Evan Schuman's StorefrontBacktalk

We don’t typically share quotes from entertainers, but this retail line seemed worth it. From Bill Maher: “True love is like a salesman at Home Depot: it only comes along once or twice in a lifetime, so you gotta grab it.”

When Macy’s confirmed this month that it is abandoning its classic giftwrap service at almost all of its stores (five out of the chain’s 850 stores will still offer the service), it became a wonderful metaphor for the industry’s lack of true service, one nicely represented by something that is—by definition—cosmetic and purely decorative. In difficult economic times, functionality reigns; it can even trump price. But so many retailers miss golden opportunities to make their case effectively. Consider how many technologies have been portrayed as undermining customer service: self-checkout, kiosks, ATMs and even some elements of today’s mobile offerings.

The counter argument has been that these technologies allow retailers to redeploy people into positions where they can truly deliver customer service. The classic example: taking cashiers out of checkout lanes and instead having them carry customers’ bags to their cars. Would Macy’s be facing less of a backlash if, instead of quietly laying off some of those box wrappers, it prominently featured them in highly visible customer-facing situations? Consider an associate working aisles wearing a button that declares: “I was taken off giftwrap so I can help you here.”

The payment industry is ripe for a new disruptive technology to come along and tip the banking world on its head. For too long, the banks have been living off a protected revenue stream from interchange that pays for a bloated and archaic system. Why is it that Google can offer a 2-hour high-definition movie streamed to your PC for free but the average credit card transaction ($100) carries an interchange fee of almost $3? The problem, opines Franchisee Columnist Todd Michaud, is that most innovation is happening at the consumer and retail end of the transaction.

What would happen if we turned NFC on its head? For example, rather than the phone making a payment to the POS, it makes a payment to the restaurant’s bank in the cloud. What would happen if the restaurant deducted the cost of lunch from Facebook credits? What if the guest could earn a free lunch by promoting the brand on Twitter? What if restaurants gave guests their menus on an iPad? What if that menu was customized to each diner’s likes, dislikes and allergies? What about a restaurant booth that has a video-conferencing setup that allowed to people to have lunch together without being in the same restaurant?

The conventional belief among retail marketers is that Gen-Y consumers (especially teenaged girls) have zero sense of privacy and that they will—and do—share every aspect of their lives with anyone online. Well, if a new study out of Europe is to be believed, those girls may be a bit more private than their personaes would imply. It suggests that the teens will indeed share anything, but only with a relatively small circle of friends.

The report comes from Euro RSCG: “Although the average teen girl might have more than 100 friends on Facebook, she focuses on sharing key information with the one or two people closest to her,” the report said. “When they find a good deal, teen girls want to share it—but they’re more interested in tipping off a friend than in broadcasting the information. Shopping with just her best friend or sister, a teen girl will spend 23 percent more than when shopping with two or more friends. Shopping with a boy, she will spend less than half of what she spends with her close friend or sister. And shopping with her mother, who provides access to a larger budget and is also a key member of her intimate circle, she will spend triple the amount she spends with a group of friends.”

The Centers For Disease Control have to tackle some wonderfully difficult detective assignments, including a recent case where they had to find out why people were getting sick from salami. (It turned out to be some pepper used as a seasoning.) The government operation is now formally tapping into loyalty card CRM databases from retail chains for help.

Some chains—such as Costco—have been using their CRM databases to alert customers to recalls for years. But the CDC hadn’t done so, at least not in an organized fashion. Now they are, according to this Associated Press story. “Through interviews and questionnaires, investigators suspected some kind of Italian meat was the culprit, but people couldn’t remember what brand they bought, CDC epidemiologist Casey Barton Behravesh said,” according to the AP story. “So the CDC asked supermarkets for certain buying information on seven victims in Washington state, focusing on suspect products rather than everything the customers had bought, Behravesh said. ‘We didn’t care about the brand of toilet paper people were buying,’ she said.”

A new report from IHL concludes that “after contracting 9 percent in 2009, the Europe/Middle East/Africa region is in the process of seeing growth return to the POS market for the first time in two years.” IHL thought that Russia’s situation was especially illustrative. Following an 18 percent plummet in POS shipments last year, “Russia’s economy has stabilized and shipments should grow 6 percent in 2010 and once again see double-digit growth in 2011. If oil prices increase to more than $100 per barrel, the shipments will increase further,” said IHL President Greg Buzek.

“For most markets such as UK, France and Germany, the pullback of the last two years means there is pent-up demand because equipment has been kept longer than it normally would. The region did not see the same level of store closures and contraction that we saw in North America, due to employment laws that preclude closing stores in many countries, and that limits the used market for POS. So everything out there simply got older. Thus the pullback of the last two years increases the growth chances moving forward,” Buzek said. “Instability in Greece, financial issues in Dubai—which had been seeing strong growth—tight capital markets and the prospect of conflict between Israel and Iran remain drags on the region’s growth, but 2010 will grow. UK, Germany, France and Scandinavia will each see growth for the first time in 3 years. And preparations for the World Cup are driving adoption rates in South Africa.”

