The Logic Group Blog

You may have seen our post last year on Apple snubbing NFC (near field communications) technology in its iPhone 5. This year, reports suggest that Apple is including NFC capabilities in its new iPhone design. This further fuels the speculation it will add payments to its Passbook allowing customers to pay, receive offers and collect loyalty points through their mobile device.

It’s unimaginable to envisage a supermarket with no customers, no check outs – manned or unmanned, gondola ends with tons of offers, and even the smell of freshly baked bread. But actually, Tesco has five and walk-in customers aren’t welcome. They’re not on the high street or even on retail parks. That’s because they are ‘dark stores’. They exist to serve the ever-growing needs for online shopping.

It’s ironic really: Tesco opened its latest ‘dark store’ in January and it created 700 jobs. In contrast, BlockBuster and HMV were slow to respond to the fast moving Internet-enabled business model, leading them into the red.

Technology has rapidly changed the high street...

December retail sales have disappointed. British music industry loses the high street presence of HMV. Another few bite the dust. Britain gets a chilly welcome to 2013...

If you still need more evidence that the Internet has necessitated a rethink of customer engagement strategies, then you may as well shut shop and protect the few assets and cash-in-hand available to you. The onset of the Great Reinvention (as we’d like to refer to the economic depression that started in 2008), marked the beginnings of the evolutionary process that would be driven by the Internet and the shift to online business and shopping. To feign ignorance to the fact that we’re through the evolution phase (of four years) and are now stood at the chasm, would demonstrate poor judgement and a clear lack of understanding of the stark reality that faces us.

2012 has been a tough year for the high street, with retailers struggling to drive sales and many high street stores shutting their doors permanently. By contrast, the online high street saw resilient growth. In fact, the latest figures of the annual IMRG e-Retail Sales Index have revealed that online sales in November are up 18 per cent from last year, as the festive rush has encouraged consumers to reach into their digital pockets. So, 2012 was a year of “Bricks vs. Clicks”, but what will drive retail in 2013?

Here are some of my thoughts for starters, or perhaps predictions for 2013.

There has been a lot of momentum behind mobile payments, NFC-enabled PoS terminals and wallet services in 2012. Technology providers, retailers and merchants, as well as payment service providers are now quite openly supporting the case for multichannel customer experience management. Consumers too have shown some appetite for mobile payments and NFC-enabled cards, although they appear to have even bigger willingness to shop online.

However, for consumers to readily adopt and widely embrace the new technology-enabled payment and interaction experience, the retailer, merchant, technology and payment provider ecosystem needs to understand consumer expectations from multichannel customer interaction systems and instil the confidence to trust new payment technologies to protect their identity credentials in any environment.

In 2012, many media and analyst reports pronounced the high street dead with a new “death of the high street” story seeming to appear every week. Well known brands such as Comet, La Senza and Clinton Cards going into administration, coupled with the recent news that two in three high street stores started their sales two weeks before Christmas suggests that bricks and mortar stores have struggled in 2012.

This doesn’t mean people are no longer buying though, with statistics showing that more people are shopping online and that, at an average spend of over £1,000 per head, the British are the biggest online shoppers in any major country. However, if we drill down deeper behind these figures, it appears that online spend only accounts for 13 per cent total retail sales [3], which begs the question is the high street really dead?

A couple of days ago I logged on to my computer to read that VeriFone had pulled their mobile payments device 'Sail' out of the market after an eight month battle with Square. The reason VeriFone's CEO, Doug Bergeron, gave for this was that the micro-merchant space is 'fundamentally unprofitable'?

Post this announcement, there have been a number of articles questioning if VeriFone's exit should worry Square. Personally I think the answer to this question is yes, but not necessarily for the obvious reasons.

Over 50% of adults in the UK [1] already have contactless credit/debit cards, yet how many of them know what they have in their pockets? And how many would be willing to use contactless payment cards, even in an existing enabled environment? A survey from Which showed that only 54% of 158 Londoners surveyed would be willing to use contactless cards as opposed to Oyster cards, even if it gave them the same benefits [2]. Combine that with the fact that many people feel they are not protected in case of fraudulent use, and one could be forgiven for thinking that contactless cards stand no chance. Is this just a case of lack of consumer awareness and trust?

