Balancing act: digital innovation and security in retail – Technologist

How often do you check your work devices’ security settings, much less change them? The answer for most may not be favourable. With the ongoing pandemic, cybercriminals are taking the chance to prey on vulnerabilities in devices and networks, with increasing reports that Southeast Asia is becoming a hotspot for cyber-attacks. Unsurprisingly, cyber incidents rank as one of the top three business risks in Asia Pacific (APAC).

With the pandemic reshaping the way retailers in the region engage with customers and digital technology adoption accelerating, security must come to the forefront of device management strategies.

This sheer quantity of connected devices in retail today opens innumerable points of access for cyberattacks with costly repercussions. Customers using Internet of Things (IoT) devices and mobile applications to shop in-store and avoid long lines at checkout are at risk of exposing their data to online breaches. And those who use retail-owned devices, such as the handheld mobile computers powering personal shopping solutions (PSS), also open retailers’ systems up to vulnerabilities.  Though some may be hesitant to assume the risk given the significant impact a breach can have on business, delaying digital transformation efforts isn’t really an option anymore. Zebra’s 13^th annual Global Shopper Study found that 65% of shoppers in APAC prefer shopping at stores with contactless payment options.

As such, retailers in Asia must continue to invest in connected devices to increase their competitive advantage and enhance the customer experience. Yet they must do so in a way that also prioritise security.

The need for privacy by design

Privacy has also been top of mind with both businesses and shoppers as the collection and utilisation of digital data has exploded. Retailers that want to introduce self-scanning technologies in-store should adopt a privacy by design approach which ensures customer data is as secure as possible, whether the scan occurs on a company- or customer-owned device. This strategy integrates shopper safety into the entire development process of innovative retail point of sale (POS), customer service, and returns solutions. Privacy protocols that are essential to handling personal data, like encryption and data housing, must be included from the very beginning.

When a retailer implements any scan-and-go or IoT solution, there are critical processes and elements that should be in place to reinforce the security of the platform and protect shoppers’ data.

Retail operations and customer data must be kept separate so retailers can track and monitor physical retailer-owned devices but not the data housed on them. Once the data is uploaded, retailers should always ensure mechanisms that allow the customer to delete the data are in place. Customer data should also never be saved in plain text but in encrypted data. This makes it much more difficult to decipher, hence helping to protect shoppers’ privacy in the case of a data breach. These measures will bring about greater ease for Asian shoppers as they continue to shop on both their personal devices and the devices retailers offer for in-store use.

Enhancing the shopping experience without compromising safety and sales

As retailers in Asia work to boost operations while providing a safe and enjoyable shopping experience, retailers need to look for more ways to ensure shoppers are in safe hands. Countries like Singapore have issued safe distancing guidelines for retail and food and beverage outlets, ensuring establishments comply and even pushing for more adoption of mobile ordering and payment solutions.

In retail, self-scanning devices can offer customers personalised shopping experiences and frictionless checkout, while maintaining social distancing and minimising surface contacts. For example, solutions such as PSS allow retailers to send highly personalised promotions directly to customers as they navigate store aisles. They also enable customers to upload personal shopping lists and other information to make the shopping experience easier. Plus, the solution can identify items customers are scanning into their carts and recommend recipes. If customers are interested, the PSS can then direct customers to the other ingredients they will need.

In addition, these mobile computing devices can instantly price check and plot a course to the next destination in the store for the customer. This helps customers monitor spending in real time, which can help them budget better – which statistically leads to more spending. Retailers that employ self-serve contactless shopping solutions also find lines at checkout are heavily reduced – if the customer must go to the register at all. Shoppers like the option to pay on the device from anywhere in the store using a simple credit card swipe. It enables them to avoid the time-consuming process of unpacking, re-scanning, and re-bagging items already in their carts. Once payment is made, the customer simply needs to return the scanner to the display for sanitisation and preparation for the next customer before proceeding to the exit.

A customer-first mindset can help retailers recover quickly

Contactless self-service shopping solutions can help to increase revenue and reduce costs as they provide a platform to enable next-generation digital services. More importantly, as the pandemic persists, the only hands touching the customers’ groceries are their own. Social distancing is also far easier to maintain when customers can bypass the checkout lane. Additionally, store associates can use the scanners for online orders and carry-outs, further increasing retailers’ return on investment.

The benefits of this technology are vast, but whenever shared devices access personal information, retailers must take measured steps to preserve customers’ security and privacy.

It is undoubtedly vital to stay compliant with the data protection laws being enacted in Asian countries such as Singapore, Malaysia, and Thailand. Beyond that, on a more granular level, retailers must work with technology solution providers to integrate and maximise toolsets that provide multiple layers of protection and maintain a high level of security throughout each product’s full lifecycle.

Retailers in APAC should also work with leading security vendors and invest in security training to equip personnel to meet today’s security challenges and protect customer data in this era of IoT.