1 / 22

Omni/Multichannel: Another Channel for Shrink?

Omni/Multichannel: Another Channel for Shrink?. Professor Joshua Bamfield Director, Centre for Retail Research. Another Channel for Shrink? Agenda. The rapid growth of online trading Crimes against IT Order fraud Payment fraud Omnichannel Issues Refund fraud Clean fraud Delivery fraud.

boyd
Download Presentation

Omni/Multichannel: Another Channel for Shrink?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Omni/Multichannel: Another Channel for Shrink? Professor Joshua Bamfield Director, Centre for Retail Research

  2. Another Channel for Shrink?Agenda • The rapid growth of online trading • Crimes against IT • Order fraud • Payment fraud • Omnichannel Issues • Refund fraud • Clean fraud • Delivery fraud Centre for Retail Research, Nottingham

  3. Multi or Omnichannel? • Currently, retail growth = Online plus some discount areas. • The game is currently about linked multichannel • Omnichannel is a direction of travel rather than a destination. • Online market share in 2012 - 12.7% [£35-38 bn] • Food online share 3.7% • Non-food online share 19.2% • Online market share in 2018 - 21.5% [may take longer] • Food online share 9.5% • Non-food online share 32.1% • Around 60,000 stores expected to close Centre for Retail Research, Nottingham

  4. What are the issues? • New styles of retail and of IT. • Mobility, cloud, virtualisation, end- • point proliferation, big data, analytics. • Speed of Market development • Faster than security, risk, shrink concerns • Language. Cyberattacks (never theft), hackers, terrorists, evil geniuses, hacktivists • Operational changes. New retail – driven by IT, analytics, finance; store retail – store operations & security and risk. Who owns multichannel shrink? Centre for Retail Research, Nottingham

  5. Cyber-Problems • Category A: Crimes against IT Website capture, data theft, customer ID takeover, DDoS, hacking. Govt believes cybercrime costs £27 bn pa • Category B: Crimes using IT Payments fraud, fake orders, consignment fraud Centre for Retail Research, Nottingham

  6. Crimes against IT Category A. Crimes against IT • Breaking your system: • Distributed Denial of service (DDoS) • Email bombs • Website hacking: misinformation, or data theft • Fake/Proxy sites: fraud or reputational damage, website scraping or a spam site • Website data feeds: getless attention than visitor pages. SQL injection flaw – dump data to a new site • Your success breeds envy resentment and attacks • And there are plenty of retail own goals. Centre for Retail Research, Nottingham

  7. IT Solutions • Monitor/prevent scraping • Excess traffic monitoring • Blocking IP addresses • Commercial anti-bot software • Honeypot tests • ? National Cybercrime Unit Centre for Retail Research, Nottingham

  8. Employee fraud • Collusion…. and ORC • The man in the call centre - multichannel • Warehouse and distribution • Poor treatment of stock Similar issues to yesterday’s retailing. Centre for Retail Research, Nottingham

  9. Category B – Attacks using IT • False orders • Employee frauds • Payment fraud • Return fraud • Clean fraud Centre for Retail Research, Nottingham

  10. False orders • 1.40%-1.65% of orders are fraudulent • Loss around 1.26% or £429 million • Loss: • Fraud loss • Profit loss from refusing honest customers • Administrative costs of avoiding loss • Screening for bad orders …….. • 58% manually reviewed • 71% of reviewed orders accepted • 4.3% rejected for fraud Centre for Retail Research, Nottingham

  11. Rule-based Systems • Country or area – UK retailers pushing at borders. • Calculate objective risk factors: high value, high frequency, multiple items, risky postcode, expedited shipping, new customer. • Behavioural risk: speed of purchase, use of website, hovering. • Analytical software: monitor customer conversion rates, metrics, average checkout time and no. of pages, 2-3 day changes in ordering/delivery postcodes or products. • Assess by channel Centre for Retail Research, Nottingham

