Verifying Identity In Today’s Digital Economy: A Look At Regulated Retail

Glenn Larson is the Vice President of Engineering at Acuant and is a member of Forbes Technology Council,  an invitation-only community for world-class CIOs, CTOs and technology executives. Read his article for the Forbes Tech Council below, or you can read the original here.

Digital adoption has changed the very nature of business and customer interactions. Just 20 years ago, business was always conducted in person — whether applying for a retail credit card or purchasing alcohol. The rise of mobile phones has changed that dynamic. Now customers can be located anywhere, with very little to no interpersonal communication throughout the transaction.

While customers are thrilled with the flexibility this provides — no need to travel to a physical location and no transaction restrictions during traditional business hours — retailers are left to determine how best to verify customer identity virtually, a challenge that only increases in scope. According to a survey by the National Retail Federation, “92% of companies surveyed had been a victim of organized retail crime (ORC) in the past year.” Even further, “71% said ORC incidents were increasing.”

Retailers are left struggling to balance security with user experience. Research shows that the onboarding process is often the key indicator of the customer relationship. A laborious ID verification process during onboarding often results in an abandoned cart or — worse — a visit to the competition.

Regulated Industries Face Strict ID Verification Legislation 

Regulated industries — like alcohol, gaming, tobacco, vaping and cannabis — require more stringent compliance for verifying customer identity. New federal regulations require that retailers prove they are not selling “age-restricted” products online to customers who are “under the minimum legal age.” Failure to comply can result in steep fines or, in more severe cases, jail time.

The rise in popularity of “vaping” — especially amongst minors — has brought increased focus and legislation on the e-cigarette industry. According to a study by the American Academy of Pediatrics, “approximately 3 million U.S. adolescents currently use e-cigarettes. This includes those who never smoked cigarettes.”

The FDA weighed in on this growing public health concern during a March 2019 address. Scott Gottlieb, outgoing Food and Drug Administration commissioner, shared new age-restriction-related policy for the purchase of flavored e-cigarettes. The purchase of flavored nicotine pods will be limited to retailers and websites that impose age restrictions.

Individual states and counties have taken steps to fight this epidemic on their own. For example, California’s recently enacted Stop Tobacco Access to Kids Enforcement Act, or STAKE Act. Meant to prohibit the sale of tobacco products to anyone under the age of 21, the STAKE ACT mandates that distributors and retailers post a notice at each point of purchase, and it requires online retailers to verify the age of prospective consumers.

Adapting To An Era Of  ‘Customer Not Present’

It’s no secret that mobile commerce has exploded. Forrester estimates that “sales made via smartphones is expected to reach $209 billion by 2022 and in 2018 accounted for approximately 23% of all online sales.”

Rising mobile and e-commerce transactions present challenges in verifying customer identity; however, there are steps retailers can take to minimize risk and add benefits:

• Require Customer Accounts: Taking this step ensures that customers provide adequate, verifiable information about themselves during the initial purchase process only (onboarding), making ongoing purchases much faster and easier, providing the ability to personalize targeted advertisements and marketing campaigns in subsequent client engagements.

• Use Identity-Verification Software: Savvy retailers are adopting online fraud-detection tools like risk-based authentication and new account fraud prevention. Especially pertinent for retailers in highly-regulated industries, identity verification software ensures compliance with mandates and legislation.

• Get to Know Your Customer: Retailers that properly manage customer data — whether it be purchase history or personal preferences — are streamlining the process for future business and creating a “stickier” relationship with their customer base

• Meet Customers Where They Shop: The growing number of global transactions means that it’s more important than ever to provide solutions to identify and protect users on the move. Be mobile! Look for solutions that can streamline the onboarding and information gathering process (eliminate unnecessary typing where possible) on all channels — especially on smartphones — while accurately identifying each customer.

As retailers struggle with the hurdles imposed in identity verification — especially for those in highly-regulated industries — it’s important to keep in mind there is no one-size-fits-all solution. Ultimately, your solutions and practices need to provide a streamlined, balanced and customer-centric approach. How you go about doing that is up to your business and what works best for your customers.


