Security / PCI Compliance

The stakes have gotten higher when it comes to protecting consumer data. Some highly publicized, significant data breaches have motivated retailers and solution providers to rethink their approaches to data security. It’s a constant challenge to stay ahead of hackers and other criminals, but it’s also an industry mandate. Find out more about new solutions and how to keep up with PCI compliance here.

E-Commerce Chargeback Costs Reach $40 Billion Per Year

Chargebacks, chargeback fraud and expenses related to managing them cost e-Commerce merchants $40 billion per year, according to Chargebacks 911. Retailers are fighting back, but their success rates vary widely by vertical. The State of Chargebacks: 2018 Report, sponsored by Kount and Chargebacks911, showed that 82% of organizations doing business within the card-not-present (CNP) payment space dispute chargebacks. Overall, when companies dispute chargebacks their win rates are discouraging. Almost half (45%) reported that they were able to reverse chargebacks less than 45% of the time, and only 32% were successful more than 45% of the time (24% of respondents did not know their win rate).

Fraud Blacklists: What They Are, And Why You Shouldn’t Rely On Them

By necessity, all e-Commerce companies are constantly on guard against card not present (CNP) fraud. Aside from the financial losses incurred from the refunded amounts, chargeback fees, and merchandise replacement costs, there is also the looming threat of losing the ability to do business — payment processors will stop working with a merchant if the chargeback rate exceeds a certain threshold.  Those on the front lines of this ongoing war against fraudsters are the analysts tasked with screening out the fraudulent transactions. They have to satisfy conflicting requirements: brief turnaround time for order accept/decline decisions, minimizing chargeback losses, and keeping the total cost of fraud prevention low. These fraud management teams are the Rodney Dangerfields of e-Commerce, since they usually don't get much respect from senior management, who often view their department as a cost center rather than a revenue protector.  It's no surprise that merchants are quick to adopt and hesitant to abandon tools that are simple, quick, cheap, and seem to do a good job of rejecting fraudulent orders while accepting the legitimate ones. This is how we ended up with e-Commerce fraud prevention tools like blacklists.  Blacklist Basics Here's how blacklists work: When merchants approve an order…

Kroger CIO Q&A: Innovation Initiatives Leverage IoT, Mobile Scanning And Shelf-Edge Videos

Long gone are the days when supermarkets were the most risk-averse, tech-unfriendly retailers on the block. In fact, the nation’s largest supermarket chain, Kroger, displays a commitment to data, innovation and tech savvy that other retailers should envy. The leadership of Chris Hjelm, who has been EVP and CIO at Kroger since 2005, is one reason Kroger has been able to keep up with the times. “I came from a background of high-tech at companies including Orbitz, eBay and FedEx,” said Hjelm in an exclusive interview with Retail TouchPoints. “I created a research and development team shortly after I got here, and that’s been a huge contributor to innovation — and it’s a unique capability compared to many of our competitors.”

Zumigo Expands Assure Suite With Identity Verification Capabilities

Zumigo has expanded its Assure suite of mobile device location and identity verification products to offer services designed to mitigate credit card fraud when card numbers get into the wrong hands.  The cloud-based service integrates with banks’ and merchants’ processing systems to verify the identity and location of a user’s mobile device along with credit card ownership to prevent fraudulent transactions. Discrepancies are flagged as possible fraud, and can save merchants and banks expenses ranging from fraudulent purchases and chargebacks to reissuing credit cards.

Why Retail Is The Hottest Target For Hackers

Five trillion dollars in U.S. retail spending is very attractive to cybercriminals. The large volumes of financial data continuously processed by payment and retail vendors is highly valued and can provide criminals with easy payouts. This is a big cause for concern, as Trustwave’s Global Security Report found that the retail industry was the most compromised sector for a fifth year in a row, and the primary target is payment card data. Payment data is most commonly stolen through point-of-sale (POS) breaches, which make up 64% of all incidents, and a magnetic stripe data attack was the second highest at 33%.

Mastercard Invests In Biometrics Security Firm

Mastercard has named HYPR Corp., an authentication solution provider, to the latest class of Mastercard Start Path — a global initiative designed to support innovative startups in retail, fintech, security and Big Data, and help them achieve scale. In October 2017, HYPR secured an initial $8 million Series A funding round led by RRE Ventures, but Mastercard led an additional $2 million investment in the platform. Total capital raised to date now stands at $13 million.

Mobile Commerce’s Most Dangerous Fraud Tactics And Ways To Stop Them

From 2012 to 2015 mobile commerce grew from $24 billion to $122 billion in the U.S. And with this growth came an increase in fraud and an all new breed of fraud threats. Nearly 40% of merchants surveyed by Kount indicated that mobile fraud had increased, up 17% over the previous year. Criminals have discovered new ways to leverage mobile as a means to commit fraud. Mobile fraud is negatively impacting merchants’ bottom lines. One study from Javelin Strategy found that 16% of chargeback losses stem from mobile transactions, nearly equal to losses stemming from in-store purchases. The same study pointed out that retailers are overly reliant on username and password to authenticate purchases.Unfortunately, these simple identity factors are not enough to stop sophisticated criminals.

