It is going to slow significantly, but there isn’t going to be a contraction,” said Drew Nathanson, VDC’s director of research operations.…

The common refrain was not how new retail technology can boost revenue but how it can slow the ongoing bleeding. Despite the absence of any single regal retail rollout, the more than 100 products and services introduced at the show did tend to cluster in groups. And those groups—not coincidentally—reflected today's difficult economic climate.Read more...

As mobile payments try to pick up steam in the United States—an economy that today can be described as remarkably steam-free—retailers are mixed about whether mobile payments are indeed viable. But one vendor is trying a new tactic: bypassing telecom carriers by directly using Bluetooth for transactions.

A nice piece in the American Banker details the ways that Bluetooth could be easier to deploy than near field communication (NFC). Much of the problem in the United States is financial and working out compensation plans that please telecom carriers, phone manufacturers, credit card companies and retailers. Getting even two of those groups to cooperate is difficult enough.…

A key suspect in the TJX data breach case has been sentenced to 30 years in prison, but it has nothing whatsoever to do with the TJX case.

Maksym Yastremskiy was charged in Turkey with breaking into Turkish bank accounts electronically. During the hearing where he was sentenced to 30 years, he said that a laptop computer found in his hotel room containing bank information belonged to a friend. “I am innocent. I didn’t do anything to break bank accounts. Somebody else did it, not me. I want to be released from the jail,” he told the judge, according to The Boston Globe.…

Microsoft will use the show to roll out its version of smartphone-readable 2-D barcodes. Redmond's approach with "Microsoft Tag" brings multiple colors into those barcodes, which allows them to be 50 percent smaller but still more easily and reliably read than today's 2-D barcodes, said Kevin Kerr, Microsoft's worldwide retail technology strategist. Other rollouts will include virtual makeup mirrors, virtual customized music creation and wireless debit devices.Read more...

Can an RFID chip be made uncloneable? No, but one Palo Alto vendor is arguing that it’s gotten quite close.

The vendor’s position, according to this well-done NetworkWorld story, is to “create multiple PKI-like key pairs based on integrated circuit impurities so that a given chip will always respond to a particular stimulus in a predictable way. And, because it’s the impurities in the silicon that cause this effect, it’s impossible to create a chip that will respond to a specific stimulus.” For one possible future of RFID, it’s worth a read.…

If you’re going to be at the NRF show in Manhattan next week, please drop by our Monday (Jan. 12) panel on security, featuring security execs from Reitmans, Beall’s and Big Lots, along with the former head of the U.S. Justice Department’s computer crime and StorefrontBacktalk’s own David Taylor. Evan Schuman will moderate.

The panel discussion, scheduled to start at 4:30 PM in Hall A, Room 1A, will open with a question about whether retailers, in this bad a recession, will need to rethink how to fund—and possibly whether to fund—PCI efforts. But the conversation will also cover non-IT security issues, such as crowd control, looking at very different Black Friday disasters involving Wal-Mart and Best Buy, plus loss prevention strategies.…

As retailers debate how much they truly want to embrace mobile payment efforts, the Mercator Advisory Group is reporting that the tide will soon become unavoidable.

Mercator is now forecasting that smartphone-based remote mobile payments will reach $389 million in 2009, $1.7 billion in 2011 and $8.6 billion in 2014.…

The details of how he did it aside, the concept is interesting in potential future retail uses, assuming that the per-tag price can be brought down low enough. For a grocery store's greeting card section, what if the store—and its suppliers—could know which cards were picked up and which ones were opened?Read more...

A handful of retailers—including 1-800-Flowers, Jos. A. Bank, Planet Hollywood and Overstock.com but excluding any of the top 100 brick-and-mortar chains—went along for the ride, pledging discounts to be beamed to T-Mobile customers using Chase Visa and debit cards.Read more...

But as is Amazon's tendency, its experiment is a little bolder and more daring.The concept is interesting, but we're having a difficult time coming up with a viable ROI for it. If it's intended to actually generate revenue for Amazon above and beyond revenue that they would have likely already received, it's much more problematic. Read more...

Payments for taxis, parking and movies may prove less patient in waiting for new technologies than E-Commerce, a move that could be a bad sign for once-promising mobile payment method Near Field Communication (NFC), according to a new report on Tuesday (Dec. 9) from ABI Research.