To learn more about Acuant’s identity solutions, schedule a demo now:

Digital Identity Is The Key To CX

Glenn Larson is the Vice President of Engineering at Acuant and is a member of Forbes Technology Council,  an invitation-only community for world-class CIOs, CTOs and technology executives. Read his first article for the Forbes Tech Council below, or you can read the original here.

Digital Identity Is The Key To CX

It’s no secret that today’s consumer is experience-centric. Not only have organizations realized the tie between customer experience and revenue, but 88% of businesses view customer experience as a competitive differentiator. Data shows that customers are willing to pay more for a better experience, and often experience trumps both price and product.

Companies like Apple, Uber and Venmo have set the bar for what customers now expect from brands. Not only should the service be fast and intuitive, but personalization has become the expectation of mobile-first users. The first customer touch point is incredibly important as well; a clunky or time-consuming onboarding process can result in frustration or — even worse — abandonment.

Then consider the more than 70 million digitally-savvy millennials who have grown up with internet access and who expect near-immediate response times. Having grown up with access to services like Netflix and Amazon Prime, they value speed and efficiency. These individuals use smartphones to conduct their business, whether for shopping, services or banking. Over the past several years, we’ve seen a steady rise in what’s been dubbed the “experience economy” — attributed, almost certainly, to the buying power of millennials.

A Balancing Act: User Experience Versus Risk

The challenge comes in providing a smooth experience that still adequately protects both the user and the company. There is significant risk associated with exposing personally identifiable information (PII) and the answers to knowledge-based authentication (KBA) questions, which can easily be bought and sold on the dark web. In fact, nearly 15 billion identity records circulated in underground communities in 2018.

Establishing identity in a digital world is fraught with challenges and questions around how to collect, process and manage PII data. With hackers looming large, it’s on merchants to find more secure methods of establishing identity. For businesses, providing the customer experience that clients demand while ensuring security is all about balancing an acceptable level of risk with the smallest possible amount of friction. Here’s how to go about it.

Digitize And Automate Onboarding

That first touch point — customer onboarding — truly sets the tone for the relationship. Today’s customer turns a nose up at a lengthy, arduous onboarding process. No one wants to deal with manual paperwork. You can streamline the process while still keeping risk in check by using technology that captures ID images, data and identity verification in one process.

Omnichannel Is Imperative

Consider the banking industry. According to research from the American Bankers Association, 72% of Americans most often access their bank accounts online. Millennials, in particular, are exploring banks that offer mobile account enrollment and access, as they prefer to avoid visiting bricks-and-mortar branches.

Savvy businesses will empower their customers to transact whenever and however they wish. There are many ID verification solutions available to enable easy onboarding but still enforce stringent security protections. These methods can capture and digitize PII to quickly verify that the person is who they claim to be.

Loyalty Programs + Personalization = Return Customers

Today’s shoppers expect a targeted user experience based on previous behaviors, purchases, likes and even dislikes. Collecting customer data that provides insights into customer preference is one key to achieving customer loyalty. In particular, companies in the hospitality, gaming or retail industries should keep track of customer demographics to offer more targeted experiences. For example, retailers can offer specific product recommendations based on what the customer previously purchased or offer targeted savings/promotions for favorite items.

Enabling quick, automated signup for loyalty programs is also key. Customers are generating and sharing more data than ever, and with machine learning and artificial intelligence capabilities, companies can take this opportunity one step further by allowing for personalization at the regional and individual level. It’s true that some may find this technology unsettling, and there should always be a prominent option in place to allow customers to opt out. But at the end of the day, we know that millennials, by and large, are all-in on highly-personalized experiences.

Vaping and Cannabis Industries are Booming: Learn how to Easily Comply with Age Verification for Sales of Regulated Goods Online, Mobile and On Premise

Mobile commerce, by any measure, is booming. Forrester estimates that sales made via smartphones is expected to reach $209 billion by 2022 and in 2018 accounted for approximately 23% of all online sales. For businesses selling age-restricted products such as tobacco, e-cigarettes and cannabis, selling online is more challenging. Retailers must verify a customer’s age to meet federal regulations. In fact, it is the responsibility of retailers to ensure they do not sell age-restricted products online to people who are under the minimum legal age, and failure to set up reasonable measures to confirm the age of potential purchasers can result in fines and even possible jail time.

