News

Secure M-Commerce and E-Commerce Systems

BY CSA STAFF

By Carole Murphy

Retailers know that e-commerce is driving revenue growth by extending the reach of business to buyers anytime and anywhere. Initially, retailers thought that mobile smartphones and tablet – a subset of e-commerce – would only have a negative impact on in-store sales with behaviors such as “showrooming,” where people go to a local business, find the merchandise they want and then use their smartphone to find the same items somewhere else for a lower price. However, the most recent studies turn this idea upside down. They quantify not only purchases made directly on mobile devices, but the purchase behaviors influencing sales in-store.

A report on “How In-Store Shoppers are Using Mobile Devices” features the results of a study that was performed in 2013 in conjunction with The Google Shopper Marketing Agency Council and M/A/R/C Research. Examining consumer buying behavior has revealed that “smartphone users buy more in brick and mortar stores than shoppers who don’t use mobile devices.” Furthermore, over the next three to four years, direct mobile purchases are projected to double the CAGR of e-commerce sales. eMarketer estimates that “by 2017 m-commerce sales are expected to…reach over $113 billion which would be a CAGR of 28%.”

The bottom line is that, with growth of both the mobile influence factor and mobile payments, m-commerce and e-commerce are imperatives for retailers.

E-commerce and m-commerce are critical channels to revenue just as they are ways to enhance brand and gain greater customer loyalty. For IT, that means effectively maintaining security and compliance or the very same channels could lead to the immediate and even catastrophic undoing of brand value and consumer trust. Top IT challenges are to secure consumer data, maintain compliance to security and privacy regulations and provide buyer behavior data back to the business.

Cybercriminals have become highly adept at thwarting existing IT security defenses as well as exploiting any weak links in the payments ecosystem. Advanced Persistent Threats (APTs) are increasing, and recent breaches have focused a spotlight on growth in Card Not Present (CNP) fraud and hacking. Conventional data protection solutions protect sensitive corporate and customer data at rest in databases but not in transit or as it is consumed and analyzed. Conventional “container-based” data protection solutions tend to proliferate as point solutions – exacerbating IT management and maintenance challenges and costs.

With trends like m-commerce, Big Data and cloud computing, the traditional walls of the IT environment are falling. Data moves inside and outside the business, which needs increased access to data for analytics and customer insights. Point solutions are problematic in that they can become very short-term. IT needs ways to protect sensitive data that can be consumed and not just stored in a container; that is, protection that is data-centric and travels with the data.

Security technologies like SSL only protect consumer data while it is “in the pipe,” but leave credit card numbers in the clear as data transits from the browser through web and application tiers and upstream IT systems and networks. With the increased sophistication of cybercriminals, IT must find ways to close these security gaps.

Tokenization, which is used as a way to replace credit card numbers with substitute values or tokens, is one of the data protection and audit scope reduction methods recommended by the Payment Card Industry Digital Security Standard (PCI DSS) guidelines. However, companies that have implemented first-generation or conventional tokenization solutions are finding they don’t scale well and can’t support business growth – primarily because conventional tokenization solutions have a token database central to their architecture. Tokenization databases grow over time, become increasingly costly to manage, introduce data integrity issues, and become a high-value target for data breach. There are new approaches available to enhance data security and reduce PCI audit scope while still maintaining control over payment processes.

Maintaining compliance with data security and privacy regulations is an ongoing effort, with ever-increasing costs. Applications and systems may be in compliance with PCI guidelines, but as long as they hold customer credit card numbers in the clear, they are in scope for PCI audit. The more of these applications and databases there are, the greater the complexity and cost to maintain compliance and to undergo PCI audit and remediation.

Moreover, compliance doesn’t necessarily equate to security. There are many examples of data breaches in businesses that actually were in compliance at the time of the breach. In that case, it’s critical, for Safe Harbor protection of the business, for IT to be able to show published security proofs of standards-based protection techniques, supplied by the data security vendor, along with published independent third-party validation of the strength of the security solution. Finding technology that will mitigate risk and raise the overall security profile of the company is a major, but not insurmountable, challenge for IT.

Planning for retail business peaks is difficult and expensive. One of the great advantages of cloud Infrastructure as a Service is that IT could instantly order more web server capability to handle business peak times – and forego the expense of maintaining that infrastructure in-house throughout the year. But cloud services don’t offer effective security for highly sensitive and valuable customer data, so many businesses hesitate to use the Cloud in spite of the cost-savings potential and added flexibility. In fact, data-centric protection solutions can solve that dilemma too.

M-commerce and e-commerce are critical to enabling retail businesses to thrive now and in the future. With the proper data protection solutions in place, IT and the Security and Risk professionals in the organization can rapidly enable the business to embrace the technological shifts already underway in consumer buying behavior, while simultaneously securing the business and protecting its brand and reputation.


More Web Exclusives/Guest Commentaries

keyboard_arrow_downCOMMENTS

Leave a Reply

No comments found

Polls

Consumer confidence is high. Is that reflected in your stores’ revenues?

View Results

Loading ... Loading ...
REAL ESTATE

Retail availability rate down 70 bps for 2013

BY Michael Fickes

Los Angeles — The retail availability rate fell 70 basis points in 2013, reaching 12% and reflecting continued net absorption gains, according to a report from CBRE. The rate fell 30 basis points in the fourth quarter, which matches the momentum of the first half of 2013 after a flat third quarter.

For the year, a majority of markets recorded declining availability rates, and just 19 markets recorded flat or increasing rates. Houston, Austin, Detroit and Fort Worth recorded declines in availability rates of 60 or more basis points in the fourth quarter. Other markets recording decreasing rates were Albuquerque, Charlotte, Nashville and Chicago. With the exception of Albuquerque, these markets remain below the rates recorded in 2012.

Markets showing the most improvement during 2013 include Fort Worth, Dallas, Houston, and Memphis.

New York, San Diego, Albuquerque, Raleigh, and Tampa, are the only markets with higher availability than a year ago.

CBRE forecasts the availability rate for neighborhood and community shopping centers in 2014 to decline to 10.6%.

keyboard_arrow_downCOMMENTS

Leave a Reply

No comments found

Polls

Consumer confidence is high. Is that reflected in your stores’ revenues?

View Results

Loading ... Loading ...
REAL ESTATE

RMC to redevelop Largo, Fla., Publix-anchored center

BY Michael Fickes

Tampa, Fla. — RMC Property Group has announced plans to redevelop the Publix-anchored Indian Rocks Shopping Center in Largo, Fla. Bealls Outlet and Dollar Tree also serve as co-anchors at the center.

Publix recently signed a new lease and plans to completely redevelop a 45,000-sq.-ft. store. The existing Publix closed in December 2013. Plans call for the redeveloped store to open this fall.

The redevelopment of the center itself will occur in phases designed to enable all businesses operating in the center to remain open during construction.

Redevelopment plans include a new façade, parking field enhancements, new monument signage and an additional 3,000 sq. ft. of leasable inline space. The center is currently fully leased and the new retail sq. ft. will create the first new direct leasing opportunity in several years.

Campo Engineering and Fisher & Associates are handling the engineering and architectural work for the project.

keyboard_arrow_downCOMMENTS

Leave a Reply

No comments found

Polls

Consumer confidence is high. Is that reflected in your stores’ revenues?

View Results

Loading ... Loading ...