It's been a grim couple of years for the high street with an estimated 30 chain stores closing daily [1]. A recent PriceWaterhouseCoopers report suggests that, over the last 12 months, major retailers in the UK have closed close to 1,000 stores; caused by a combination of the recession and the growth of the internet shopping (compared to 174 in 2011). With many big names such as Comet, Game and Clinton Cards feeling the strain, the Government recently pulled together a think tank to come up with a solution to the demise of the high street. But, perhaps the rebirth of the high street is possible with the reinvention of retailing through an old foe (the internet), as we see a blurring of the real world and virtual worlds with mobile-commerce.

The Logic Group were delighted to exhibit and speak at the first Mobile Wallet Summit Europe, on 28th and 29th November 2012.

Solutions Marketing Manager, Mark Prior-Egerton gives a summary of the key highlights from the day, and his thoughts and vision around the convergence of payment and loyalty solutions, and the role mobile will play in this.

“Black Friday” lasted a whole weekend and was the perfect time to do my online shopping. I would say that buying online is definitely the preferred choice of this blogger, however the experience was a little “flaky” and I wonder how it could be improved?

On Monday (12th November) I was alerted by a colleague to a You Tube video going viral; if you haven’t seen it already it’s titled ‘The Risk inside your credit card’ and suggests that fraudsters can electronically pick pocket your contactless cards - so it’s not surprising it’s had over 5.5 million hits.

The video stipulates that armed with a contactless card reader, fraudsters can gather sufficient card information to clone the card and use it at retailers to make purchases, which isn’t that compelling until the video shows it being done.

PA-DSS (Payment Application Data Security Standard) is the standard put in place by the Payment Card Industry Security Standards Council (PCI SSC), to limit the risk of data breaches in payment applications involved with cardholder data.

The standard itself originates from the PABP (Payment Application Best Practice) set out by Visa in 2005 [1] to advise vendors of best practice around the storage and transmission of data in payment applications, and helps with compliance to PCI DSS (Payment Card Industry Data Security Standard).

The Logic Group was delighted to attend and present at the second FStech/Retail Systems Payments Technology Conference last week. Bringing together leading figures from retail and financial services, the event showcased the latest developments, services and products in trending areas such as contactless cards, payment security, online payments, the future of cash, and social payments.

Jonathon Solomons, Solution Partner Manager at The Logic Group summarises the key messages.

The iPhone 5 went on sale on Friday but there was something missing that many in retail and the payments space thought was guaranteed – NFC. When the launch was announced the week before, the exclusion of NFC was somewhat surprising. It was thought that on the back of Apple unveiling Passbook (a service that pulls together loyalty cards, tickets and coupons) in June, embedding NFC would be the next natural step to complete their mobile wallet offering. Mobile wallets bring together credit and debit cards, bank accounts, loyalty cards, rewards and coupons in one place, letting shoppers pay for purchases online and in physical stores too.

NFC-enabled mobile payments only scratch the surface in terms of the services mobile technology can offer to retailers. For the true value to be recognised, businesses need to understand that it isn’t in the ability to just offer a payment service – it is in the customer interaction opportunities it creates.

 

Focusing on the mobile wallet from a pure payments perspective massively undervalues the impact mobiles can have. It could be said that tapping a phone is as useful as tapping a card, and as such, there’s no real benefit to the customer. However, if a consumer is tapping a phone for payment and simultaneously providing loyalty details and/or redeeming a money-off voucher, while using it to get additional in-store services, it is a bigger incentive for customers and retailers alike.

 

Two news stories this week have really made the retail sector in the UK stand up and take notice. The first is Tesco’s introduction of an “interactive virtual grocery store” at London’s Gatwick airport, the first seen in the UK. Meanwhile, over in the US, Starbucks has announced a deal with Square, the company behind the same-named card payment reader, which will see Starbucks invest $25 million and switch its processing of debit and credit card payments to mobile payments.

 

Irrational Fears
Have you ever had an irrational fear?  I've had quite a few in my time, but today I'll confess to one involving car windows.  When I had older cars with manually operated windows I had a phobia of cars with electric windows.  My fear was that if I drove one of these new-fangled electric windows cars, I'd have an accident on a bridge or along a body of water, my car would break through the safety barriers and would plunge into the dark icy waters.  I'd try in vain to open the door, but deformation from the crash would make that impossible.  The waters would flood the car electrics also stopping the electric windows from functioning.  So, as I sit in the rapidly filling car I would curse the day I stopped using cars with manual windows.  You'll be pleased to know that I did get over my irrational fear it's now over 5 years since I began using cars with electric windows and I'm still here.

 

It's security stupid

When I look at the recent hoo-ha surrounding the security vulnerabilities discovered in Google Wallet it makes me think that others might too be suffering from an irrational fear.