New laws that permit the sale of cannabis in certain states have started a whole new industry for online sales and distribution – including home delivery via “Uber” like apps. At the same time, e-cigarettes and vaping are becoming increasingly popular, particularly among teens. In 2018, more than 20% of high school students reported having used e-cigarettes in the last 30 days.

Access to these products is easily available via online sources and online retailers often rely on the purchasers to confirm that they meet the minimum age requirements by simply checking a box or providing a date of birth.  Requiring a credit or debit card isn’t enough for proof of age either, as minors can obtain these cards as well. For today’s boundary-testing and technology-savvy teens, these techniques are not adequate and fail to limit access to age-restricted products. In one study, underage buyers were able to use their real ID and a prepaid Visa card to order alcohol online and have it delivered to their home without anyone verifying their age.

As a result of online and mobile sales of restricted products and the proliferation of these products among minors, the U.S. Food and Drug Administration (FDA) announced in November 2018 that new steps to restrict illegal underage use of e-cigarettes would be coming. One proposed measure would require that online stores implement better age-verification measures – far stricter than the self-verifying measures that are common.

California has already enacted the STAKE Act, which prohibits the sale of tobacco products to anyone under the age of 21 and imposes mandatory steps for online retailers to verify the age of prospective buyers. These steps include matching the customer information to a database of verified individuals and if they cannot be verified requiring the purchaser to submit an age-verification kit with valid government identification.

To better comply with current and potential future legislation while still providing a positive customer experience to of age purchasers, retailers should implement improved online and mobile identity verification solutions, as well as in store when applicable. This will protect them from legal implications and guard their reputations in the communities they serve.

There are now technologies that can help merchants accurately verify a customer’s age using their mobile device or desktop camera in seconds. The customer can simply submit a photo of their government-issued ID for forensic authentication to ensure it is a genuine, unaltered ID. The speed of verification means that legal buyers can be assured of a quick, painless experience. On premise, this can be accomplished with either a mobile device or a scanner connected to a desktop or even a self-service kiosk solution.

For an extra layer of protection with remote transactions or for initial sign up to make recurring transactions easier, merchants can employ facial recognition technology to confirm that the person making the purchase is the same person in the ID. The buyer can take a selfie and compare it to the extracted biometric data from the ID. Again, results are given in seconds. In addition to these offerings, Acuant provides liveness detection which confirms that there is a live person in front of the camera – not a static image. Retailers can also use that information for future transactions (using only facial recognition to verify and transact), as well as for records management and marketing to age-appropriate customers.

While age-restricted products like e-cigarettes should not end up in the hands of children, legitimate buyers should be able to purchase products with ease. At the same time, retailers must protect themselves from fraud and fines due to increasing regulation. Acuant’s ID verification solutions allow merchants can take advantage of the boom in mobile commerce while staying on the right side of the law and delivering a superior customer experience.


free download KYC: ID & Age Verification in the Digital Economy

Three Ways to Combat Rising Retail Fraud

Reports show that fraud challenges and cost pressures continue to plague retailers across the U.S. A study from ACI Worldwide projects a 14 percent increase in total retail fraud attempts and a 17 percent increase in value this year compared to 2017. Areas of particular concern are the sharp rise in card-not-present (CNP) and mobile commerce fraud, according to the annual LexisNexis “True Cost of Fraud” report. The number of merchants selling goods via mobile channels, especially digital goods, is growing, but there are significant risks. For each dollar lost to fraud, online merchants can ultimately expect to lose $2.94 in revenue. That number jumps to $3.29 per dollar for m-commerce retailers.

The dramatic growth of mobile sales and the need to acquire and retain customers are driving retailers to move to m-commerce. Millennials are particularly likely to purchase from their mobile devices, but m-commerce transactions are rising across the board as smartphone ownership is at all time high. Half of U.S. adults (51 percent) report making online purchases via their smartphone according to Pew Research.

So what can retailers do to mitigate the risks of online shopping? Here are three ideas to keep identity scammers at bay.