In the 15 or so years that we’ve had E-Commerce, the industry has seen quite a few improvements, but nothing that radically changed the way people shopped or retailers sold. Local inventory search, which today is not even in its infancy (not really even embryonic; it’s more like a zygote), is likely to be the first truly dramatic shift.

Last Thursday (March 11), Google made a major—albeit extremely preliminary—move into local inventory search through a deal with a handful of major chains: Best Buy, Sears, Williams Sonoma, Pottery Barn and the Vitamin Shoppe. But instead of working out this process internally and then bringing in retailers—or the reverse, with retailers figuring it out first—Google’s objective is to run the earliest stage tests with various chains “so we’re both learning how to do this in parallel,” said Paul Lee, Google Product Search’s business product manager.

Coming on the heels of last month’s support of mobile gift cards, Target’s announcement on Wednesday (March 10) that it was embracing a mobile coupon program does not seem that surprising. And it isn’t. But Target’s decision to have all offers delivered to all customers—and updated only once a month—is.

The power of a mobile coupon program is not just in the convenience of the always-with-you device format. It’s in the customizable nature of it and the related upsell and CRM implications. Why wouldn’t Target offer consumers the ability to pick and choose—from their desktop machine—from a huge selection of offers? Those choices would provide valuable targeting information on an individual shopper basis. And if Target’s decision is indeed to offer one blanket list of mobile opportunities, why not use existing CRM data to target certain offers to specific customer segments? Plus, why update those offers only once a month?

The growing movement of major league consumer goods manufacturers selling directly from their Web sites is hardly unexpected. But the lack of a defensive reaction from retail IT is. For more than a decade, a mountain of extranet projects has allowed data to flow freely from manufacturer to retailer, with real-time data about pricing, inventory and millions of marketing insights. Is it time to radically reevaluate what is being shared?

The direct-sell CG announcements are all couched in politically sensitive phrasing, with promises that it’s just a short-term test to better understand mutual customers and that some of the data will be shared with retailers. Some even argue that these direct-to-consumer moves will help retailers make more money by allowing the manufacturer to better target its products. (That argument is not necessarily impressive, but making it with a straight face is.)

Although true item-level RFID is still years away, ABI Research is still confident that RFID sales will hit $5.4 billion this year. And it projects that number will reach $8.3 billion by 2014. The tagged segments expected to lead the way include real-time location systems, baggage handling, animal ID and a smidgen of item-level use in high-end fashion and other similar high-priced retail offerings.

“Other key opportunities include electronic vehicle registration, continued penetration of RFID-enabled e-ID/e-government documents—including health cards—and continued expansion of library systems. Also worth watching: slowed but continued progress in retail CPG supply chain management and multiple flavors of asset management that leverage RFID technologies, including specialty passive UHF tags,” said ABI’s practice director, Michael Liard. “Modernizing applications for RFID will grow more rapidly than their traditional predecessors such as access control, automobile immobilization, electronic toll collection and others that account for slightly more than 61 percent of the total market today. These applications are expected to grow 6 percent compounded annually from 2010 through 2014. In contrast, modernizing applications—animal ID, asset management, baggage handling, cargo tracking and security, POS-contactless payment, RTLS, supply chain management and ticketing—are forecast to grow roughly 19 percent in the same time period.”

As Google—which has been toying with capturing retailers’ in-store images for its search database—and mobile projects have been pushing the data-capture envelope, retailers have been able to sit back and think of 100 ways to use that data once it’s organized and made accessible. Even the petabytes of free CRM data floating around in social sites are starting to be spidered and analyzed, not to mention payment cards designed for data-sharing and even more wacky ideas.

But we have now seen the first concrete government effort to slow down that data flow, and it comes from European Union data privacy regulators. An EU letter said that not only must Google provide more warnings to consumers before it sends cameras out to shoot street views, but that Google “should shorten the length of time for which it keeps the uncensored photographs it takes from one year to six months.”

Retail IT is generally on the lookout for cyberthief intruders trying to break into sensitive systems. The disgruntled former employee is another well-known trouble spot, as are the greedy and potentially dishonest current employees who simply exceed access authorization. But one of the most dangerous and often overlooked threats is the bored and honest employee, frequently younger and left in a very monotonous environment with little to no supervision.

Think video store, convenience chain, 24-hour restaurant and gas station. Hacking away out of boredom is a very different profile from someone looking to harm the chain or even steal something to sell later.

When cyberthieves plant skimming devices inside POS PIN pads, they typically have one of two headaches. First, they have to return to the scene of the crime to retrieve the device and its stolen data, which is dangerous. If the thieves use the device to wirelessly phone the data to one of their own, it’s safer initially. But if that data is detected and examined, it could lead law enforcement right to the culprits—a.k.a., problem number two.

But one group of cyberthieves in Utah—as yet uncaught—has hit about 200 gas stations in that state with a toothy tweak: Bluetooth-y, to be precise. By arming their skimmer with a Bluetooth transmitter, the stolen card data was beamed out indiscriminately to anyone nearby—make that very nearby—who happened to choose to listen for it. When such a device is found by law enforcement, it reveals nothing to point to the thieves’ location—past or present—and nothing to even indicate how long it’s been there. The devices in the Utah case had no local storage whatsoever, police said; they simply grabbed the data and instantly beamed it away.

