Evan Schuman's StorefrontBacktalk

The dream—and nightmare—of every E-Commerce head is to start over from scratch, scrap all the legacy kludges that developers have been working around for years and build a Web site that does exactly what the chain wants. Most retailers will never be able to cost-justify that greenfield approach, of course. Target's site, however, had to be built from scratch because its decade-long deal with Amazon to operate its online business had expired.Read more...

The great wine-vending kiosk experiment may be just about over, at least in Pennsylvania. Last week (Aug. 15), Wal-Mart told the state’s Liquor Control Board that the retail giant is no longer interested in putting the 10-foot-high machines in 23 of its Pennsylvania stores. That comes after the June announcement by grocery chain Wegmans that it was pulling the giant vending machines out of its 10 stores that had them. And the state now says that if the kiosks’ developer, Simple Brands LLC, doesn’t come up with a $1 million payment by September 19, the plug will be pulled on the remaining 21 machines.

The wine kiosks were an interesting idea, but they may simply have been impossible to get right. There were ongoing mechanical problems (all the machines were taken off-line for repairs temporarily in December) and liability issues, in addition to concerns about whether minors could be blocked effectively from buying wine by the kiosks’ technology for matching a buyer’s face to his driver’s license. But the biggest problem may still be that wine buyers generally like to browse wine labels before making a decision—not buy wine from a glorified Coke machine.…

To be precise, Urban Outfitters is already using them for mobile POS, while Lowe's is just doing inventory and Web site checks but not POS—yet. PacSun on Tuesday (Aug. 23) said that it has already put the Apple devices into more than 300 stores, with 100 stores slated by the end of the year. Combine that with Nordstrom, JCPenney and Gucci all piloting iPads for in-store use, and it begins to look like Apple really does have a lock on in-store mobile devices.Read more...

And failing to take customer privacy into account can have serious consequences, writes Legal Columnist Mark Rasch—the Federal Trade Commission has a decade-long history of going after retailers with unfair or deceptive trade enforcement actions—enforcing customer privacy even in some cases where a retailer has gone belly up.Read more...

Indeed, the associate might have gotten away with it, had he not gotten too greedy and obvious. How obvious? He purchased the chain's most expensive Movado watch—a $2,995 Swiss timepiece with a tungsten carbide bracelet—but not before he "processed an unauthorized markdown" to make the price $2.95. Think a better-than 99.9 percent discount would trigger a flag? The good news for Macy's low prevention: It did indeed trigger a flag. The bad news: Nothing in the system stopped the associate, who had worked for Macy's less than five months at the time, from processing it and having the product shipped.Read more...

While U.S. retailers—including Macy’s and JCPenney—are just starting to get comfortable with item-level RFID, a pair of German supermarket chains is already taking the next step—tagging associates, too. By using active tags, the chains are able to not only handle access to sensitive areas but flag when an employee has been in a freezer too long and may need help.

The grocers, ALDI and Lidl, wanted to offer hands-free access to security areas, said this report from RFID Journal. “Lidl installed a reader inside the freezer near its entrance. When a person with a transponder arrives, the ID number is recognized, unlocks the door and allows him entrance,” the story said. “As he remains in the freezer, the reader continues to read the tag once each second. If it is still reading the tag in 15 minutes, it triggers a loud siren that can be heard outside the freezer.” It’s long been argued that RFID can deliver retail ROI, but only if retailers forget what vendors have promised and start getting creative about discovering their own ways to profitably use the tags to do what can’t easily be done any other way. Looks like ALDI and Lidl have already started thinking outside the box—and inside the freezer.…

PCI compliance doesn't come in grades and is a very clean pass-fail situation. That's why the vendor's headline caught our eyes: "Transaction Wireless First Cloud-Based Digital Giftcard Platform to Earn Highest PCI Level 1 Certification." That is a truly delightful piece of sleight of hand.Read more...

That approach is how six members of a Long Island theft ring—which included four Wal-Mart cashiers—allegedly walked off with $225,000 in merchandise. Well, almost walked off: The six were arrested on August 9 at the Wal-Mart in Uniondale, N.Y., and charged with grand larceny and possession of "forged instruments."Read more...

Suppose a customer's phone contains a shopping list of specific apparel items she wants to buy from another retailer—including images of those items or even links to them on the retailer's Web site. A shared screen could make it very easy for an associate to suggest alternatives or help the customer mix and match, whether the items are in the store or not.Read more...