 1. Require Customer Accounts

To better know and understand their customers, retailers can require shoppers to set up an account. Taking this step will ensure that customers provide more information about themselves during the buying process. In order to make on-boarding seamless, merchants can allow mobile shoppers to use their smartphone camera to capture the identity document and auto-populate key customer information directly into the system using Acuant’s IDscan technology.


2. Verify Your Customer

As mobile commerce is the sector most susceptible to fraud, particularly identity fraud, retailers are realizing the importance of both ID authentication and verification. With AssureID, merchants can know that the identification document is valid and use Acuant’s FRM technology, to authenticate that the customer is the person in the document. In the digital ID capture process, Acuant runs up to 50 different authentication tests per document in seconds. Acuant then validates the identity of the user, comparing facial biometrics from a liveness-tested selfie to the identity document. The combination of Acuant’s solutions enables a streamlined workflow for shoppers while reducing the risk of fraud from identity theft.


3. Choose Cloud-Based Solutions that Utilize Machine Learning

Online fraud detection is growing in complexity and demand, and its tools are being used for risk-based authentication and new account fraud prevention. Security and risk management leaders involved in online fraud detection should use machine-learning analytics and cloud-based deployment options, states Gartner’s 2018 Market Guide for Online Fraud Detection.

Mobile commerce is where retailers are seeing strong growth and given the current retail environment, no merchant can afford to ignore this trend. At the same time, it is important to balance the risk and the opportunity to ensure that retailers are protecting themselves against loss while still providing seamless customer experience. Acuant provides solutions that are best in class, securing transactions, protecting PII data and providing a pleasing customer experience.


Learn more about Acuant’s identity verification solutions and visit us at NRF 2019: Retail’s Big Show, Jan. 13-15 in New York. We’ll be in our partner Aila Technologies booth # 1240 demonstrating our solutions and happy to book meetings on-site here.




Why Vape Shops Need to Embrace Modern ID Verification

The FDA ruled earlier this year that electronic smoking devices including vape pens and e-cigarettes fall under the category of “tobacco products,” which makes them unavailable to anyone who is under 18. This means vape shops and other retailers now need to verify the ages of customers who want to buy them. The new legislation went into effect August 8, 2016 and will no doubt hugely impact the $3.5 billion a year industry.

The new regulations are in place because the FDA has seen a significant increase in minors who are using electronic smoking devices over the past five years. Back in 2011, 1.5% of high schoolers were using e-cigarettes, but by 2016, that number jumped by 16%. With the new ID verification laws, electronic smoking devices will be harder for minors to access.

Sellers will now have to make sure customer ages are verified before they can purchase an electronic smoking device. When the age restrictions weren’t in place, merchants used to offer free samples to customers and electronic smoking devices were also available in vending machines. The new regulations prevent customers from buying electronic smoking devices without a verified photo ID. Retailers will have to ID customers who look younger than 27 and want to purchase an electronic smoking device.

Verifying IDs can be a difficult process for store clerks, especially if they are doing it by hand. Accuracy in ID verification is critical for retailers under this new regulation because if they fail to verify the ages of customers, they can be hit with huge fines.

Acuant offers a solution for retailers needing a fast, easy and reliable age verification. Whether in the vaping, alcohol, lottery or market, retailers can use Acuant’s ID card authentication solution to accurately verify customer identities and ages in seconds. Acuant’s AssureID solution automatically recognizes IDs from all 50 states, making it easy for retailers to implement across national locations. With immediate image processing and data intake, customers won’t have to wait in long lines while cashiers verify customer IDs. Instead of manually checking IDs, which can lead to inaccuracies, cashiers can use Acuant’s solutions to electronically verify ages with a scanner or mobile device. Acuant’s instant ID verification technology guarantees accuracy and speed, so retailers will be able to remain in compliance and transact with confidence.

Gun Control: Current Purchasing Process and Technology’s Role

The topic of gun control is making headline news more and more consistently. With recent tragic events and ongoing gun control law battles, one might start to question and research what laws currently exist around purchasing a firearm today and what that process looks like.

