StorefrontBacktalk

Target's description of In a Snap on its own site implies a similar effort: "Have you ever flipped through a magazine or catalog and fell in love with a product — a rug, chair, lamp, whatever — and wanted to buy or bookmark it immediately? Yeah, us too. That desire for instant access to inspiring product is the idea behind Target’s latest mobile app, In a Snap. Compatible with the iPhone, iPad and iPod, the new image recognition app lets you easily shop Target items directly off the pages of magazines and printed ads — without having to scan confusing codes, look up links or search for product online or in store." Sounds good, but the app itself doesn't come close to delivering. It doesn't try to recognize images. It's solely designed to recognize a handful of specific Target ads—ads that are labeled as being compliant with this app. Despite its claim that it can deliver "without having to scan confusing codes," I'm struggling with seeing how this is any better for its shoppers or for Target. For both code-scanning (even the much-maligned QR codes) and In a Snap, the shopper must download an app, launch that app and point the phone at the ad. The only difference is that a QR code reader can be used for a huge number of applications, whereas the Target app is limited to ads from Target--and a very small percentage of even Target ads.Read more...

What brings these happy thoughts to the surface was an interesting piece in Wired yesterday (July 21) about a wearable vendor's efforts to focus on context in making its device more valuable. It's a terrific goal, but the more IT allows these devices to access, collect and manipulate sensitive data, the more valuable those databases will be to cyberthieves and corporate spies for your direct rivals. In IT, greater convenience often means greater risk, something vendor slides somehow always forget. I am not suggesting a sci-fi plot where these devices learn all about us and then take over the planet and make humans into their slaves. (Dawn of the Wearable World? The Wearables War?) But a few security limits wouldn't be out of line.Read more...

Recent large-scale data breaches—specifically Target and Neiman Marcus—have brought new attention to the issue of the U.S. shifting to EMV (often deployed as Chip and PIN), a payment approach that replaces the magnetic strip with a chip and is has been deployed for years in much of Europe as well as Canada and Mexico. The arguments in favor of EMV—as opposed to mobile—are unrealistic, as became clear during U.S. Senate testimony on Tuesday (Feb. 4). Given EMV's struggles, mobile payment is now becoming crucial. Can the industry get its act together? (Answer: Of course it can't, but let's be hopeful and pretend that the adults will take over.)Read more...

But if mom-and-pop retailers are the intended quarry, then the advantage (especially in non-urban geographies where iPhones and iPads are not nearly as dominant) goes to Amazon. First, what are the rumors? The Wall Street Journal has been out-in-front on both stories. On the Apple front, the paper describes the play as letting shoppers use their personal Apple mobile devices to make the purchases, with Apple leveraging "the hundreds of millions of credit cards on file through its iTunes stores."Read more...

Let's take a quick look at the latest reports of how the Target situation materialized. Target is now saying that the cyberthieves "stole a vendor's credentials, which were used to access our system," but the chain didn't say which vendor was involved. A few suspected vendor systems have emerged. The Wall Street Journal has reported that Target "shut down remote access to two websites used by employees and suppliers in a move to tighten security following a massive breach of customer data over the holidays. One system is a human resources website for employees called eHR. The other is a database called Info Retriever that suppliers use to access sales data for their products in Target."Read more...

A campaign unveiled by the coffee bean behemoth last week illustrates the latest example of this decaffeinated strategy. Starbucks is considered the most successful U.S. retailer when it comes to handling mobile payments and, for that matter, mobile anything. When the holiday shopping season for 2013 came around, the normal reaction for most retailers would be to push its mobile app and encourage shoppers to load dollars onto the mobile app of intended gift recipients. Instead, Starbucks deliberately chose to not push mobile at all, but to instead encourage the purchase of old-fashioned plastic Starbucks cards, the kind that fit neatly into holiday stockings.Read more...

You do really need a policy. Your employees expect IT to protect them, and your company's executives expect you to make sure that corporate data is protected from the things that employees do with their mobile devices. But your customers also want to know what you're doing with their data, and various contractors, distributors, suppliers and anyone else in your network need to know what they aren't allowed to do.Read more...

Of course, some companies have to face their privacy demons more than others. Yes, I'm looking at you, Google. Not that Google is likely to ever change how it handles privacy issues. (SAT time: Google is to privacy as (A) Osama bin Laden is to peaceful negotiations, (B) Lady Gaga is to rational thought or (C) Microsoft is to customer-centric. Answer: (D) all of the above.) The reason I'm looking at Google is that it just displayed privacy ineptitude on an epic scale.Read more...