  12. The Right Customer • Authentication – problem of abandoned baskets. • Do we want to know if this is the right customer? • User code and PIN usual + cookies • Device information - Usually collect IPaddress (PC) or IMEI (mobiles). • Regular customer continuing usual routine? • Mobiles – authentication harder than PCs • Multifactor authentication might be the answer, but take-up even of 3D secure is weak. • May well be driven by payment technology (if at all), but problems with mobile transactions Centre for Retail Research, Nottingham

  13. Criminals taking over customer accounts: some options • Account password storage. • Password strength • Taking control of cookies • XSS/cross site scripting issues (mixed mode website coding) • Obviously IT has to fix these things..BUT White Hat Security Report – May 2013 - 86% of all sites – at least 1 major security flaw - Av no. of serious flaws 56 (230 in 2010) - Time taken to resolve issue - weeks - IT websites – most flaws Centre for Retail Research, Nottingham

  14. Payment fraud online • Raises same issues as any payment fraud, but no card required • Dependent on order acceptance • Use: • Card verification/CSC 70% • 3D secure/VbyVisa 61% • Address verification 56% • Postal address validation 24% • Supplementary • IP Geolocation 17% • Device fingerprinting 8% • 2-factor authentication – eg PIN and token Centre for Retail Research, Nottingham

  15. Scope of Payment Fraud • Card fraud fallen by 70% since 2004 • Online payments fraud around £90 mn or 0.26% of t/o • If near the barrier, banks more vigorous with chargebacks and will change conditions of acceptance with limited notice. • Use of Paypal – security issues in concealing customer payment details Centre for Retail Research, Nottingham

  16. Delivery fraud and shrink • Click & Collect shows whether goods have been received. Really? • Is Click & Collect a shrinkage hazard? • Delivery address changes, hot postcodes, & address checks help somewhat • Packaging and delivery affects waste • Email and sms with customers – delivery options and time slots. Reduces fraud, prevents revisits • Doorstep thefts Centre for Retail Research, Nottingham

  17. Omnichannel • Single view of customer – previous purchases, preferences/sizing, goods on order, payment methods, wish lists. • Means dipping into many databases, and auxiliary data pools. • = risk • Shrinkage: analyse by product/category and channel Centre for Retail Research, Nottingham

  18. Returns • Major online problem - difficult to control • Sizing and product info can be of some help • Storage issues of returned merchandise • Use of returns to a physical store may improve control. Option choice • Sharing information with other retailers will show excessive returners Centre for Retail Research, Nottingham

  19. Mobile phones • Mobile is Fastest Growing Area • Users do not update their software • Proportion of users check email thru smartphones and can be compromised • Authentication a problem • Malware egCertificate.apksecurity app sending bank details to +44 number. Perkele diverts sms messages to malware owners. • Android OS used for 79% of 2012 malware. Non-pay exploits now v. popular. • Tablets – few security devices and anti-virus Centre for Retail Research, Nottingham

  20. Clean fraud • In the US, clean fraud is now seen as the biggest problem and is hardest to screen. • Customer behaviour and age of account • Metrics: age of email account, electoral roll, discrimination by product …. Dependent on continuous monitoring • Go deeper: social media, internet search. Centre for Retail Research, Nottingham

  21. Curbing online shrinkage • Security risk and audit follow in the footsteps of IT and marketing • Omnichannel – multiplies risks. Vulnerabilities at every stage • Risks v reward has to underlie decisions • There is excessive manual order screening • Trends by value and by location mean more screening tools required • Shrink in distribution, return, and delivery very important. Communication….. • Data sharing will help with key metrics. Centre for Retail Research, Nottingham

  22. Thank You Prof Joshua Bamfield Centre for Retail Research Nottingham NG22 9HQ 01623 867559 www.retailresearch.org Twitter: cristobel75 Centre for Retail Research, Nottingham

More Related