With the economy putting intense pressure on supplier costs—while also making lower cost merchandise highly attractive—Best Buy is quietly making a push into the secondary market, a strategy that is opening huge possibilities in its CRM analytics. Suddenly, a sold product starts the clock on when it can be profitably bought back.

“The product now doesn’t disappear from your mind after it’s sold. It actually just begins a different lifecycle,” said Larissa Hall, the Best Buy general manager in charge of the consumer end of Best Buy’s new venture. “Why let eBay have all the fun? You don’t throw away a car when you’re done with it. Even a broken DVD player is worth something.”

Many restaurant chains don’t realize that by implementing online ordering, they are exposing their menu system to consumers for the first time. This may not seem like a big deal. But in all the concepts that Franchisee Columnist Todd Michaud has worked on over the years, the actual menu architecture has been both very flawed and typically “covered up” by the restaurant’s crew, who knows how to work around its challenges. For example, he talks about a group of restaurants that used the “No – Add Ketchup” modifier for about 3 years. The crew understood this to mean “No Ketchup.” A customer, meanwhile, would look at the receipt and say, “But I don’t want any ketchup!”

Such a system obviously can’t be unleashed on the Internet. Consumers will not tolerate a system that is difficult to use. For chains, the challenges often come from tracking data in one way while marketing/selling it in another. Add to that the complexity of each franchisee having unique, local store marketing offers and the responsibility for its own pricing, and what seems very simple can quickly become very complex.

Traditionally, when a retailer rolls out upgraded customer-facing hardware—be it an ATM, self-checkout machine or perhaps a price-checking kiosk—the chain says nothing until it has installed the new systems. Then it can discuss the benefits the new apparatus offers the customer. Fidelity Investments apparently chose to break with tradition.

This month, an electronic message started appearing on automatic deposit machines telling investors that the machines were being “decommissioned” early this year. Some store associates added that the timing would be more like May or early summer. At first, this seemed an ordinarily unusual move, as few chains that have made the investment in self-service machines (Fidelity started rolling them out 10 years ago) bother to yank them out. But then Fidelity tried to explain the move, and what seemed merely unusual became positively surreal.

For the mysterious data breach crime folder, the U.S. Secret Service is investigating a series of payment card thefts—originating at an Alabama Dairy Queen—that has only been impacting debit cards. The Hanceville, Ga., police department’s Capt. Jimmy Rodgers is quoted in a local newspaper saying: “At that location, somebody has apparently tapped into the Internet server and hacked into the debit card system, and they’re printing out the customers’ debit card numbers and using them all over California and Georgia.”

This is a disturbing trend, as retailers see debit card approaches as a way to try and reduce interchange costs. It’s even more frightening when we factor in that debit cards are more likely to suffer a processing glitch—as Best Buy and Macy’s discovered last year–than credit cards and that consumers impacted by a debit card data breach are far more exposed than they would have been had they used a credit card.

The PCI Council may have thrown a compliance lifeline to retailers that are missing a required quarterly external vulnerability scan. This means you might—just might—be deemed PCI compliant even if through accident, poor planning or sheer blockheadedness you manage to screw things up and miss a vulnerability scan, pens PCI Columnist Walt Conway. Passing isn’t easy, and a successful result is not guaranteed. But if you do everything else right, your QSA may be able to assess you as compliant in spite of yourself. Then again, did the Council both offer an option and take it away?

During an onsite assessment, QSAs confirm that merchants have met PCI Requirement 11.2 by examining the passing vulnerability scans for each of the last four quarters. The problem is, what if the merchant has missed a scan? If this happens, is the merchant noncompliant until it can get four quarters of passing scans? Ouch.

Changing consumer shopping behavior is about as easy as motivating a salesperson: Just speak with money. This is how you can tell the difference between what retail executives really care about and what they need to say they care about.Contactless payment, biometric payment and self-checkout are just some of the more obvious examples of payment processes that retailers have said they want to push, and yet they have never done the only thing that’s almost guaranteed to work: sharp discounts. If a grocery chain decided it wanted to push more consumers through its self-checkout lanes, all the chain needs to do is announce that product prices in self-checkout are sharply less than those rung up through staffed lanes. It can even dictate the percent of change by deciding the percent of discount.

Target, for example, has decided that its in-house payment cards are a priority, so it’s trialing a program in Kansas City that—in part—offers customers who use the card “5 percent off on every item, every transaction, everyday,” Target CFO Doug Scovanner told analysts in a Tuesday (Feb. 23) conference call discussing the chain’s earnings.

A February 2010 Cambridge University report that points out critical security flaws in chip-and-PIN (EMV) protocols—a security method that’s ever-present in the U.K., being massively deployed in Canada and being pushed for use in the U.S.—is most surprising in how remarkably unsurprising it is. Retail IT execs specializing in security were especially concerned about the relative ease of the university hack execution.

