Monday Feb 10, 2014

E-commerce Passwords

If you're like me, you've likely established many accounts with online retailers, many of which also store your payment information.  How easily can hackers guess your password and control your account?  To avoid storing passwords, websites typically store a hashed version in their database.  A secure hash algorithm creates a unique representation of your password that cannot be reversed.  So when you enter your password, its hashed and compared to the stored hash.  If they are the same, then you've entered the correct password.  If the stored hash is stolen, the hacker can't reverse it back to a password, but they can try to guess your password.  That's why its crucial that online retailers enforce good password creation when accounts are created.  That means they should these best practices:

  • Require a minimize length
  • Mix alphas, digits, and upper/lower case
  • Disallow commonly used passwords like '123456'
  • Use email to verify accounts
  • Limit the number of invalid attempts

Of course enforcement is all over the board.  Dashlane, the provider of secure password management software, recently graded the top 100 e-commerce sites on their password management policies.  You can see the results in the infographic below:

The details of the study are available here. According to the study, Northern Tool and 1-800-Flowers allow one character passwords.  Thankfully, most of the retailers send an account confirmation email, and none of those send the password in cleartext.  Want to use 'password' as your password?  No problem at LL Bean, Gap, and Costco.  When you change your password, Blue Nile, Karmaloop, and MLB will email your password in cleartext.  And and Amazon, Aeropostale, and Shoebuy don't limit your password guesses.

As an industry, we can do better than this.

Thursday Jan 30, 2014

Cookies in the Store

Online retailing has many advantages, which companies like Amazon have magnified with great success.  Since the early 1990s, technology has enabled great leaps forward for e-commerce sites while the brick-and-mortar world has remained relatively stagnant.  Yes, there are pockets of in-store innovation that have certainly  improved the customer experience inside stores, but by-and-large the Web world retains a big advantage. 

Tax legislation is finally being passed (on a state-by-state basis for now), which helps level the playing field a bit.  And by the same token, next-day delivery detracts from offline's allure of instant gratification.  Both physical and digital stores continue to up the ante, and consumers are the big beneficiaries.

One huge advantage of e-commerce sites is context awareness -- knowing who's browsing products, along what path, for how long, from what geography, etc.  The nature of the Web allows online retailers to "watch and learn" how customers shop and even to influence their behaviors along the way.  But this notion of context isn't strictly limited to the Web, at least not anymore.  Mobile phones are acting like Web cookies in the physical world, opening up possibilities that retailers only imagined were possible online.

The table below shows some online capabilities alongside some similar offline capabilities.

 Online  Offline
 Cookies  Mobile Phones
 Login  Geo-fence / Check-in
 Visitors Metric
 People counters
 Pageviews Metric
 Heatmaps
 Product info
 QR Codes
 Recommendations  Assisted Selling
 Personalization
 Opt-in + Beacons
 Promo Codes
 Digital Coupons

Assuming the right hardware is installed in the store and the customer has opted-into being tracked via the retailer's mobile app, a world of opportunities are suddenly accessible. We can follow customers on their journey through the store, noting where they dwell and which items they touch.  These data points yield improved store layouts, better assortments, and more localization.  Furthermore, we can make intelligent recommendations, offer personalized offers, and award/redeem digital coupons as they shop, enhancing the overall customer experience.

So much of the same context the online retailers take for granted is now available to brick-and-mortar stores for both analytics as well as real-time engagement.  None of these in-store capabilities are really that new, but the idea of combining them to provide a holistic view is where we're going.  And when you track events across both stores and e-commerce, you have contextual shopping at its best.

Tuesday Jan 29, 2013

Change for Charity

In the rare cases where I'm using cash for a purchase, I'll often toss my change into the charity jar.  But for the majority of my purchases, which are via credit or debit, there's no option to "round up for charity." As far as I know, only Toshiba (formerly IBM) ACE builds that capability into their POS.  There's a huge opportunity to allow customers to make donations at the POS, but few retailers want to invest in customizing their POS to handle this.  Integration efforts like this are often costly, and must be re-done whenever the payment processor is changed.

Companies like Mini-Donations, Pennies (UK), or Change Roundup manage the donations, but again, they have to integrate with each different POS or e-commerce product, an expensive proposition.  That's why ARTS is starting a new workteam to build an integration standard.  Our hope is that by defining an XML standard for integrating to POS and e-commerce systems, we will better enable "round up" functionality in the retail industry.  Imagine the good that can come from millions of people donating pennies everyday.  This can provide a steady income for charities that feed the poor, research cancer, and rescue children.

Our kickoff meeting for this workteam takes place February 4th at the San Francisco ARTS meeting where we will write the charter and define the scope.  Then we'll do the work to build the standard with a goal of publishing in the fall (or maybe even sooner).  Anyone that wants to participate can check the ARTS website for membership information.

About


David Dorf, Sr Director Technology Strategy for Oracle Retail, shares news and ideas about the retail industry with a focus on innovation and emerging technologies.


Industry Connect


Stay Connected
Blogroll

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
8
9
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today