Imagine the grocery store of the future. You scan your palm on the way into the store which links to your store account and credit card. Then you grab a smart shopping cart from the front of the store. You upload your shopping list and the cart shows you where the items are located. It also makes recommendations for additional products you may want based on your shopping list and your historical purchases. As you place products in the cart, the price of each item and the grand total is displayed on the cart’s tablet. When you finish shopping, all you need to do is pay with the scan of a finger, palm, or face, and then bag your groceries and walk out.
With innovations in payment technology, this future is closer than you imagine.
While recent advancements in payment technology, such as tap-and-go and mobile wallets, have already enhanced the customer experience and strengthened security, emerging technology has the potential to further transform the payment experience. If retailers fail to upgrade their payment experiences, there is a risk of damaging customer loyalty, losing wallet share, and falling behind competitors.
As retailers look to future proof their payment technology options, factors to consider include security, customer experience, data management, and governance costs and risks. As with any new technology, it may take some education and time before customers choose the new payment method. But, if payment technology can ultimately make a shopping trip faster and more pleasant, customers will quickly come to prefer the new over the old.
Payment Technology can Revolutionize the Customer Experience
Some of the most exciting emerging payment technologies include RFID and biometrics.
RFID (radio frequency identification) technology can identify product tags less than a millimeter in length. For grocery retailers, RFID sensors on smart shopping carts can detect items, calculate the price and display the total on the integrated tablet. For apparel retailers, where smart shopping carts may be less practical, purchases can also be placed in a container equipped to detect multiple RFID tags at once, eliminating the need to scan every bar code. Overall, customers are less likely to require staff assistance, saving time for customers and employees.
Biometric payments eliminate the need for customers to fumble through their wallets for the right credit card. While tap-and-go mobile wallets may be faster than credit or cash payment, they still require authentication with Face ID or passcode entry.
With biometrics, it is a quick scan of your face, finger, or palm, and the payment is transacted and authenticated. Combining biometric payment with RFID can accelerate the checkout process even further, compared to implementing these technologies individually.
When considering updates to payment technology, retailers should be aware of the security implications, including both the advantages and risks.
Understand how your digital innovation stacks up against peers with our assessment tool, “Digital Performance Indicator.”
Security Benefits and Risks of Payment Technology
While checkout-less technology can lead to an improved customer experience by eliminating the need for a checkout line, the lack of cashiers may impact security. For example, without cashiers, customers may be tempted to shoplift. It is not hard to imagine a scenario where a customer “forgets” to place an item in their smart shopping cart and places it under their coat instead. A University of Leicester study found that existing self-checkout technology generated a loss rate of 4%, more than double the average loss rate of stores using staffed checkout. As retail businesses implement new payment technology, they should consider strategies to prevent theft. For the retailer of the future, cameras, and sensors may be one solution.
While biometric payments are generally more secure than credit card payments, some customers may have concerns over how their data is being used. When customers use a finger, face, or palm scan, retailers do not gain access to their personal information. Instead, data is converted into an encrypted code used to transact and authorize the payment, according to an article on TechTarget.
This greatly reduces the likelihood of fraud, as there are no physical cards with credit card numbers. Yet customers may be concerned about their personal information being stored and used to illegally target them. Retailers should communicate to customers that their information is not being stored at any step of the transaction process and the business has no way of identifying a customer based on their biometrics.
Despite the security benefits of biometrics, retailers should be careful to protect the encrypted codes because if bad actors do gain access to this information, a customer cannot “deactivate” their biometrics in the same way they can cancel a credit card once fraud is detected. Retailers should keep data decentralized to reduce the risks of a data breach and regularly test their systems.
Learn the cybersecurity risks that may threaten payment data in our “Top 10 Cybersecurity Threats to Business in 2023” insight.
Investing in Security Solutions Today for Tomorrow’s Payment Technology
As the payment industry transforms, so too will payment card industry compliance. Retailers need to make sure customer data is protected from cybercriminals. Most retailers are in-scope for Payment Card Industry (PCI) standards and it’s critical to conform to those standards as you upgrade your payments, and as those standards evolve.
BDO’S PCI Compliance service can help your retail business evaluate the risks and support your compliance efforts. In addition, BDO professionals have deep experience working with retailers to identify risks that could lead to data loss.
Our team of qualified security assessors (QSAs) can assist organizations with identifying applicable data protection requirements and adhering to them. Our team performs on-site readiness (gap) assessments, creates reports on compliance (ROCs), completes Self-Assessment Questionnaires (SAQs), and conducts other security testing activities required for retailers.
See how we’ve helped a digital banking and payment platform services company enhance its data protection capabilities.