Braden Black, a senior enterprise architect (and security specialist) for 305-store shoe chain DSW, said that, in his opinion, the biggest problem with chip-and-PIN—as it’s currently deployed—is that banks have little incentive to make these systems secure because they no longer have any liability if they’re repeatedly breached. That liability has been pushed to the retailers. “The ramifications of this attack are most disturbing when viewed in light of the fraud liability regulations that were adopted alongside the technology. Essentially, the banks offloaded fraud liability to merchants and cardholders.”

Reports of the latest successful attack on chip cards based on the EMV standard should remind all of us once again that there is no such thing as absolute security. Retailers and consumers worldwide–especially those in Canada who are currently implementing chip-and-PIN–need to understand this fact and not count on any single technology to remain secure. That is why PCI remains relevant even in a chip-and-PIN environment.

From a security perspective, PCI Columnist Walt Conway pens, retail CIOs should understand a few things about these chip cards or smart cards (i.e., payment cards with an embedded integrated circuit or microchip). Chip cards can reduce fraud losses, but chip-and-PIN zealots can overstate the benefits.

Last year was an interesting one for POS shipments. Department stores purchased 24 percent fewer systems than the prior year and bar restaurants bought 19 percent fewer, according to a new report from IHL. Those were the biggest segment drops, while the only two segments to increase at all—and even then, only at 2 percent—were quick-service restaurants and warehouse club chains.

But the economic hardships of last year may have shined a tiny ray of light on some bargain-hunting retailers at the expense of Big Blue. IHL President Greg Buzek said second quarter POS shipments last year for IBM plunged more than 40 percent worldwide, and a good chunk of that was a flood of barely used, ludicrously discounted POS units from chains that never made it to 2010.

Google is reportedly experimenting with a new service—to complement its Google Street Views—that will shoot pictures and videos within stores and combine all of the images in its database. If you cast aside all of the out-of-date issues inherent with infrequent store images being shown as more-or-less current, this concept has serious potential. How many stores have you peeked into and, within four seconds, decided this wasn’t the place where you want to shop for a particular item? Had you seen an image before driving, might you have saved yourself some time?

Let’s flip it the other way. You’re in the market for a new couch. Your Google search shows you a page with 35 results and they all, at a glance, seem interchangeable. You’ve already limited your search geographically, so most of these places (OK, granted, Google’s geography limiter doesn’t do much) are nearby. Most consumers tend to only focus on the first two or three results and choose from there. But what if there were thumbnail photographs of the insides of all of those stores, sized and positioned so that you could meaningfully flip through them all in seconds? Might that draw your eye to Result 26?

Pizza Hut CIO Baron Concors oversaw what could easily be the most successful mobile application and certainly the most successful retail mobile app, a colorful applet that is directly responsible for “millions of dollars in additional sales” and 1.5 million downloads from Apple. And yet, when he was fighting to get it funded and approved, his return-on-investment (ROI) argument was weak and speculative.

Concors said he was lucky; his senior management team is open to creativity and was willing to roll the pizza dough dice on what sounded like an interesting idea for the world’s largest pizza chain, with its more than 7,500 U.S. restaurants and more than 5,600 shops in 97 countries and territories globally. But few CIOs are in that position, and that’s a piece of reality that could cripple the nascent retail mobile app space. “A lot of companies are struggling with whether to enter this space because of the ROI issue,” Concors said. A big part of the problem is that far too many retailers are deploying mobile apps for the wrong reason or doing it the wrong way.

Target said Monday (Feb. 8) it will start accepting gift cards—but only its own, for now—displayed from customers’ mobile phones. The chain will redeem the cards via associates scanning the barcodes at checkout, a process that some retailers have avoided because of a high number of scanning errors.

Target issued a statement claiming that it “is the first major retailer with the ability to scan mobile barcodes in all of its stores. Guests may access their Target Mobile GiftCards to add value at store registers, and check GiftCard balances at any time via the Target.com mobile site. In addition, Target Mobile GiftCard functionality allows guests to save multiple GiftCards to their account and label each one for easy reference.” This approach may prove to be a good move for Target, but it will almost certainly give a lot of cover to executives who want to try mobile gift card scanning. Unanswerable Question Of The Day: Is it better for the associate to hold the consumer’s phone during the scan—risking liability if, for example, a high-priced iPhone is dropped and shattered—or for the consumer to hold the phone—making a consistent scan much more difficult?

It’s becoming a common tactic for E-Commerce and some mobile sites to now hide much of their pricing. But in an interesting piece on Sunday (Feb. 7), The New York Times pegged much of the recent price-games to a 2007 Supreme Court case that gave manufacturers much more power to dictate pricing. And it has motivated them to forbid retailers from advertising their merchandise for less than a dictated price—for E-tailers, “advertising” includes posting on a Web product (as opposed to checkout) page.

This game is a sure loser for all concerned, and that includes retailers that are primarily brick-and-mortar, E-tailers and manufacturers. Manufacturers: Welcome to the year 2010. There are all kinds of non-traditional ways your products will make you money. Beyond eBay, even Amazon and others have toyed with recycling used products. Your ability to control prices is limited, but the bigger concern is your efforts to allow lower prices but to prohibit them from being discussed out loud. In the day of the Web, mobile and Twitter, this strategy simply won’t work. In the meantime, while you are futilely trying to make it work, you’ll alienate consumers and retailers.