Brussel Sprouts, hated them. These evil little green things just wanted to ruin a perfectly good dinner. After the joy of Christmas morning, playing with toys (I am talking about my childhood here, and yes, I can still remember it) and finally getting the “GET TO THE TABLE” call. Crackers pulled, reading the jokes (yes, still the basis of my humour till today) and putting on funny hats – laughing with grandparents. And then dinner is served, and it’s like the uber Sunday lunch! Added extras, cocktail sausages with bacon wrapped round (they weren’t called pigs in blankets back then!) – what genius came up with that? Freshly made stuffing and gravy, the turkey (we did have goose a few times) lots of roasties, good old veggies, and then, there it would be, the sprout. Now I never cheated per se, I was a good boy (at this time) and always did what my Mum told me to. So I would eat the sprouts, but only by dissecting them into the smallest possible size, and then trying to disguise the foul taste with a forkful of nice, tasty food.

Any of you heard of Bitcoins?  This relatively new method of online payment has really exploded onto the world stage during 2011, thus I thought it was worth looking into what all the fuss is about.

 

Bitcoins are one of a number of digital P2P payment methods whose aim is to recreate cash for the digital age.  Bitcoin refers to three things:
1) The decentralized, peer-to-peer network that carries the transactions
2) The digital currency itself that users exchange over the above-mentioned network
3) The client software which users use to access the network and carry out transactions

Don’t you just hate it when you are rushing around town trying to do some last minute shopping when out of nowhere you are corralled by one or more young people dressed in colourful t-shirts, holding clipboards and eager to help you save the world by relieving you of some of your money.  Some refer to them as chuggers (i.e. Charity Muggers).  Whilst a tad harsh, this nickname does underline how unpopular this method of collection has become to parts of our society.  The issue is probably one of frequency – there seem to be so many that sometimes I feel like I’m tripping over them on my way to the shops.

I am always weary of consumer surveys, and this week I have seen countless examples of how the questions can be worded in favour of a desired outcome!  The latest was looking at the security of the mobile as a payment vehicle, and just under half showed that “lack of security” as a concern.

 

As an example of “leading a witness”, compare the following sets of questions, and decide if they take you to a different answer:

• Are you worried about the personal impact of payment fraud on your life?
• Do you think that more should be done to secure your payment information?
• Would you be concerned about all your payment details being sent over the air, and stored in your phone?
• Have you thought what you would do if you lost your phone containing all this sensitive information?
• Do you think that the lack of security is too big a risk to using your phone to make a payment?

 

Alternatively:

• Were you aware that payment fraud has decreased over the last year?
• Do you think that this was due to all the improved security measures?
• Would you be keen on maintaining the level of security, yet making payment faster and more convenient?
• Would you like to securely transfer your card details over the air so that you only have to carry your phone with you?
• Would you be in favour of improving the payment experience through use of your mobile phone?

 

This is a poor imitation on a “Yes Prime Minister” sketch from 1986 (regarding conscription), but looks to highlight how a survey can lead to a differing conclusion on the same question.  I am not suggesting that this was the case with the mobile survey, but it always makes me think twice about the results.

I was recently sent a viral video of a baby who's used an iPad to such an extent, that she tried to use the same tablet UI gestures (swiping, clicking and pinch-zooming) when given a real (i.e. dead tree) magazine.

 

What struck me was how the video appeared to polarize opinion between the people who chastised the parents for 'ruining their child's future' and those who hailed this as a watershed moment in human evolution.

 

As with many things in life, I try to take the middle ground.

Recently I received an email offer from a retailer, 3 for 2 off reptile food…”wow” I thought, as I have a parrot, rabbit and 2 dogs but definitely no reptile. Did they know something I didn’t about me?

 

Another simple case of mass marketing and a spray and pray attitude that not only dilutes the campaign but has completely missed a great chance to engage with a customer. It got me thinking…how often does this occur and am I getting the same offer as the person next door? Does this organisation really value my business and me as a customer? On the flip side, what actually does the reptile enthusiast get and buy regularly from this retailer? The answer to the latter is a reduced price off his purchase that they would have likely bought anyway, the consumer is happy but the retailer has diluted their campaign and given away profit due to an indifferent approach to consumer focused marketing and customer loyalty.

Well they have arrived. After more than a year of discussion and debate the new requirements for Point to Point Encryption (P2PE) have finally been released by the PCI SSC.

