How retail technology leads can deliver a secure shopping experience

| January 24, 2020 | By

How retail technology leads can deliver the most secure shopping experienceRetail technology
Collecting, processing and analysing customer data is an essential part of today’s retail technology, especially if you want to improve and personalise their in-store experience.

However, beyond speed, convenience and personalisation, which PwC identifies as the top defining in-store experiences a customer now expects, trust and privacy remain essential to their ongoing relationship with a retailer.

App security firm NowSecure recently reviewed 250 popularly used mobile apps and found 70% were leaking customers’ personal data, including names, emails, account details and phone numbers.

Indeed, retail apps were identified as the worst offenders, with 82% leaking this sort of sensitive data. 

As well as the obvious damage this does to a brand’s reputation, this problem is a GDPR nightmare for retailers – and it falls to their tech leads to ensure the right retail technology is in place to secure customer data, whilst at the same time delivering the personalised  in-store experiences expected.

In this How To Guide, we’ll go through the five steps a retail tech lead needs to take in order to deliver the most secure digital shopping experience to their customers.

The five steps that will help retail tech leads deliver the most secure shopping experience retail technology

1. Go mobile! Mobile payment is growing, it’s faster and it really is more secure

UK consumers spent a record £25bn via their smartphones in 2019, according to data from uSwitch. Within five years, Forrester estimates that £1.1 trillion of offline sales will be influenced by mobile. 

And while there are the odd data breach horror stories out there, the truth is mobile remains more secure than cash or card. 

Cash provides many challenges and problems for a retailer. Not only is it easier to steal, adds more time to the checkout experience and increases handling costs, it’s no longer the dominant form of payment in the UK – a trend that will only increase.

While physical cards are currently the most popular way to pay, this is changing and they continue to be open to serious fraud. 

Not only can physical cards be stolen and replicated, the rise of ecommerce has seen an unprecedented level of sensitive card data shared online in recent years. according to the RSA’s Fraud and Risk Intelligence (FRI) team, there were 140,344 card-related fraud attacks in the first half of 2019 - representing 32 attacks every hourPayment experts agree that, on the whole, mobile wallet or app payment is more secure than cash or card. 

When customers use the likes of Apple Pay, Samsung Pay, or PayPal, financial data is encrypted in the form of a one-time authorisation token rather than any personal financial information.

What’s more, mobile security features, like Touch and FaceID provide an added layer or authorisation when a customer uses their smartphones to pay.

2. Incorporate QR-code acceptance into your mobile payment experience

QR (short for Quick Response) codes have been around since 1994, but are still one of the most dominant forms of mobile payment. They form a core payment component of Alipay – the world’s largest mobile payment platform.The key advantages of QR codes powered by YoyoQR-code payment is especially important for retailers that want to deliver a fully branded wallet experience to their customers.

Rather then relying on external mobile payment methods, like Apple Pay or Samsung Pay, which can’t incorporate added value services and experiences, Yoyo-powered payment includes features including automated loyalty, digital itemised receipts and ordering capabilities.

3. Don’t just tokenize, double tokenize your customer’s data

Mobile payment and QR-code acceptance are great ways to encrypt and secure a customer’s financial information. However, we now live in a world where personal data is becoming equally valuable and in need of protection.

Take our day-to-day retail experience. Gaining access to special offers, loyalty programmes or personalised services requires a customer to enter details like names, emails, postcodes, and dates of birth.

Then look at the likes of Playstation (2011), Yahoo (2013/14), eBay (2014), Adult Friend Finder (2016), Equifax (2017), Google+ (2018) and Dixons Carphone (2019), which have all faced major personal data hacks in recent years.

The introduction of GDPR, and the huge fines now associated with personal data breaches, means this sort of data leak in the future could deliver a mortal wound to a retailer.

The fact they continue to occur reveals that most payment companies have been unable to fully tackle this problem.

That’s why Yoyo created a unique data security infrastructure, known as Double Tokenization, where both financial and personal data is fully encrypted, protected and secure when a customer pays at the point-of-sale:

Token 1 – Protecting payment data
Similar to mobile payment methods like Apple Pay, when a customer signs up to a retail app that’s powered by Yoyo, a unique token is generated to encrypt all payment details. Retail Technology

When a transaction takes place, Yoyo makes a request to the payment provider using the token for authorization. This token ensures that the retailer never needs to receive, store or transmit card information.

Token 2 – Protecting personal data retail technology
When a customer creates an account on a retail app powered by Yoyo, a unique user ID is issued. During a transaction, the app will generate a unique token (QR code), which automatically regenerates every 30 seconds. This ensures the customer’s personal identity is protected.

As well as transmitting payment authorisation, this dynamic QR code transmits the user ID through the scanner at the point-of-sale. This ensures that information is safeguarded and all user data is encrypted.

4. Deliver personalised experiences without accessing personal customer data

Yoyo’s unique Double Tokenization infrastructure ensures your retailer’s marketing team to deliver fast, convenient and personalised experiences without ever needing to know the actual identity of the customer they are engaging with 

(You can find out more about how Yoyo is able to identify granular customer behaviour here).

Instead, a retailer only needs to view the anonymised shopping and purchase behaviour of a shopper (eg. “CUSTOMER 09876”).

Here’s how it works:

Deliver personalised experiences without accessing personal customer data

5. Ensure your secure payment experience is cross-channel consistent

More than a third of consumers are put off by brands, whose retail technology delivers an inconsistent payment experience across online, mobile and in-store, according to Salesforce.

If you’ve built an experience that provides your customers with the option to split a bill, use multiple payment methods, collect loyalty points and redeem a voucher, they will expect the same level of data security whether they shop in-store or online.

Yoyo ensures that your retail technology delivers seamless payment and automated rewards, while ensuring that personal and financial data is fully secure, never shared and completely protected, regardless of the channel customers choose to shop from. Retail Technology

If you’ve got this far, be sure to download our latest report on what the future looks like for high street retail…

Customer Experience the new battleground for high street retailers

You will be able to unsubscribe from these communications at any time by following the link in email communications. For more information, please refer to Yoyo’s Privacy Policy here.