Barely a week after Intel and Microsoft announced their own futuristic digital signage plans—including PDA integration and analytics software linked to hidden digital cameras—NEC is talking up its own approach to digitally guessing consumers’ age and gender (plus counting them, but that’s so 1990s). Takeshi Yamamoto, vice president of NEC America’s IT software group, is quoted in the Wall Street Journal saying that the program is pretty good at getting within 10 years of a consumer’s age, that the program tracks a person’s age and gender but discards the digital footage, and that the data is aggregated.

“The program uses an algorithm that draws upon a database of thousands of faces as a reference. It looks at distinguishing points of the face, from the shape of the ears and eyes to hair color, to determine the age. The database expands as more people walk past the camera, allowing the program to make better judgment calls with time,” Yamamoto said. “The technology originated in Japan, where it was easier to implement because Japanese physical traits are more uniform. Mr. Yamamoto acknowledged that the U.S. market would be more difficult because of the diverse population.”

Although contactless payment is going through a tough time in the U.S. these days, its global efforts got a huge boost this month. Europe’s largest chain—French grocery giant Carrefour—announced the purchase of 12,000 EMV contactless PIN pads, with immediate plans to deploy the pads “at 210 of its French hypermarkets, as well as at all of Carrefour’s petrol stations in France.” The world’s second-largest retailer’s latest contactless deployment, which started in October 2009 but wasn’t announced until last Thursday (Feb. 4), is using readers from Hypercom, the chain said. The vendor would only describe Carrefour’s investment as “multi-million dollar.”

Domestically, contactless is having problems, with Best Buy kicking out Visa’s contactless program and Discover having its own technical problems with contactless . Even many of the U.S. chains that have deployed contactless have done so very unenthusiastically, including Home Depot and Subway.

PCI rules have always—and wisely—discouraged using payment card numbers for anything other than processing payments. But sometimes those rules run contrary to long-established paper practices, procedures that pre-dated PCI’s creation. A good example of this conundrum involves a federal agency, tax-exempt status forms, and the procedure of copying a government-issued payment card (this one happened to be Visa branded) and placing a copy in the file cabinet.

This situation involves the U.S. government’s General Services Administration (GSA) and some GSA interactions enjoyed by Benjamin Moore & Co. (the paint people). The conflict cropped up when the chain was dealing with some military accounts in Hawaii. The issue comes down to needing that payment card copy in the files (tax-exempt rules) but being unable to save the copy of a Visa payment card (PCI rules).

Some major retailers have been debating whether the buying and selling of used merchandise (please shoot me if I ever say “pre-owned”) is a business model worth pursuing. Wal-Mart and Best Buy, after pushing the idea for about six months, have surrendered plans to buy and sell used video games. But Amazon, always the more adventurous of E-tailers, thinks the idea has huge potential. A Financial Times of London story cited an Amazon ad for programmers: “As people upgrade to the latest and greatest there is a plethora of valuable, perfectly good products that need a new home. We help facilitate the pairing of new owner with device, while also creating an open marketplace.”

What makes the Amazon concept so intriguing from an IT perspective are the CRM implications. Instead of tracking purchases to merely profile the customer, the new requirement is to also profile the products purchased. What is each product’s life expectancy? What is the optimal point to make an offer to a customer who might be starting to get bored with that product? How much of an upgrade can that consumer afford? Should the company start pitching new prospects based on a software projection of what already-sold merchandise will likely come back into play? And you thought Amazon needed a huge data warehouse before?

When Brian Bradley left Circuit City as its senior vice president, Multi-Channel (well, more precisely, when Circuit City went out of business and left Bradley and tons of others unemployed), years after having worked at J.C. Penney, he felt that he had a good handle on retail merged-channel, cross-channel and multi-channel issues. But when he began his new gig as executive vice president at HSN (formerly the Home Shopping Network), Bradley discovered television as another retail channel and started looking at customer interactions very differently.

One of Bradley’s first takeaways from the $2.8 billion HSN was that consumers’ interactions with content are strongly influenced by their physical location. Why? It’s expectation. Consumers see brick-and-mortars as places to look, touch and buy products. Video demos feel out of place in that context. At home watching TV, however, the expectations are much more tolerant. “Depending on where a person physically is can dictate how you can have their attention,” Bradley said. “Out on the street? She’ll have seconds. In-store? A minute or two. On the Web? Maybe 15 minutes. But on the TV? Hours. People go to the Web with certain goals in mind. There’s a lot of bouncing back and forth as they’re trying to solve a problem. There’s more ADD, bouncing around.”

Do you know what question Franchisee Columnist Todd Michaud hates? “If I can go buy a basic cash register for a couple hundred bucks that does everything that I need, why on earth do I have to spend $10,000 on a POS? Someone has asked him this question almost once a week for the last 4 years. Do you know why he hates it? Because after 4 years, he still doesn’t have a good answer.