 

These requirements, which are contained in the Point to Point Encryption: Encryption, Decryption and Key Management within Secure Cryptographic Devices (Hardware/Hardware) v1.0, were released this month and define how a payment solution provider may validate its P2PE solution thereby allowing merchants to reduce the scope of their PCI DSS assessments when using the solution.

I am looking for a new wallet. It must be leather, bi-fold, and have a space for notes...I abandoned carting around loose change a while ago! I have been wondering if in five years, or may be ten years the wallet as we know it will still exist! I only use my wallet to carry payment card, one or two loyalty cards, and a note or two just incase I have the misfortune to find somewhere that does not accept cards.

 

I am a big advocate of contactless payments. It makes life simple, and has meant that I no longer have to weigh my pockets down with coins. Working in the card payments industry, I of course always try to use a card over cash, and this has changed my requirements for my new wallet without a coin pocket.

We recently hosted a webinar on Mobile Payments (you can register to view the webinar recording here), and how for us, mobile is more about “Mobile Interactions”, rather than just payment.  Many cross channel payment methods are moving in store.  Combining multiple services such as loyalty and couponing will add further value to the checkout experience through the use of NFC Mobile phones.

 

During the webinar, the attendees were asked to contribute questions for both clarification on specific areas, as well as general industry concerns.  Due to time constraints, we were unable to answer all the questions during the session, so I wanted to spend some time outlining my answers in this blog.

Working in the multichannel payments industry and having responsibility for the Point of Interaction, including the customer journey, I am always interested in improving the retail experience through new and existing technology. I have been in a number of meetings where retailers have asked if they could replicate the experience received from a certain fruit based store!

As we have seen, contactless payments are beginning to move into the mainstream. As my colleague Mark Carpenter noted in his blog, support for contactless transactions is moving out from the metropolis, even to the rarefied environs of his country retreat.

This weekend I witnessed a major breakthrough in contactless payment acceptance. Having spent a lazy sunny afternoon in a beer garden, we asked to close our tab. I watched in disbelieve as the waiter started waving my debit card back and forth over the PIN Pad for a good minute, before inserting my card into the reader looking slightly disappointed. Having noticed my quizzical look, he went on to explain that their PIN pad accepts contactless, and he had been waiting for the day that someone went to pay with a contactless card! For me this was very encouraging – Contactless has migrated from focused busy London locations, all the way to a sleepy village pub 50 miles outside the capital! This waiter not only knew that the PIN Pad supported contactless, but also must have recognised the symbol on my payment card!

Today we hear confirmation about a breach of the Sony Playstation Network with the loss of millions of account names and personal details and potentially the loss of payment card details such as the payment card number and Expiry dates, but excluding the security code.

 

The type of data rumoured lost includes names, addresses, email addresses, account names, account passwords, relevant date of birth and answers to security questions. By security questions one presumes the questions would be of a similar type to: What is the name of your pet?

 

So should we be concerned?

Every man and their dog has a smartphone these days.  Whether an Android, Apple or Blackberry device, today's mobiles are as powerful as desktop PCs were only a decade or so ago.  They can browse the internet and run a countless number of applications.  As such is it inevitable that more and more people are starting to use them like they do with their main PCs – keeping increasing amounts of sensitive personal information on them and using them to make purchases and do personal banking.  The problem is that unlike their PCs, most mobile phones are not currently adequately protected against viruses.  But how many smartphones are there and do people actually use them in sufficient numbers for this to be an issue?

Should retail businesses invest in developing an app or stick to improving their website?

 

I recently attended a summit on multichannel retailing. As predicted, mobile was a topic that came up again and again. It seems to be a bit of a buzz word at the moment yet it was only a year ago that I could not make it through a day without out talking about end-to-end encryption. Now that The Logic Group has multiple solutions for reducing PCI through encryption and tokenisation, it seems that like the industry, my thoughts turn to ensuring our clients can capitalise on mobile transactions.

You are a retail business. You have spent a small fortune in time and money to upgrade your systems and processes and a certified QSA has accredited you as PCI DSS compliant. Do you sit back and relax, safe in the knowledge that you have achieved security nirvana and that fraud will never show its ugly face in your business again? Well not quite.

Will mobile phones replace the card?

 

More people leave their wallet at home, than their phone. In the past, this may have caused the shopper some difficulty as they search their pockets at a checkout. This situation is set to change with the introduction of NFC contactless technology coupled with your mobile phone. The exact form factor is evolving from bank issued stickers attached to any item, NFC enabled SIM cards, to contactless enabled handsets. The timelines for mass adoption are still unclear, but we are firmly on the journey!