A recent credible survey, however, found that not only are most younger consumers oblivious to what QR codes are, but the many who do know what they are can't get them to function. In short, 83 percent of the 1,300 14- to 24-year-olds surveyed couldn't access a QR code regardless of how good the offer was. Looks like some people skipped an important step in product rollout. That news is pretty bad, given the strong mobile interest—or general high-tech and experimentation comfort level—of that demographic. If they're confused or apathetic, the numbers won't likely get better as surveys examine consumers in their 30s, 40s, 50s, 60s and beyond.Read more...

The developer, Broken Thumbs Apps, isn't a retailer. But the case sets a standard for retailers whose apps may be used by children under 13: Offering underage customers kid-friendly activities puts you squarely in the FTC's sights unless you get parents' permission for every child's information—even if the information will only be used internally.Read more...

"No one has cracked the code on how social media impacts retail. I recently had an agency pitch an app as a way to build brand awareness. I pointed out that for someone to go to the trouble of downloading an app, they already need to be aware of the brand. So at best you could argue that it would help brand engagement, but not brand awareness. Lots of money is being spent in this area. Suspect most of it is being poured down a rat hole." The rat hole is simply that retailers don't have the ability today to understand the social-media influence on retail, and that lack of understanding is almost certainly causing a lot of wasted effort and money.Read more...

The token guidance that the group and the PCI Council staff ultimately released on August 12 was a classic compromise, in that it pleased few in the group but was a huge step forward for retail security. The purpose of such guidelines is not to get so specific that it benefits any vendor, but to give instructions to QSAs and retailers on what is permissible and what isn't. Reaction to the document has fallen into these two camps: one saying that the document was not nearly specific enough and is passing the buck to QSAs, and the other saying that this guidance represents major progress and that it should be applauded.Read more...

PCI Columnist Walter Conway thought a token was a token. Whether a particular token, or tokenization approach, was in or out of PCI scope seemed to depend on how well it was constructed and how the tokenization engine and token vault were implemented. But it seems that some tokens are more equal than others. For example, E-Commerce merchants who use tokens for one-click ordering and repeat purchases (leaving the underlying primary account numbers with their processor or another third party) just learned their tokens will still be in scope for PCI. Wonder if that hotel room keycard (or resort account) used to charge meals is a high-value token because it generates a payment-card transaction? How about the tokens used for exception-item-processing such as chargebacks and refunds. Are they high-value tokens because they impact (even if it is to reverse) transactions?Read more...

Granted, there are shopping carts full of complexities and nuances in analyzing such profiles—generating a meaningful influence rate, if you will—but that's where the fun comes in. Even worse, beyond those analytical complexities, there's the issue of how to get this data in front of the eyes of store associates and also how to do it in a timely matter. Of course, to start things off, there needs to be a reliable way to identify these influencers as they enter your store.Read more...

Sometimes, it’s hard for IT to precisely understand how consumers feel about customer-facing kiosks, down to the emotions prompted by specific screen elements. A Tennessee man on Sunday (Aug. 14) helped out a little on that front, engaging in a very specific interaction with a self-checkout unit at a Wal-Mart. To be precise, he punched out the machine to the tune of about $2,000 in damages. The interesting part was the specific part of the interface that prompted the intense consumer response.

Ronnie Wilinson, 57, told responding Gallatin Police officers that he couldn’t take it anymore “because it would not quit talking and saying the same thing over and over again,” according to affidavits filed with the Sumner County Sheriff’s Office cited in The Tennessean. This is certainly not the first report of a Wal-Mart self-checkout system driving consumers to fisticuffs. But if this episode helps developers understand the emotions that repeated verbal prompts can cause, it’s not entirely a bad thing. (The image for this story was shot at a local Wal-Mart, one whose signs opted to not risk the fate of their self-checkout counterparts. One has to wonder, though, how customer service would handle a customer who tried to get them to make good on the sign.)…

Let's take this slowly. Circuit City hasn't been an in-store national chain since 2009. But when it liquidated, no one apparently thought about the IP addresses, according to Gabe Fried, the founding principal of Stream Bank LLC, which handled Circuit City's liquidation and is now handling the one for Borders. "The people who knew that [Circuit City] had these assets left the company" rather abruptly when Circuit City didn't find a buyer for the chain and liquidation proceedings began, Fried said. "The problem involved management bandwidth and a lack of knowledge of [the IPv4 addresses'] existence."Read more...

