|
Did Sears conclude that the only accurate way to see what consumers were truly doing online was to track customers who didn’t know they were being tracked? The $53 billion retailer isn’t disputing that it did distribute spyware, but merely that consumers knew that they were agreeing to spyware. But the chain is also learning that the online world—with its thousands of bloggers armed with screen captures—is fairly unforgiving when it comes to marketing excesses. Read more. |
When the PCI Security Council this week detailed a bunch of changes it will include in PCI 1.2, what might be more worthy of note is what they didn't address. There were technical issues—such as segmentation and tokenization—that didn't get referenced, but also policy issues.
The new version of PCI due out in October will let the outdated WEP wireless security standard stick around for almost two more years, while also reducing the required frequency of firewall rule reviews.
It's late on a Friday night and as Jane Smith walks into her local grocery frozen food aisle, she notices a neighbor walking away carrying a frozen pizza, right near a digital advertisement for 20 percent off of a Budweiser six-pack. Jane reaches into the freezer to grab her favorite Häagen-Dazs vanilla ice cream but notices that the digital ad instantly changes to hawk 40 percent off fresh apple pie in the bakery section.
It's generally accepted that any key economic issue—whether it's a housing slump, rising gas prices or tax refund checks—can have a sharp impact on business spending. But the IHL Group is floating an interesting theory that recent gas price hikes are going to have a very specific and direct impact on IT spending next year.
After years of trials with only the rarest evidence of CFO-friendly RFID ROI, shelf stock monitoring is quickly emerging as "the first major application of RFID in retail with a strong business case," according to a new report from London-based RFID analyst firm IDTechEx.
While North American retail execs are planning for trivial—if any—IT investment increases this year, with "more than one-quarter of retailers expecting lower IT spending," more than half of their Asian Pacific counterparts are preparing for significantly higher IT spending, according to new Forrester numbers released this week. A bit of the Tortoise and the Hare perhaps?
A gang of data thieves in Ireland has well learned the lesson that the best place to hide is in plain sight. The group hit a large number of retailers throughout Ireland and grabbed more than 20,000 payment cards by placing skimmers on card-swipes by wearing what appeared to be maintenance uniforms and saying that they were performing bank repairs.
These days, when U.S. government officials want to ask questions about privacy and data security, it's never clear if they want to protect consumers' privacy or learn the best way to violate it themselves. But retail execs who want hints can drop by a Sept. 22 hearing at the U.S. Federal Trade Commission's Washington, D.C., headquarters.
Retailers who are worried about RFID security problems will have more details available to them now that a federal judge has killed a gag order on MIT students who had identified flaws in Boston's contactless RFID subway cards.
Based on the PCI Standards Committee's official hints about what will be in the 1.2 release, it appears that clarifying when and how virtualized servers can be PCI compliant didn't make the cut. But before the server and security geeks start lighting their torches and getting all "vigilante" on the card brands, let GuestView Columnist David Taylor make his case for why it won't matter in the slightest.
As major chains are doubling up their focus on computer-savvy young consumers, some are finding their aversion to avatars giving in to their adoration of avarice.
A "persistent and mysterious technical glitch" has severely disrupted business operations at the massive online film rental site Netflix, "potentially affecting millions of its customers."
For the first time in its more than 100-year history, J.C. Penney on Thursday (Aug. 14) launched a CRM program for all of its customers. Until Thursday, the only CRM program the chain ever had was limited to J.C. Penney credit card customers.
The next time you're about to make a global hardware purchase, it's probably not a bad idea to do a little multinational price comparison. According to one survey released this week, American Mac users would be well served to not buy overseas.
Polo Ralph Lauren has launched a mobile commerce project in the United States that pushes its homegrown version of 2-D barcodes, with its Quick Response (QR) codes appearing initially on print advertisements. Some are questioning, though, whether the chain's lower priced approach might limit the number of consumer phones that can access the content.
Have item-level RFID trials become the industry's Roach Motel? A place where trials check in but they don't check out? On Monday (Aug. 11), the $3.8 billion Jones Apparel Group became the latest retailer to launch an RFID item-level trial, albeit a conservative one, testing it at "a couple" of the 221 stores it operates under the Nine West name, said Norm Veit, executive VP of Management Information Services at Jones.
During a recent speech, J.C. Penney's CIO said that one of the biggest PCI challenges is explaining to businesspeople why it's a priority. This week, GuestView Columnist David Taylor gives his own list of ways to sell PCI to the suits. It usually starts with using the words "security breach" an awful lot.
When JDA Software announced on Monday (Aug. 11) that it was buying supply chain vendor i2 Technologies for $346 million in cash, it wrote a new chapter in one of the most radical stories of stunning success rapidly turning into, well, something a heck of a lot smaller.
At least one RFID vendor is arguing that they are. That vendor, SimplyRFID, is arguing that read distance targets that used to 10 feet are today as far as 40 feet.
It seems Circuit City has concluded that the Web isn't just a fad, after all, with a major E-Commerce revamp coming just a couple of weeks after the chain confirmed a substantial multimedia push for its employee-training extranet.
A Web site performance survey from the U.K.'s Retail Bulletin shows the larger, better known sites—including Staples, Amazon and Laura Ashley—delivering much weaker Web performances than sharply smaller rivals.
Best Buy has launched a cautious kiosk trial, with 12 machines housed at eight airports in the United States. How cautious a trial? It was announced Monday (Aug. 11) and is slated to end Sept. 1. Although it wasn't clear when the trial started, two weeks is not giving it an especially long leash.
