Is Retail Crime Increasing Or Is It Just Being Noticed More?

Written by Evan Schuman
May 31st, 2007

New survey results released from the National Retail Federation show a 71 percent increase in retailers noticing organized retail crime activity. Is the news the increase or that it’s being noticed?

Statistics are wonderful things, especially survey results. Numbers in general can be selectively chosen so that it suggests the reality the stat-issuer wants to suggest. But surveys hold a special place in the perception illusion game.

We can start with how was the question phrased, who was asked and?my personal favorite?how the interviewee interpreted the question. All of that fun happens long before the data is analyzed, which means that even the most honest, rigorous and methodical interpretation can’t yield accurate results if the underlying data is flawed.

These thoughts come to mind as I look at a wonderful new survey from the National Retail Federation. The survey reported that 79 percent of the 99 retail execs surveyed in April said they had been a victim of organized retail crime in the prior 12 months.

Setting aside the gripe that it was 99 participants (for piechart purposes, it would have killed them to get one more?), let’s look at that figure more closely. The other two answers might be even more illuminating: 12 percent said they had not been so victimized in the prior 12 months and nine percent said they didn’t know.

How does one define organized retail crime? More to the point, without any explanations, how would the surveyed retail folk interpret it? Is one shoplifter working alone an example of organized retail crime? Probably not. But what if that shoplifter is part of a 12-person team. Is that then organized?

If the retailer’s database is hacked into, is it organized if it’s a 14-year-old boy fooling around? What if that 14-year-old is in Eastern Europe, sitting next to 40 other 14-year-old boys on PCs and they are all working for a modern-day Cyber Fagan?

Even more to the point, when a retailer’s database is violated, unless there is an arrest and conviction (a rare happening), how does the retailer have any idea how organized the attacker is? From their perspective, all they have is a data penetration by person or persons unknown.

This is all intended to say that we need to be careful putting a lot of faith into survey results like this. That said, such results do indeed reveal some interesting changes. Another survey answer, for example, had 71 percent of the respondents saying that they have “seen an increase in organized retail crime activity in the past 12 months.” The interesting is that a similar group surveyed by NRF last year answered the same question yes only 48 percent of the time.

This begs the question: Did the surveyed focus on the word “seen” or the word “increase”? There’s little question that retail crime has, in fact, increased every year. But what has changed recently is that retailers are both noticing it and are starting to use the tools to identify it.

Historically, retailers have always known that XX amount of merchandise doesn’t end up getting paid for. That shrinkage can be caused by a frustratingly large number of items, from falling off a truck, to dropping behind a shelf to having been incorrectly logged to having been stolen by a shoplifter or swiped by an employee. Even worse, inaccurate supply-chain data left open the possibility that the “missing” products had never been sent or even possibly had never been ordered.

When improvements in retail technology in the shrinkage debate are discussed, it’s not merely technology to watch products in the store. It’s helping to make sure that the retailer knows for fact how many widgets they started with.

Another intriguing detail from the NRF survey: 57 percent said “yes” when asked, “Do you believe (your) top management understands the complexity and seriousness of organized retail crime?” That’s even more frightening when you factor in that 43 percent said “no.”

Reality check: how did the surveyed come to that conclusion? Have they had detailed conversations with their top management about this? Or is it based on lip service the top brass give in speeches? (“We must stop these attacks!” CEO Jones said, trying to look committed.)

For that matter, what would they have said had they been asked if their top management “understands the complexity and seriousness” of supply chain coordination? Multi-channel strategy? For that matter, “how to get the coffee machine to work”?

Scaling up the fright level is this Q&A: “Are you allocating additional resources to address organized retail crime in your company?” Well, given that this group concedes that crime is soaring, it’s organized and effective and that senior management understands it, we know what this answer will be. An overwhelming yes, correct? Maybe 96 percent? At least 89 percent, yes?

Reality check: the percent of respondents who said “yes” was 52 percent, with 48 percent saying “You expected something else, Mr. Retail Execs Put Their Money Where Their Wallet Is, Not Where Their Mouth Is?” (Kid, you gotta shorten that name if you’re going to make it on Broadway.)

How is one supposed to rationalize that answer with the other answers? Yes, it’s bad and getting worse, but just about as many (given the margin of error) are not spending anything more to deal with it than those that are.

The only explanation is that Chief Financial Offers still do not see a heck of a Return on Investment on security investments. Given the recent revenue boosts seen by TJX after the disclosure of their massive data breach, it’s hard to argue with the CFOs on a pure spreadsheet basis.

As long as consumers stand behind retailers with security perception problems, CFOs will have an almost impossible time justifying any kind of serious investment. There are a very finite number of dollars to spend and CFOs must stay true to a strict ROI analysis.

What could make a difference? Instead of having grabbed 46 million consumer records, if the intruders had instead grabbed 46 million pairs of bluejeans? Perhaps that might merit more than lip service.


Comments are closed.


StorefrontBacktalk delivers the latest retail technology news & analysis. Join more than 60,000 retail IT leaders who subscribe to our free weekly email. Sign up today!

Most Recent Comments

Why Did Gonzales Hackers Like European Cards So Much Better?

I am still unclear about the core point here-- why higher value of European cards. Supply and demand, yes, makes sense. But the fact that the cards were chip and pin (EMV) should make them less valuable because that demonstrably reduces the ability to use them fraudulently. Did the author mean that the chip and pin cards could be used in a country where EMV is not implemented--the US--and this mis-match make it easier to us them since the issuing banks may not have as robust anti-fraud controls as non-EMV banks because they assumed EMV would do the fraud prevention for them Read more...
Two possible reasons that I can think of and have seen in the past - 1) Cards issued by European banks when used online cross border don't usually support AVS checks. So, when a European card is used with a billing address that's in the US, an ecom merchant wouldn't necessarily know that the shipping zip code doesn't match the billing code. 2) Also, in offline chip countries the card determines whether or not a transaction is approved, not the issuer. In my experience, European issuers haven't developed the same checks on authorization requests as US issuers. So, these cards might be more valuable because they are more likely to get approved. Read more...
A smart card slot in terminals doesn't mean there is a reader or that the reader is activated. Then, activated reader or not, the U.S. processors don't have apps certified or ready to load into those terminals to accept and process smart card transactions just yet. Don't get your card(t) before the terminal (horse). Read more...
The marketplace does speak. More fraud capacity translates to higher value for the stolen data. Because nearly 100% of all US transactions are authorized online in real time, we have less fraud regardless of whether the card is Magstripe only or chip and PIn. Hence, $10 prices for US cards vs $25 for the European counterparts. Read more...
@David True. The European cards have both an EMV chip AND a mag stripe. Europeans may generally use the chip for their transactions, but the insecure stripe remains vulnerable to skimming, whether it be from a false front on an ATM or a dishonest waiter with a handheld skimmer. If their stripe is skimmed, the track data can still be cloned and used fraudulently in the United States. If European banks only detect fraud from 9-5 GMT, that might explain why American criminals prefer them over American bank issued cards, who have fraud detection in place 24x7. Read more...

Our apologies. Due to legal and security copyright issues, we can't facilitate the printing of Premium Content. If you absolutely need a hard copy, please contact customer service.