When a customer buys a firearm from a Federal Firearm Licensed Dealer, they have to fill out government forms like ATF Form 4473, from the Bureau of Alcohol, Tobacco, Firearms and Explosives. ATF Form 4473 requires customers to fill out personally identifying information like names, addresses, and dates of birth. Customers also have to include information from valid government-issued photo IDs, like a driver’s license that includes their current address.  A National Instant Criminal Background Check System (NICS) background check transaction number is required as well. This background check determines if prospective firearms or explosives buyers’ name and birth year match those of a person who is not eligible to buy.

Firearms sellers rely on customers to fill out forms accurately, since they have to keep a log of all purchases. The ATF can inspect purchase logs, and lying on federal forms for a firearms purchase can result in a felony. Incorrectly filling out forms for a firearms purchase can result in severe consequences for the buyer and the seller, so it is imperative that the information gathered is accurate.

Intelligent data capture and identity verification can help to reduce fraud and errors in the firearms transaction process. Our recent partnership with ITouch Technology, a developer of multimedia technology for the hunting and fishing sports industry, has created a self-service kiosk solution that enables electronic capture of customer’s identification to be utilized for processing the ATF Form 4473 and NICS background checks. ITouch Technology’s kiosk application has been developed for use by federally licensed firearms dealers, and offers Acuant’s solution for accurate identification capture and information gathering.

Instead of manually filling out forms, Acuant’s software gathers data from government issued ID’s and auto-populates the information into government approved forms. Filling out forms manually can often result in inaccuracies, which can cause problems for buyers, sellers, and the ATF. Intelligent data capture guarantees accuracy.

Sporting goods retailers that sell hunting and fishing licenses can also benefit from intelligent data capturing solutions. Instead of filling out applications with a retail employee, customers can instead apply for a license at a self-service kiosk. Customers can scan their ID’s at the ITouch Technology self-service kiosk. Acuant’s solution will verify the customer’s identity while automatically filling out a license application with information gathered from the ID. This solution eliminates errors while the verification element ensures the person’s identity.

Purchasing a firearm is a serious matter, and immaterial of current federal regulations, it is clear that technology solutions can play a positive role in the current process.

5 Reasons Why Every Business Needs Identity Solutions

Gathering information from customers and verifying the identities of those who provide it is becoming a simpler task, with the advent of identity solutions that enable businesses to capture, process and verify information in a single step.

Most identity solutions combine hardware systems, software and even cloud-based solutions to make capturing information as easy as swiping a credit card. No more paper forms to fill out. No manual typing of information. It sounds almost magical when you think about it.

But is this new technology simply the latest fad or something your business should seriously consider? Here are 5 reasons why your business should be investing in identity solutions now:

1. Streamlined Processes & Greater Accuracy


Whether they are paper-based or computerized, using forms to gather customer information has its limitations. Customers spell things wrong, leave things blank or mistype information. Handwriting can be difficult to read on paper-based forms, leading to data entry errors. Even your own employees can make mistakes when typing information or merging it with other data in the system.

By contrast, the technology behind identity solutions virtually eliminates manual input of information for greater accuracy.

A simple swipe of a driver’s license, state-issued ID, passport, or other ID easily captures relevant information, intelligently populates the fields for use in third party databases, and verifies the identity of customers in a single step. This saves time, money and frustration by simplifying a formerly complex process.

2. Better Customer Relationships

By eliminating the annoying pile of paperwork that most customers fill out on their first visit, you’ll be one step ahead of your competition, making your business more customer-friendly from the start.

Furthermore, the additional time you can spend with your patients, clients or customers when you eliminate the lengthy check-in process becomes a great way to start customer relationships on a positive note.

Even customers who shop online will appreciate the streamlined process that identity solutions allow, enabling them to proceed through to checkout with minimal input of information.

Finally, you’ll build trust with customers when you take the time to verify their information. Customers will appreciate your attention to safeguarding their identity, building rapport and brand loyalty.

3. Increased Security

With threats of domestic terrorism on the rise, it’s more important than ever to verify the identities of customers and other visitors that enter your store, facility, practice, or campus. Identity solutions are a great tool to instantly verify the identity of any visitor quickly and easily, making both customers and employees feel safer.

The integrated technologies of many identity solutions can give your business the ability to process and verify visitors quickly, while capturing detailed information and images from visitor ID’s, business cards, or passports.