Winn-Dixie's impressive financial turnaround is the result of many issues, but some are suggesting that a new embrace of mainframes played a key role. When the venerable 521-store grocery chain declared bankruptcy back in 2005, CIO Charlie Weston's initial thoughts were that such a tact its advantages, namely refocusing the company on fundamentals, including IT.
Before federal authorities cracked a multi-national 11-person cyber-crime ring, the group created its own VPN to, ironically, protect their stolen data as it was transmitted from Florida to Latvia.
Some 3 hours and 19 minutes before the U.S. Justice Department announced to the world that it was charging 11 men with having stolen 41 million payment card numbers from TJX and several other national retailers, a group of Secret Service agents started making phone calls.
The more RFID-tagged items retailers place on Z-bars or shelves, or in boxes, the lower the read rate will be when those items are scanned, according to a study out of the University of Arkansas.
As U.S. retailers struggle to get customers to use self-checkout lanes and to manage the process, overseas merchants are moving well into Self-Checkout Phase Two, with digital cameras used to identify foods by comparing items with an image database and making self-checkout theft much more challenging with multi-chute fully automated tunnels.
In the recent federal probe of retail data breaches, most of the merchants had been unaware of the breaches until informed by government or banking officials. The reason for this is the lack of tools and/or poor procedures for logging network and database access and the general lack of review of this information on a regular basis, argues Guest View Columnist David Taylor.
If it makes U.S. retailers feel any better, their U.K. counterparts aren't faring any better in making cross-channel and especially merged channel efforts work. The percentage of online sales among those merchants has plateaued, holding steady at 4.4 percent for the last two years, according to a Martec report.
Although no E-Commerce companies were initially contacted, if Congress tries to restrict Web sites from customizing their content, it will have a huge retail impact. There's not much of a real distinction between a traditional banner ad on MSN pushing the latest Disney movie and using the same technique on Macys.com to make sure that purses appear on its homepage and—for this particular customer—all are displayed as pink. 
It's the kind of issue that never existed in brick-and-mortars. When a physical store discontinues a physical product, gremlins don't typically sneak into customers' homes and take back the paid-for products. And yet, in effect, that's what Yahoo inadvertently did when it shut down its music download service.
As retailers struggle to figure out the proper role for PDAs and cellphones in their merged channel and marketing strategies, it's good to know that there's strength—well, comfort at least—in numbers. An ABI Research report released Friday (Aug. 1) projected that "location-based mobile social networking revenues will reach $3.3 billion by 2013."
The bizarre back-and-forth claims about the San Francisco network admin who was arrested after refusing to reveal key network passwords raises some troubling issues. Most pointedly, there appears to be some evidence that this admin was fired and arrested partially for having engaged in the precise security procedures that he was paid to deliver.
January 4th, 2008 at 8:34 am
Sears: Shame on you. One would think that we learned something from the TJX fiasco. What happened to a once great company? I remember getting excited at the chance to go to Sears with my Dad on Saturday mornings. We’d peruse the Tool isles, check out the new gadgets Hardware & Appliances and say Hi to the Sales Clerks we had known for years. Maybe buy a couple of tools and some jeans or sneakers and stop at McDonalds on the way home. I wouldn’t be caught dead in a Sears store today. They never have to same person in Tools or Hardware, jeans are way overpriced unless they’re on sale and they never have my size in sneakers or shoes (11-1/2 Wide). It is an unacceptable buying experience. Sears Management got rid of all the old timers that really knew the department, replacing them with Teens that can’t make change. They used to have a register in each department, replaced them with “checkout kiosks”, went back to department checkout and now they have “centrally located” checkout…? I get the impression that Sears hired a bunch of MBA’s with sharp pencils and not a clue about what it takes to keep loyal Customers and little by little alienated them with all these weird changes…none of which appears to have saved them any money. Sears is a ship lost at sea and no navigation plan….
January 4th, 2008 at 8:56 am
Always one to investigate the latest in retail technology, when invited, I started to install and download Sears’ software. Of course I didn’t read the agreement in full either.
Fortunately, my malware protection program (Norton Internet Security, and no this is not an endorsement…just a fact) warned me that I was about to install software that would monitor my keystrokes. That was all I needed to know.
I was shocked and just shook my head. This is customer-centricity? My goodness.
January 4th, 2008 at 9:43 am
The story is very informative and will certainly make me pay closer attention to these types of online agreements and disclaimers. But the story doesnt mention whether the software is removable, and how the average, non-technical customer can remove it from their computer.
January 4th, 2008 at 11:23 am
This is a classic example of a breach in corporate ethics; it remind me of the episode a few years ago when UPS made available a new version of their shipping software – and if you downloaded it your homepage was changed to UPS and a slew of UPS related shortcuts added to your desktop. At least in that case, one could see how they were being victimized. In this case with Sears it seems every effort was made to conceal the truth.
January 4th, 2008 at 12:50 pm
great article. it’s my sense that despite the growing acknowledgment that companies need to be more open and transparent in their communications, it either hasn’t yet really sunk in to large corporation mindsets, or that large corporations have a complex infrastructure that makes it difficult to make these necessary changes. I mean, who reads the fine print (except for Harvard professors?!)
January 7th, 2008 at 9:21 am
Sears should be taken to task for this breach of confidence. There has been enough written about spyware for them to realize that the vast majority of people who signed up with this program would never approve of spyware being placed on their computer. What’s even more difficult for me to understand is that they also must have known that someone would eventually figure this out and expose the whole sordid mess. Shame on them.