“I typically say something like, ‘It is our requirements that drive us to that price point. Adding centralized menu management, polling, integrated inventory management and labor management into the mix requires that we buy this type of system. You can’t do that stuff with a cash register or basic POS.’ Typically, the response I get is something like: ‘So? I don’t care about all of that complicated stuff. I just need to ring sales.’ It’s no wonder franchisees think that retail CIOs are out of touch with reality. Here is the really crappy part. When you add in all of the other costs, such as high-speed broadband, hardware maintenance, software maintenance, help desk, installation, inventory management, labor management, training and various upgrades along the way, that $10,000 POS is probably going to cost franchisees $20,000 over five years–not to mention that they wrongfully expect the system to last 7 to 10 years.”

Although retail sites are obviously very fond of cache, a new report from Forrester Research states that many developers are focusing only on one type of cache and leaving a lot of potential performance boosts in the ether. The report talks about server cache versus browser and edge cache. “Forrester has found that many companies do not take advantage of all three levels of caches in their architecture. Application development professionals often focus on optimizing the server-side cache while ignoring the browser cache or optimize their Web-page design to take advantage of browser caching only to be stung by geographic latency because they don’t know that they should use a content delivery network.”

Forrester stresses the importance of factoring in geography when making cache decisions but points out that IT shouldn’t confuse a dense population of customers with the company’s best (read: most profitable) customers. “Caching nearest to your users goes without saying, but most companies must allocate their caching dollars carefully, and your biggest investment should be close to your most profitable customers. Your most profitable customers may not be located in your highest concentrations of customers. Work with your marketing department to analyze customer profitability and location, and then review this data at least annually.”

Intel and Microsoft are working on what is truly the next generation of digital signs. These devices will be able to share content—both ways—with phones. But they could also use facial recognition to identify repeat customers without the benefit of loyalty cards or RFID. The cameras embedded within the displays would simply recognize faces the system has captured before, ultimately having the potential to identify those consumers.

The camera software will initially be designed to differentiate between genders and to detect products the customer has touched. That information could signal a coupon to be sent to that consumer’s smartphone. None of these options is rocket science. But they do show a concerted effort to leverage the kind of data that is accessible in-store and, ironically, much harder to capture online. Think of it as Big Brother with a sales commission.

This has been a difficult—and truly odd—last few weeks in the retail IT world. Target CIO Beth Jacob made the highly unusual move of issuing a statement denying that the retailer planned to sell its Target India IT operation. (What does it mean when the executive vice president of a $63 billion retail chain publicly reiterates its commitment to your team? Update your resume.)

“Our captive center in Bangalore continues to be an important part of our long-term strategy and is highly integrated with our work and team in Minneapolis,” said a statement attributed to Jacob, who is a Target executive vice president in addition to being the chain’s CIO. Added Tim Baer (another Target executive vice president and general counsel): “We do not know the source of this ridiculous speculation, but we can absolutely reaffirm that it is unequivocally not true.” If the speculation is so ridiculous, why issue a statement quoting two executive vice presidents? The only sentence in the execs’ statement that describes these rumors says: “The company emphatically refutes the irresponsible rumor that it is engaged in any discussions, or has any plans, to sell its Target India operations.” This is where things get scary.

At a presentation at the Financial Cryptography and Data Security conference, a Cambridge University computer lab team dissected the recent 3-D Secure (3DS) protocol—branded as Verified By Visa and MasterCard SecureCode. The team found that not only was the security lacking, but it sharply undermined other security mechanisms.

“3-D Secure has so far escaped academic scrutiny, yet it might be a textbook example of how not to design an authentication protocol,” wrote Cambridge University’s Steven J. Murdoch and Ross Anderson. “It ignores good design principles and has significant vulnerabilities, some of which are already being exploited. It’s bad enough that EMV Verified by Visa and MasterCard SecureCode have trained cardholders to enter ATM PINs at terminals in shops. Training them to enter PINs at random E-Commerce sites is just grossly negligent.” The pair, however, found that 3DS did get one part right: the money and where it comes from. Although “other single sign-on schemes such as OpenID, InfoCard and Liberty came up with decent technology, they got the economics wrong, and their schemes have not been adopted. 3-D Secure has lousy technology but got the economics right, at least for banks and merchants. It now boasts hundreds of millions of accounts.”

For many retailers, flat or minuscule in-store revenue increases are becoming the norm, with online increases the only thing that looks bright. Mobile is going to quickly fall into that category (although a percentage increase for anything as new as mobile is meaningless, it still looks cool on an earnings report). But how can this work given the small revenue percentage E-Commerce still controls? Let’s take a look at Amazon’s latest numbers (which look pretty much like all of its numbers.)

The king of E-Commerce reported on Thursday (Jan. 28) a 42-percent increase in net sales for the fourth quarter just ended, along with a net sales increase of 28 percent for the whole year, to $24.5 billion. (To be precise, it’s actually 29 percent if you exclude a $182 million unfavorable impact from year-over-year changes in foreign exchange rates throughout the year, the company reports.) Sure, you say, but revenues are not the point. What about profits? Net income soared 71 percent (to $384 million) for the quarter and 40 percent (to $902 million) for the year. Amazon’s official guidance for the first quarter 2010 is equally rosy, suggesting a sales increase of as much as 43 percent. For those arguing that E-Commerce will always be a footnote to in-store, these numbers are hard to ignore.