The Grinch Who Stole Business: Don’t Let Fraud Derail Your Holiday Peak Season Success

One of the most watched holiday season specials is the cartoon adaptation of Dr. Seuss’ “The Grinch Who Stole Christmas.” While the Grinch that steals from the “Who’s in Whoville” is a figment of literature that eventually sees the error of his ways, the Grinch that impacts retailers — fraudsters — is very real, and their taste for thievery grows significantly every year, especially during holiday peak season. According to global consumer and business credit reporting leader Experian, e-Commerce fraud increased to 33% in 2016 compared to 2015. Much of this fraud originated from the 1,093 data breaches that occurred in 2016 —  up 40% over 2015, according to the Identity Theft Resource Center (ITRC). Predictions for 2017 are for an even higher rate of fraud, based on ITRC’s report that 791 breaches took place in the first half of the year, which set a very dubious half-year record.

75% Of U.S. Shoppers Say Identity Theft Is A Major Holiday Concern

Identity theft during the holiday season worries three quarters of consumers, according to a survey conducted by Generali Global Assistance. An even higher percentage, 84%, say a past data breach would affect their willingness to do business with a retailer. As many as 57% of shoppers believe a data breach of an online merchant will pose the greatest identity theft threat this holiday season, while 22% consider a data breach of a brick-and-mortar POS system to be the most acute risk.

Direct-To-Consumer Focus Motivates IT Upgrade At Tommy Bahama

Strategy sessions held back in 2015 had far-reaching impacts for Tommy Bahama. These meetings were the beginning of what has grown into an ambitious program for upgrading many of the apparel brand’s key business solutions, including order management, warehouse management, retail store operations, analytics, merchandising and its entire e-Commerce ecosystem. The 160-store retailer has a thriving e-Commerce business and also operates restaurants in 18 locations. The IT upgrades, scheduled to take place through summer 2019, will bring an enterprise-wide view in two important strategic areas: order management and analytics. Tommy Bahama anticipates significant benefits, according to Lisa Atwood, EVP of Operations, IT and eCommerce.

Sportswear Retailer Integrates Payment Into VR Experience

The jury may still be out on whether virtual reality (VR) will truly take off as a shopping experience, but one forward-thinking retailer already has made VR transaction processes more seamless. Body Language Sportswear has been testing a VR app that allows shoppers to move from interactive 360-degree views of its products directly to checkout, without needing to take off the VR headset or pull out their wallets. The e-Commerce retailer is offering products via the Payscout app, which introduced a VR commerce capability in June 2017. The app integrates with Visa Checkout (VCO), allowing users to register their payment credentials within the digital wallet or access an existing VCO account. The app currently is available for the Google Cardboard hardware, but there are plans to adapt it for iOS and additional VR platforms.

5 Things Retailers Need To Know About The Impending TLS Deadline

In the war against increasingly sophisticated hackers, retailers continue to find themselves on the front lines, grappling with the unfortunate reality that there is no easy fix for their difficult security problems. It’s truly a race for retailers — especially as more and more businesses migrate online and to Internet-connected terminals — to find and implement the best security protections. Take, for example, the aftershock the industry felt after two high-profile bugs, Heartbleed and Poodle, rocked the security world. According to the Payment Card Industry Security Standards Council (PCI SSC), 18 months after the Heartbleed vulnerability was announced there were reportedly still 200,000+ vulnerable devices on the Internet. These vulnerabilities served as a painful reminder that security is only as strong as its weakest link.

Data Breaches Are A Big Problem For Small Retailers: Be Prepared

Don’t think for a minute that the “little guys” are safe. Small and medium sized businesses are in fact often preyed upon by cybercriminals, who view them as having fewer resources to manage cybersecurity. Making matters worse, attacks against SMBs are increasing, despite the Chip and PIN payment technology, as smaller vendors can be slower to adopt the new system. With the threats continuing to increase and SMBs being an attractive target for attack, it’s not a matter of if but when a company will experience a security incident. It is critical that small retailers are up to speed on how to best prepare for and mitigate the fallout of a major security incident. The following are key areas of consideration to keep in mind when managing this major risk.

Exclusive Q&A: How The Equifax Security Breach Will Impact Retail Businesses

On Sept. 7, Equifax revealed that it had suffered a security breach that could impact as many as 143 million consumers in the U.S., the UK and Canada. But consumers aren’t the only ones that could be affected by the breach, which occurred from mid-May through July 2017 — retailers also are facing a considerable risk. Credit card fraud attempts increased 15% year-over-year during August 2017, a period that does not typically see such jumps in activity, according to data from Forter, an e-Commerce fraud prevention solution provider. In an exclusive Q&A, Michael Reitblat, CEO of Forter, notes that false account creation and account takeovers are the biggest issues retailers will have to tackle in the wake of the breach.
Subscribe to this RSS feed