Having recently attended a breakfast briefing in London on the subject of micropayments, I was fascinated to learn that the market opportunity for micropayments is forecasted to grow to €15bn by 2015! A massive growth from today’s estimates of €6bn, considering that most other markets are either flat, or showing minimal growth. The reason for this unprecedented growth?

In Dec 2007 the European Commission announced that MasterCard had breached Article 81(1) of the EC treaty, prohibiting agreements and practices that could affect trade between Member States, by setting multi-lateral interchange fees (MIF) for cross border and domestic credit and debit card transactions in 8 member states. Legal wrangling and intense negotiations over the past 3 years have resulted in MasterCard undertaking to adopt certain measures to enhance the transparency of its payment card scheme, enabling consumers and retailers to make better informed choices as to which payment cards they use and accept. As a consequence in 2009, both MasterCard and Visa introduced rules mandating that all EU acquiring banks offer “unbundled” merchant service charges (MSC) from January 2011. But what does this all mean?

As the global economy slowly emerges from the downturn in what is becoming an ever more aggressive marketplace, organisations are seeking to gain that all important edge over their rivals, with many once again turning to technology to help maximise their competitive advantage.

 

At the turn of the century it was the rise of the internet and e-commerce that led the way in providing businesses with a new channel to market to compete against, or complement, the already well established retail outlet and call centre channels. In the new decade many are looking at the rise of mobile technologies, through the development of contactless, smartphones, and tablets to drive consumer demand for mobile commerce and mobile payments. However, as with all early technology advancements one solution doesn’t fit all and there are a plethora of technology options developing through numerous pilots to allow early adopters to test the market place. With countless technology manufacturers, systems integrators and service providers touting their wares and jostling for position it’s no wonder organisations are struggling to know where to start. So what’s it all about and haven’t we been here before?

Sometimes “it will never happen to me” should not be the corporate line!

 

Last year I discovered that my credit card had been used for a number of rogue transactions. My first thought was to blame the wife…but on second glance, they were clearly fraudulent. My mood changed as I thought about all the phone calls and letters it would take to clear up this mess.

As more brands adopt contactless technology, how many consumers and staff at the check-out really understand its benefits and how to use it?

 

Last month Neira Jones, Head of the Payment Security Team at Barclaycard, reported in an interview with Grocery Trader that there are now around eight million cards with contactless functionality across the Barclaycard Group, she also confirmed that Barclaycard “see contactless being as safe as cash, if not more so.”

According to the January 2010 report from the National Fraud Authority, fraud now costs the UK an eye watering £30 billion a year. 58% of fraud is committed in the private sector with tax fraud hitting £15.2 billion, and, in the private sector, financial services companies and organisations are said to suffer yearly losses of £3.8 billion through crimes including mortgage and insurance fraud, online banking, cheque and card fraud.

100% security doesn’t exist.

 

The frustrating truth is that almost every organisation will suffer a security breach at some point. Whether it is the defacing of a website, loss of data through a Trojan horse or the corruption of a system by a virus or worm, most companies will experience some form of data breach. This includes merchants who have diligently put measures in place to prevent fraud by implementing the correct security processes and procedures, enlisted specialist third-party anti-fraud services, adhered to appropriate industry initiatives such as 3D Secure and CV2, and complied with PCI DSS to protect their infrastructure against attack.

PIN Entry Devices - Marketing campaigns at a consumer level

 

It’s been a while since I have been reminded to “insert my card into the chip and pin reader” by a retail assistant. Industry regulations have shaped consumer behaviour, and by now, many of us instinctively hover over the reader waiting for the moment of payment. Pin Entry Devices are becoming increasingly part of a retailer’s image, and price is not the only factor in device selection. PIN Pads must enable chip and pin transactions of course, but this is a commodity. What else can the PIN Pad do to convince a store that it merits the investment?

In the fast changing technology landscape a week does not pass by without a new Game-changing social media app, a new service in the cloud or some other provocative evolution. What chance does a regulator, such as PCI SSC have in setting a standard that applies to all the technologies employed in payments? Two years since PCIDSS 1.2, PCI DSS 2.0 is now upon us and this was one of topics discussed at a recent QSA roundtable...

Contactless payment technology continues to develop; it is a hot topic of discussion as Barclaycard rolls out an update to its TV advert demonstrating the ease of contactless technology – but will its implementation become a rollercoaster ride for retailers and will hard currency become harder to find in the future?

The first PCI DSS deadline has been widely discussed by both merchants and payment card industry specialists but what does this really mean, will Visa and Mastercard soon be knocking at your door?