Although it’s hardly a stunning revelation that retail IT will be spending more on POS software maintenance this year than they expect, it’s unusual for a research report to quantify it precisely. A new report from the IHL Group and RISNews, however, tries to do just that.

Beyond showing a modest IT spending increase at both the store and enterprise level, the report found a “disconnect between what retailers are claiming they are paying today for software maintenance” and what the vendors they are considering for their next POS are actually charging, said IHL President Greg Buzek. “So those people considering buying Oracle for POS their next time, they are currently only paying 10.1 percent of license fees towards maintenance. If they actually buy Oracle, they will be adding an additional 11.9 percent to their annual software maintenance cost for POS. If they move to accounting/finance/HR, it would be an 8.4 percent increase. And if it’s Oracle merchandising and supply chain applications, it would be 8.6 percent more than what they pay today with their current vendor.” The vendors examined were Microsoft, SAP, Oracle, JDA, Micros, IBM, NCR, Retalix, Epicor and Fujitsu.

At an NRF panel earlier this month, McDonald’s CIO David Grooms was asked by the moderator what he would tell people his primary job is. Grooms said, “I’m in sales,” and then added that he wanted his staff to say, “We make hamburgers.” Grooms is right that a CIO needs to be a master of sales, but that’s mostly because the CIO needs to sell both upstream and down.

The CIO needs to sells ideas upstream to senior management and sideways to line-of-business peers, convincing them that the technology is the right move and that it needs to be approved and funded. If that works, it’s barely 30 percent of the battle. If the stores aren’t sold on the idea, Franchisee Columnist Todd Michaud opines, the data won’t be used and the project is doomed to fail. And you’re to blame.

Fearing it would lose control over all of its franchisees, Burger King has now sued hundreds of its franchisee stores because they missed a chain deadline for purchasing new POS systems. The litigation highlights—albeit acrimoniously—a difficult franchise IT issue: Chains mandating equipment investments that most franchisees believe do not benefit them enough to merit the cost.

One key issue that both sides are arguing is timing. Some of the franchisees have argued that Burger King is being punitive by moving so quickly. They are pointing out that the chain’s deadline was Dec. 31, 2009, and that the lawsuits started being filed within a few days of the deadline passing. Burger King argues that it has been extremely patient, having informed its franchisees of the POS upgrade rule back in April 2008–giving the stores a rather generous 20 months to arrange for and make new POS purchases. Indeed, Burger King is saying that it was even willing to give franchisees more time if they needed help raising the money, as long as they were truly trying to follow corporate’s edict.

Just as certain a fact as stating that many of today’s social network sites will be gone in two years is the fact that new social sites—invariably much more niche and focused—will replace them. Hidden in plain sight within the millions of posts in dozens of languages of these huge number of sites is every trend, every individual customer profile and every hint of what customers will buy—and perhaps even their desired price range—that your chain could ever wish for. There’s only one problem: There is no simple spreadsheet-friendly way to access that data.

You can read it without limits. But to automate that process and to process the data in a way to get anything meaningful out of it, that’s difficult. We are deluged with products and services that are trying to solve problems that hardly anyone has ever experienced. Who will be the first to conquer this one? Many companies—including SAP and Oracle—are trying to figure it out. But they typically try to fall back on algorithms and filters. The software needed is closer to what the CIA and the NSA use to parse billions of phone calls and E-mail messages while trying to figure out plots. It’s much closer to artificial intelligence than cryptography. Military satellite technology eventually came to consumers in the form of GPS. How long will it take for AI to visit the local retail chain, where software will peruse the world to find out the best assortment to be displayed tomorrow?

Longtime self-checkout enthusiast Home Depot is sticking with self-checkout but making a change in its self-checkout software. The home improvement superstore is pushing NCR software out and bringing Fujitsu in, at least in the chain’s U.S. and Canadian stores. The chain had been using NCR machines running NCR software but will now apparently be loading Fujitsu software onto those NCR machines, according to Fujitsu officials. The NCR hardware will be staying, for now.

The change was for several reasons, including “some functionality in the Fujitsu software that we really liked and needed” that wasn’t offered by NCR and testing that showed Fujitsu’s software on NCR self-checkout units performed about 20 percent faster than when NCR’s own software was loaded on its units, said Cara Kinzey, Home Depot’s Senior VP of IT.

One of the most respected retail technology trackers on Wall Street, Citi, has put out a list of major retail IT leaders, ranking them from the most sophisticated and advanced to the least sophisticated. The most worldly ones include, in order, CVS, Walgreens, JC Penney, Target and Kohl’s, while the more hick-like chains are Costco, BJ’s, Family Dollar, SuperValu and Safeway.

“We consider CVS and (Walgreens) to be the most advanced, as they have already implemented chain-wide computer synchronization, advanced inventory management and pharmacy workflow optimization systems,” said Deborah Weinswig, from the Citi investment research and analysis group. “The warehouse clubs are considered to be the least sophisticated of the group. However, BJ and (Costco) have fewer inventory management needs as a result of their unique business model.”

