Data Protection and Black Friday: What you need to Know

Last updated: 21 November 2016

This Thursday is the American Payment Systems Data Protectionholiday of Thanksgiving, when we celebrate gratitude, with a side of gluttony. Schools and most businesses are closed the following day as well, which often kicks-off holiday-time retail gluttony. Due to this jump in sales, retailers have traditionally been able to get their books from the red into the black of profit, and thus it became known as “Black Friday.”

Black Friday Security

Security on black Friday has numerous components. Retail professionals must be concerned with preventing shoplifting theft, as well as ensuring the security of shoppers in the face of riots and trampling in the rush to grab limited bargains. (I wish I could state that Black Friday trampling deaths were mere urban legend, but unfortunately not.)

But information technology professionals must also be focused on data protection.

Securing Transaction Data

As the now famous saying goes, “Data is the new oil.” The data surrounding transactions occurring on Black Friday is valuable, in addition to the actual revenue earned from the sale of holiday gifts.

Big Data Protection: The Value of Transactional Data

In a recent Harvard Business Review article, “How Technology Is Transforming Retail,” author Paul Clarke, chief technology officer, Ocado, describes the various battles currently underway across the warn-torn retail landscape. In a beautiful metaphor, Mr. Clarke describes four “technology tidal waves:” artificial intelligence (AI), robotics, big data, and the IoT, which will create new opportunities and industries, along with disrupting existing ones.

Big data can bring value to the retail industry in a variety of ways.

Examples of value creation from retail data include analyzing shoppers’ flow through the retail environment, a capability offered in NEC Smart Enterprise. CheckOut Apps is utilizing machine learning to better understand the connections between online sales activity and in-store preferences. The platform, “Analyzes both customer behavior and transaction data from the retail chain’s website to discover purchasing trends. It then uses this information to update in-store display screens in real time.” In a recent pilot, CheckOutApps increased in-store time by 16%.

The crude oil big data that will flow for retailers on Black Friday must be secured in order to be refined to bring value.

Securing Payments: PCI Compliance

Savvy retailers need to accept payments in the variety of emerging formats, including contactless. While cash is all that’s accepted at the snack bar at my local swim club, not many consumers are using dollar bill ‘notes’ for common Black Friday purchases, such as the latest electronics.

Therefore, successful vendors must expect a substantial quantity of payment card transactions on Black Friday. As such, all entities that store, process, or transmit cardholder data must maintain security. Technical and operational requirements for maintaining payment security is provided in the PCI security standards.

EMV for Secure Payments

EMV (Europay, MasterCard and Visa) is a global standard for cards equipped with computer chips and the technology used to authenticate chip-card transactions. At chip-enabled merchants in the U.S., counterfeit fraud dropped 47 percent in May compared with a year earlier. For merchants and financial institutions, the switch to EMV means adding new in-store technology and internal processing systems. EMV can be used with contact, contactless, and mobile payments.

Protecting Data in Motion

Electronic payments today involve numerous data transmissions, all of which must be made securely, or risk falling into the clutches of malicious hackers, and making it onto Gemalto’s Breach Level Index Annual Report.

While EMV cards reduce the value of stolen credit card numbers, criminals can steal data during transactions. Much like enterprise security, true secure payments must consider attacks from various angles and surfaces. From risk management to strong user authentication and transaction signing, a variety of solutions are necessary to secure all payments.

Big data brings value, but we need to make sure we are securing it. Learn more about the importance of data protection, get the Gemalto’s Data Breaches and Customer Loyalty Report

Leave a Reply

Your email address will not be published. Required fields are marked *