When a credit or debit card number is accessed by thieves, typical procedure for quite a few years has been to shut down the impacted cards and immediately re-issue the cards to those customers. This process means the customer will be without that card for anywhere from 2 days to sometimes a week. Thieves count on this, which is why they stage such massive attacks. They know that once it's discovered, they may have as little as an hour or two before the card data becomes worthless. That's why they try and monetize the stolen data—usually by making ATM withdrawals and retail purchases quickly, using lots of accomplices making simultaneous purchases/withdrawals.Read more...

The dirty not-so-secret secret with all of these social programs is it's always been about how much data can be collected from consumers, to be turned around and used to send increasingly personalized sales pitches. (Kind of gives Secret Santa a whole new meaning.) The two motherloads of shopping data are not-coincidentally both involved in this Instagram deal: photographs (and their associated metadata) and relationship connections. Why relationship connections? If you're a consumer goods manufacturer (think Toyota, Nike, Nabisco, Sony), a retailer (think Walmart, Macy's, Target, Amazon) or a marketing firm (think Genghis Kahn, Idi Amin, Mussolini), how much is it worth to you to know which consumers are close friends or close relatives with other specific consumers? As a major gift-giving occasion comes up for the first consumer, how would you like to be able to send highly-customized pitches to those people who are close friends/relatives of that consumer?Read more...

Even mild-mannered Tesco—the world's second most-profitable retailer and the third-largest by revenue—couldn't resist stomping on NFC. The cause of NFC's U.S. mobile payment death has been a lack of incentives for shoppers to use it. Most critically, it simply wasn't any easier to use than regular magstripe swipes and it required a change of behavior.

That's why it was genuinely surprising when $3 billion Canadian and U.S. restaurant chain Tim Hortons announced Dec. 12 that it was beginning a mobile payment rollout using NFC. That overshadowed the almost-as-surprising detail that they were launching it solely on BlackBerry. Say what you will about Blackberry users, but if they're still using Blackberries in 2014, they certainly don't crave the latest cutting-edge gadget. So why is this 4,350-restaurant chain (including 817 stores in the U.S.) embracing NFC for payment? The reason actually reinforces why the technology has cratered in the U.S..Read more...

That mobile device will typically be a customer's smartphone. But the next step is where where an interesting debate is emerging. When the shopper leaves that dressing room and chooses to purchase only one—or perhaps even none—of the garments/accessories, at least one chain is now experimenting using a different mobile device (tablet) to try and get an answer to "Why?" In marketing circles, understanding why a customer opted to not purchase six items can be even more valuable than knowing why they purchased the seventh.Read more...

Whether or not those identifications will work or not—and whether there are much easier and more accurate ways for those products to be identified—is something I'll get to shortly. But the goal here is all data. First, the images are being shipped through a mobile app, so everything is being associated with a specific identified shopper. (Hello, CRM database.) Secondly, the images usually come with exact geolocation data (Seems that you took this picture in the housewares section of our direct rival on Elm Street. Good to know) plus date/time.Read more...

Here's what Starbucks is doing with its Twitter effort dubbed Tweet-A-Coffee, according to a recap of some panel comments reported in Mobile Commerce Daily. "To send a gift card, consumers sync their Starbucks loyalty program account with their Twitter account. Consumers then send a $5 gift card by firing off a tweet to the @tweetacoffee handle and the recipient’s Twitter handle. Recipients can then redeem the offer by loading the gift card straight to the Starbucks’ mobile app, which is scanned at the point-of-sale by an employee. The offer can also be redeemed by showing the email confirming the gift card on a mobile device or by printing the E-mail." Let's break that down. Shoppers must first create a Starbucks.com account, assuming they don't already have one. Then they must create a Twitter account, assuming they don't have one of those. Then they have to sync that Starbucks.com account with their Twitter account, which involves a lot of info-sharing between the two. Read more...

That comes to 2,000 screen-activations before the consumer gets anything.Read more...

But recent mobile remarks from the general manager of the PCI Security Standards Council—the group that controls how any merchant is allowed to use any kind of payment card—is enough to make a CIO long for the return of rotary dial. In effect, Bob Russo told a private conference call of QSAs (the people who assess whether someone is managing payment security properly) that when it comes to mobile security, it’s your neck if you want to proceed.Read more...