When Wal-Mart confirmed a major E-Commerce reorganization on August 12—including the loss of Walmart.com chief Steve Nave and global E-Commerce exec Raul Vazquez—it was said that E-Commerce management in developed countries will now report to the senior in-store executive for each country. That’s a change from those positions reporting into Global E-Commerce boss Eduardo Castro-Wright. If we set aside the personnel issues—the loss of execs such as Nave will likely hit hard—the strategy involved here is both compelling and actually the right approach.

One of the most vexing merged-channel issues today is how to compensate online and in-store execs so they don’t solely push their primary channel. By having the chief of Wal-Mart’s U.S. stores, for example, also responsible for Walmart.com sales in the U.S., that compensation/conflict-of-interest issue goes away. Well, it theoretically could go away, assuming the U.S. president makes sure the compensation of various direct reports is similarly merged. The ideal here is for everyone to be focused on selling Wal-Mart products however they can, with no financial incentive to push mobile, online, in-store, call center or any other specific channel. To the extent that this reorg helps bring the chain closer to that goal, it’s a good thing.…

Leach added that the biggest token-related mistake he's seen retailers make is enabling the data to be de-tokenized during chargebacks, refunds or for loyalty tracking. "That's probably the oversight we see most often: not recognizing back channels where the merchant still may receive that account information."Read more...

Visa's new approach will also likely spell the end—within about five-to-seven years—of mag-stripe cards in the U.S., a move that many payment security advocates say is years overdue. To make all of this happen, Visa is bringing its global EMV incentive program—officially the Technology Innovation Program (TIP)—to the States, along with its PCI-relaxation components. (PCI relaxation? There are two words I never expected to see used consecutively.) This means chains that start using specific EMV chip-enabled terminals will be permitted to forego the annual compliance validation nightmare. But Visa has added such a lengthy list of qualifiers and exceptions to the program—along with the practical fact that some chains will opt to do the assessments anyway, for pure security purposes—that it's not clear how many chains will find that incentive compelling enough to do massive hardware swaps.Read more...

Clearly it can be done—Apple Stores let roving associates complete transactions and so does Home Depot for some transactions. But doing it on a large scale with easy-to-shoplift items? The obvious answer is to use technology—and it's possible to do with currently available technology. Unfortunately, there's a tradeoff between privacy and loss prevention that customers may not be ready to make just yet.Read more...

Nohl told The New York Times that mobile operators turn off GPRS encryption "to be able to monitor traffic, to detect and suppress Skype, or to filter viruses, in a decentralized fashion." Unfortunately, that also means thieves with reprogrammed mobile phones can eavesdrop on many M-Commerce transactions using GSM smartphones. And even if payment-card information gets its own layer of encryption, there's still plenty of other personal data that customers would probably prefer not to fall into the hands of thieves.Read more...

This still means there are three big card-swipe terminal vendors in the U.S.—and Hypercom retail customers are at least a little less likely to learn that their products have suddenly reached end-of-life. Under the DOJ-approved deal, Gores is taking over the #3 PIN-pad business in the U.S., with about 18 percent market share. That's big enough that the DOJ wasn't willing to let either VeriFone (at 48 percent) or Ingenico (at 26 percent) simply snap up that chunk of the market. And it should leave three large-enough players to discourage too much coziness, which is certainly what the DOJ was afraid of when it filed a lawsuit in May to block the original shuffle of the business. Read more...

The retailer wouldn't say how many customers signed up for the notification or whether they received any special offers as an apology for the site being down. But the "leave your E-mail address" tactic is especially interesting because it specifically promised that the E-mail addresses would not be used for anything except notifying customers when the site was back up. That was probably a lost CRM opportunity, but it may have been much more valuable in rebuilding customer trust.Read more...

As federal bankruptcy courts dismantle every last remaining piece of the once-mighty Borders book chain, including a CRM database of some 43 million loyalty-program customers, one asset caught the eye Wednesday (Aug. 10) of liquidators: IPv4 addresses.

In light of the severe global shortage of IPv4 addresses, this asset—far removed from the books and online files—may be the most valuable of all. “In addition to its trademarks and E-Commerce assets, Borders is the holder of a contiguous block of IPv4 addresses, which it seeks to transfer to a qualified buyer,” said Wednesday’s statement from Streambank, the company retained by the Bankruptcy Court for the Southern District of New York to market and sell the chain’s intellectual property assets. “Borders has established a worldwide reputation as a leading destination for buyers of physical and digital media including books, eBooks, eReaders and related accessories. Borders remains engaged with its customers through the Borders.com E-Commerce site, which it expects to continue in business until transitioned to a new operator.” How sad is it that one of the nation’s largest bookstore chains is ripped apart and the most exciting asset is IP addresses? Talk about ego-deflation.…