4. Deter Fraud

lexis nexis

Excerpted from

By verifying the identity of shoppers both in-person and online, you’ll decrease fraudulent transactions which lead to lost merchandise and chargebacks that cut into your bottom line.

Identity solutions don’t just verify that the credit card or other payment method is valid. They also verify the identity of the card user, effectively preventing transactions from lost or stolen credit cards.

5. Regulatory Compliance


Using identity solutions is a great way to comply with legal requirements imposed by state and federal laws. For example, if you serve alcohol or sell other products that cannot be sold to minors, identity solutions enable you to verify the identity and age of potential customers, so you stay in compliance with the law, avoiding costly fines and even lawsuits. Financial service providers can ensure that their customers have a fast, positive experience when opening accounts while meeting the Know Your Customer (KYC) and Customer Identification Program requirements.

Identity solutions are also a great tool to help medical practices and other businesses comply with growing HIPPA regulatory compliance requirements.

Emerging identity solution technologies are changing the way business is done for the better, leading to reduced paperwork and greater accuracy, increased security, less fraud and better compliance with regulatory requirements, while providing a better customer experience all around. If you’re interested in moving your business forward, while saving time and money, it’s time to consider identity solutions for your growing business.

Information is Power

by Bruce Ackerman, EVP of Global Sales & Marketing

The phrase scientia est potential is Latin for “knowledge is power”.  And while that may be true, I prefer the Latin phrase notitia est potential which means “information is power”.

Imagine going into a sale and knowing in advance what your prospective customer’s budget is, how much money they make, or how much cash they have for a down payment.  It is possible to some extent using a credit bureau such as Experian, Equifax, or TransUnion but this is a cumbersome process requiring the prospect to grant permission to check these sources.  It can be costly and no one wants their credit checked too frequently as it adversely affects their credit score.

But what if you could simply scan someone’s name and address right off of their driver’s license and ping that information against a series of databases using a sophisticated algorithm to return an income range? Information is Power.

You now have the power to customize your sales approach with each prospect.  For example, you are a sales person selling automobiles and you are about to go on a test drive of a $50,000 car with a person who makes between $25,000 and $50,000 per year.  You probably want to know if and how this person can afford the car in order to use your time effectively. For instance, during the test drive while selling the virtues of the car, you could delve into the financial side and find out that valuable information without taking up valuable time.

Now think about this for underwriting, loan platforms, or retail banking. You can prequalify a customer without having to hit their credit (numerous credit inquiries creates a detrimental effect for the loan applicant).

There are also numerous possibilities for this kind of technology for retail; you can verify someone’s identity and income with a simple scan of their ID.  This would be especially useful in high end or luxury retail operations, qualifying for store branded credit cards, and even promoting loyalty programs.

Another scenario is when renting an apartment, the agent can do a background check and a preliminary “credit” check or income verification while standing with the potential rentee in the unit they are considering.  It saves both parties valuable time in pre-qualifying.

As you can see, this type of information is power. Power that saves companies and employees valuable time and money in sales strategies and upgrading customer service through a seamless, quick and easy experience.

Walmart Launches Mobile Payment App

Walmart is launching a new mobile payment system that will allow customers to pay for their purchases using their smartphones while they are in the store. The app will be tied to the customer’s payment card. Walmart customers have to open up the Walmart Pay app on their smartphones, and then scan a barcode on the register screen during checkout.

Walmart is launching a new mobile payment system that will allow customers to pay for their purchases using their smartphones while they are in the store. The app will be tied to the customer’s payment card. Walmart customers have to open up the Walmart Pay app on their smartphones, and then scan a barcode on the register screen during checkout. The register then sends a receipt to the customer’s smartphone. The payment gets handled by the payment card that’s linked to the app. The new mobile payment method will be available to customers in Arkansas now, and will be launched nationwide in 2016.

The Walmart Pay app works on both Apple’s iOS and Google’s Android mobile operating system. This mobile payment method competes with Apple Pay, Samsung Pay, and MCX’s CurrentC app. MCX, which was launced in 2012, will be particularly affected by the new Walmart Pay app. Walmart was one of the retailers participating in the MCX mobile payment system before the launch of Walmart Pay.