With a headline “NFC No Answer for Mobile Payments,” ABI reported that “once, NFC was the leading contender among technologies that could enable mobile payments. But NFC has developed more slowly than anticipated and will not offer viable large-scale mobile payment solutions for at least six years.” That will open the door for SMS, mobile Internet and downloadable mobile applications, the research firm wrote. We should add that 2-D barcode was once seen as a placeholder for NFC, but unexciting trial performance for 2-D has increased support for alternative alternatives.…

It's an odd position for Macy's to take. They're hardly at the cutting edge of this movement (Borders would have a better argument there) and, indeed, their spokesperson on the issue couldn't name a single merged channel feature they offer that isn't already offered by multiple rivals.Read more...

In a trial of new holographic magnetic stripes for its payment cards, Visa found the cards “emitted an electrostatic discharge that caused POS terminals to shut down,” according to a report in The Nilson Report, a respected credit card industry newsletter.

The report, which said the problems happened “on very few occasions,” is why Visa is not using the same kind holographic mag stripes as MasterCard and American Express, the newsletter said. The issue came up because Discover Card is now using the new technology on its cards, according to Discover rules that went into effect Oct. 16.…

In a trial initially limited to the United Kingdom, Switzerland, Israel and Italy, Visa Europe is starting a trial this month of a card with an 8-digit alphanumeric display, 12-button keyboard and a long-life battery, according to a report in The Nilson Report, a respected credit card industry newsletter.

The card has the ability to offer reciprocal authentication, which is designed to allow consumers “making transactions via phone or the Web a way to identify the party on the other end before transmitting identifying credentials,” the report said. Such a card could be extremely useful to E-Commerce efforts to thwart phishing sites set up to harvest credit card data from unsuspecting consumers visiting look-alike fraudulent Web sites.…

PayPal has come up with yet another payment-related use of a cellphone: to authenticate a non-mobile E-Commerce transaction. Customers of the payment giant “can now choose to receive a unique six-digit security code via text message to their mobile phones prior to logging in to their accounts,” PayPal said in a Nov. 24 statement.

PayPal has already been using two-factor authentication with a physical device (the PayPal Security Key), but using SMS and mobile leverages hardware consumers already have. Consumers would have to use the codes in addition to their regular username/password combos. …

In theory, this would allow people who only want to buy American products an easy way to do that. The only problem is that the trick doesn't always work, which means it could have the opposite effect.Read more...

When Sears rolled out its mobile effort (Sears2go) this month, it illustrated the challenges for a retailer trying to craft a clean and stable mobile strategy at a time of extreme flux for the mobile space.

In a sense, the first decision on mobile a retail chain needs to make is the cellphone’s equivalent of the age-old buy-versus-build debate. Do you take your full-fledged E-Commerce site and strip out almost all of the images and the most sophisticated functionality until it’s barely one step ahead of pure ASCII? Or do you add an extensive layer—most likely outsourced—that tries to interpret and translate queries and responses from your full Web site into something a smartphone can handle? Read more.…

The Web is overflowing with analysis of the TJX data breach disaster, but this posting from Plausible Deniability does a better job than most. What’s intriguing is the possibility that some of the indicted suspects may have worked as code writers in the light of day for some major companies, including Morgan Stanley.

With so much security outsourcing today, it raises some uncomfortable questions about how much you really know about the security specialists you now have working in your computer room.…

The credit database giant argued that such a card could potentially reduce "the need for companies to retain customers' personal identification information, which could also result in the reduction of risks posed by data breaches." Although that theoretically could be the case, the only way such a card—dubbed the Equifax online identity card—will be successful is if it's adopted by a large number of retailers. And each of those retailers would have to be willing to surrender one of their most precious pieces of data: customer history. Read more...

Wal-Mart will insist that its Chinese suppliers comply with RFID tagging by January 2009. And given various recent safety problems reported from China, Wal-Mart is also requiring sub-contractor information be included with every tagged product. The move, according to this nicely detailed piece in RFID News, “is expected to cost the suppliers roughly 20 times more than the bar-coding system now in place.” But China Retail News is quoting Chen Chang’an, general manager for the Shenzhen-based RFID provider Invengo Information Technology, as saying that the move will save Wal-Mart some $8.35 billion. No problem, given that Bentonville always passes such savings along to suppliers, right?

That China Retail News story also quotes Wal-Mart VP Mike Duke confirming that Wal-Mart would “not only ask its Chinese suppliers to report the name and factory location of their products, but also require them to take the responsibility for their subcontractors’ work and products. Suppliers who failed to meet these standards would be dropped from Wal-Mart’s Chinese supply chain if no improvements were made. He said the new standards would be put into effect in the apparel sector from November 2008 and gradually cover all products in its stores.”…