The most popular parlor game in retail tech circles these days is plotting out mobile strategies. For some, that strategy may be little more than “not now.” But the simple act of trying to craft a single, coherent mobile strategy may itself be flawed. Most retailers now need to prep three distinct strategies for dealing with the three separate ways mobile devices will be used.

The mobile retail world has now neatly morphed into three categories: consumer-used (with true M-Commerce, mobile research from home and on the road, etc.); retailer-used (for price checks, inventory inquiries, in-aisle supply chain inquiries, etc.); and consumer-in-store (2D barcodes, price comparisons, SMS communications with the chain, watching demos, mobile research from within the store, direct payment, etc.). To make matters worse, some applications sit in multiple categories, such as a retailer-used device that is temporarily given to a consumer for checking online inventory or seeing a demo.

PCI Columnist Walt Conway is intrigued by the large number of retailers that are pursuing–well, at least exploring–approaches that include both tokenization and end-to-end encryption. He wonders “if that really makes sense from either a PCI or an economic perspective.”

Maybe tokenization and end-to-end encryption are just two closely related approaches that can, when properly implemented, accomplish the same thing: minimize your total PCI scope. One thing is for sure, though: Either way, you will need to bring your checkbook.

Frozen dessert chain Tasti D-Lite is getting creative with incentivizing customers to post nice thoughts on social networking sited to promote the chain: coupons. “Participants who register their loyalty programme ‘TreatCards’ online are given the option of allowing Tasti D-Lite to send an alert on their behalf, whenever points are earned or redeemed,” according to this wonderful Reuters piece. When the customer “swipes his card at the store’s point-of-sale system, his Twitter or Foursquare followers immediately get an update that reads: ‘I just scored 5 TastiRewards points at Tasti D-Lite Columbus, Circle, NYC! myTasti.com.’ The customer is then awarded points for the message, which he can later redeem for treats.”

Meanwhile, a few stores in the Subway chain are seeing whether online food orders via SMS are more accurate and more profitable. During the trial, one manager found that the “text ordering service alleviated all phone-in orders. Doing so improved operations because his employees no longer had to leave the sandwich counter to answer the phone,” said a story about the trial in QSRWeb. “He said he also found that order accuracy improved since customers were sending the orders in directly.”

Home Depot will spend about $60 million on more than 10,000 handheld units that are designed to help associates perform mobile checkouts, process payment cards, stock shelves and make phonecalls, according to BusinessWeek. “This is the first big customer-service tool we’ve given our associates in a very long time,” said Home Depot CIO Matt Carey.

The chain has been trialing these devices since 2008, when we reported that they were initially tested along with an RFID-based loyalty card that flagged associates when certain high-priority customers entered the store and set off a door-based reader.

Back in October, the National Retail Federation (NRF)—through its chief economist—issued its annual projection of how the 2009 holiday season would fare financially. That prediction was a one percent drop in revenue compared with the identical 2008 period. StorefrontBacktalk thought that was absurd, and we did our own prediction, which is that the season’s revenue would actually be up slightly, a figure we estimated would be an increase of “1.5 percent to 2 percent.”

Well, the NRF issued its final official tally Thursday (Jan. 14): an increase of 1.1 percent. For our team, which never did better than a C- in economics class, that ain’t too shabby. For the record, we knew the figures would be released about now and were fully prepared to eat crow if we had to. Glad we got it a lot closer than the NRF did. Personally, we hate eating crow.

In a cruel twist of fate, hapless contactless payment supporters (a dying breed if ever there was one) were swiped by some more bad news this week, courtesy of a new report from Discover Financial Services. It seems that in a trial of its Zip contactless payment program, most consumers tried to hide the stickers inside their phones, a move that unintentionally cripples performance.

According to a copy of a report that Discover prepared about its initial trial results, 69 percent of those participating in the Zip trial wanted the sticker hidden. “The pilot management team was impressed by the creativity demonstrated by participants in finding various ways of hiding stickers under the phone’s protective case (“skin”), under the battery cover and other unseen yet convenient locations.”

For those of you are venturing to New York City’s Javits Center for the NRF show next week, I want to first assure you that your fears that it will be freezing in the Big Apple in mid-January are unwarranted. The latest forecasts have high temperatures staying below 32 degrees so freezing it will not get. On Sunday, it will be a balmy 26 degrees.

But as long as you’re coming, we’d love to ask you to drop by some of the StorefrontBacktalk events and do what our readers do best: yell at us. The first shouting opportunity will be at the RetailROI event at the Marriott East Side (Lexington and 49th) on Saturday at 2:45 PM. This charity event (www.retailroi.org) is designed to raise money for global orphan care and adoption support. But to do that, we get geeky for awhile. Our panel is on retail security and it starts at 2:45 PM and features the CIO of the world’s largest restaurant group: Delaney Bellinger from Yum Brands (Pizza Hut, KFC, Taco Bell and Long John Silver’s, among others). Also on the panel are two of our esteemed columnists (Franchisee Columnist Todd Michaud and PCI Columnist Walt Conway) plus Mark Rasch, the former head of the U.S. Justice Department’s high-tech crimes division.