Mobile payments through smartphones at retailers are expected to increase to $118 billion by 2018. Last year, customers used their smartphones to make $3.5 in mobile payments at retailers. However, both Apple and Google have struggled to get shoppers to switch over entirely to using their smartphones to complete transactions. This past Black Friday, shoppers used Apple Pay in only 2.7% of eligible transactions, and instead preferred to use their credit cards or cash.

Walmart’s new mobile payment system mimics the system Starbucks introduced back in 2011 with their app. The Starbucks mobile payment app initially let customers make payments and store their Starbucks gift cards. Now customers can store their credit cards in the Starbucks app and scan their smartphones at the register to pay for their coffee. The coffee chain says that of the 9 million weekly transactions conducted in their stores, 20% come from payments via smartphones.

Retailers are trying to make payments easier and faster for shoppers. With mobile payments, customers won’t have to wait in long lines before paying for their purchases. Retail employees won’t have to spend time helping customers pay for their purchases at a register. Instead, they can be on the floor helping customers find what they need. Walmart hasn’t integrated a loyalty rewards program into its app because it would cause too many issues. Retail employees can use their time on the floor to help customers sign up for loyalty programs and store credit cards. Employees can easily enroll customers into a rewards program with a card scanner. Instead of filling out forms to sign up for a rewards program or credit card, a card scanner can instantly gather relevant information from a customer’s driver’s license. The card scanner can also verify the identity of the customer, so retailers will know that a fraudulent account isn’t being opened up in their store. As mobile payments become more popular with consumers, retailers should invest in card scanning technology to get customers to sign up for loyalty rewards programs and store credit cards.

Credit Card Malware During the Holiday Shopping Season

A new point-of-sale malware has been discovered just in time for the 2015 holiday shopping season. The latest form of malware can steal credit and debit card information when a customer pays for their purchase. The malware, which is called ModPOS, has infected point-of-sale systems at national retailers, although the specific retailers have not been named publicly. Security researchers say that this malware is the most sophisticated point-of-sale malware to date because it’s a framework rather than one piece of software. The different frameworks combined can collect confidential financial information about customers, and information about retail sales systems. The malware can also figure out the personal log-in credentials of retail employees, including executives. The ModPOS malware has been around for two years, but it was hard to detect because it used encryption and file compression to hide itself from anti-virus scans. Reports also say that health care providers, hospitality companies, and payment card processors might also be affected by this malware.

Security experts have also warned retailers and consumers about another point-of-sale malware called Cherry Picker, which has been around since 2011. Cherry Picker infects a point-of-sale system and then scrapes cardholder information from the memory. Most point-of-sale systems encrypt cardholder data when it’s transmitted to the payment processor for approval. Cherry Picker exploits the fact that many point-of-sale systems don’t encrypt cardholder data that’s stored in the memory before transmission. This malware also uses encryption, command line arguments, and configuration files to avoid detection. Criminals can keep the personal information they have collected about customers for themselves, or they can sell the confidential data online to identity thieves.

Since December 2013, when the data breach at Target affected millions of holiday shoppers, consumers and retailers alike have been concerned about keeping their information safe. Retailers have created an intelligence-sharing program called the Retail Cyber Intelligence Sharing Center in an attempt to stay on top of cyber threats. Despite the creation of this program, consumers are still worried about their information being stolen and used for identity fraud. Some consumers are opting to only use cash at retailers in an attempt to avoid identity theft. A survey conducted by BankRate and Princeton Survey Research Associates International found that 39% of holiday shoppers are planning to use cash to pay for their purchases. Only 22% of shoppers plan to use their credit cards when making a purchase this holiday shopping season. This is problematic for retailers who want customers to sign up for their store credit cards. Consumers are hesitant to sign up for store credit cards because they don’t know if that data will be encrypted and protected. Retailers can show their customers that they are keeping their data safe by requiring identity verification before customers are allowed to sign up for a credit card. Retailers can give their employees a card scanner that can authenticate IDs from all 50 states. With a quick authentication tool, retailers can get customers to sign up for store credit cards while also showing them that they value identity protection.