How Will Cyber Security Risks Affect Black Friday Shoppers?

Retailers are dreaming of a mobile Christmas this year - and hoping those dreams don't turn into nightmares.

The highly publicized security breaches at major chain stores in the past years have heightened fears about loss of credit and debit card information.

The card companies have belatedly begun to invest in systems not as easy to penetrate having finally reached the point where it is less expensive to do that then to make good on the customer losses caused by hackers.

One question is the degree to which consumers will be more cautious about how they use their phones and cards - and whether recent history influences the stores they patronize. The other is the degree to which retailers have begun setting aside reserves to prepare what could be the mother of all personal information thefts.

The betting is that shoppers will not be deterred, sensibly understanding that the onus - and the risk - is with the companies providing the credit and the retail experience. The size of the impending loss will probably then determine the degree of urgency with which new safeguards are imposed. JL

Elizabeth Paton reports in the Financial Times:

Online sales are expected to hit $61bn, up 16 per cent from 2013, with mobile sales anticipated to make up 13 per cent of all sales.But alongside surging sales volumes loom heightened fears of cyber attacks.

US retailers are hoping to avoid uninvited guests this Thanksgiving. Following a year of high-profile cyber security breaches, companies are facing fresh pressures to protect customer data both online and at the checkout as they prepare for Black Friday, the biggest shopping event on the US calendar.Sales are set to break records this year, with increasing numbers of consumers turning to their mobiles to research and purchase items in the run-up to the holiday season.

The National Retail Federation, the largest US industry retail group, estimates that November and December sales will increase 4.1 per cent to $617bn – the highest level in three years. Online sales are expected to hit $61bn, up 16 per cent from 2013, with mobile sales anticipated to make up 13 per cent of all sales.But alongside surging sales volumes loom heightened fears of cyber attacks. Retailers including Staples, Michaels, Kmart and Neiman Marcus have all suffered serious data breaches over the past 12 months. Last Thanksgiving, Target suffered a catastrophic attack which saw the theft of up 70m cardholders’ information and led to considerably damped sales.

“There will be millions of shoppers this year whose data are already in the hands of criminals as a result of the numerous breaches of retailers’ security systems over the course of 2014,” said Robert Siciliano, an identity theft consultant and security analyst for McAfee.

He believes the greatest online risks to Black Friday shoppers’ financial security include email phishing scams, fake promotional deals on social media sites and targeted fraud scams that take place at bricks-and-mortar stores or at points of sale.
“While it is the responsibility of retailers to protect customers, given the frenetic level of transactions that are about to take place the onus is also on the shopper to check bank statements daily and ensure all their digital devices are fully updated. Hackers are smarter than ever and like to strike when the iron is hot.”

Many customers are being encouraged to use credit cards over debit cards, because companies such as MasterCard and Visa cover the costs of card fraud.

But the credit card industry is in the midst of pushing all retailers to change to the “chip-and-pin” technology that is widespread in Europe and little used in the US. By October of next year, retailers that have not made the switch to smart card readers will be held liable for any fraud.

Another trend on the horizon that could protect both retailers and customers alike is the rise of mobile payment services such as Apple Pay and CurrentC, a rival wallet app developed by a consortium of retailers including Walmart and Best Buy. By requiring biometric data – a fingerprint for iPhones or heartbeat for the Apple Watch – and using technology that keeps card data out of retailers’ systems, hackers will find it difficult, if not impossible, to swipe shoppers’ cards.

But for now, analysts say the impact these transactions will have on holiday season sales remains limited, leaving retailers exposed.
“We have fairly modest expectations for Apple Pay near term,” says Keith Bachman, analyst at BMO Capital Markets.
“At this point, not enough retailers have signed up to make a meaningful impact on either consumer purchase patterns or Apple revenues. But longer term, we absolutely believe ease of use and security will sway both consumers and retailers towards Apple Pay.”