(For coverage of the NACS announcement on PCATS, see story in this issue of CSP Daily News)
During [image-nocss] a session on the future of data security, Gray Taylor, who will now head the newly integrated PCATS body as its executive director and who currently consults for NACS, described the need for the industry to take a proactive role in shaping how payment-technology standards develop.
"It'll cost the industry $1.5 billion to upgrade to Triple DES," Taylor said of the current encryption standard required by the PCI Security Standards Council, Wakefield, Mass. "And it'll take another $3.2 billon to integrate [the next standard of] chip-and-PIN."
The "chip-and-PIN" authentication method, which is the standard taking hold in Canada and Europe, uses a computer chip as well as a personal identification number (PIN) to verify the user's identity. In the United States, where single and triple DES (data encryption standard) has been mandated, moving to yet another technology would mean another round of expensive upgrades.
"We keep getting [short changed] because we take the new mandates, complain about them, [implement] them and then forget about them," Taylor said, adding that the next steps include active participation in standards bodies that can influence the PCI council, as well as legislative and advocacy initiatives.
Federal and local actions surrounding data security are also gaining momentum, he said. At the federal level, legislators are looking at laws to enhance consumer privacy. Across the country, states are looking at laws that would require notification of a breach to every affected consumer. States like Massachusetts are requiring all data be encrypted. Other states like Nevada are requiring that PCI standards be implemented.
"In the end, we're still a target," Taylor said. "Nine million merchants are holding onto card data, from Walmart to hot-dog stands. Breaches will continue."
Other NACStech sessions focused on social media. Kate Ngo, manager of marketing strategy and communications for Cumberland Farms, Framingham, Mass., spoke of the company's yearlong dive into the world of Facebook, having garnered nearly 90,000 "fans." Its "Chill Zone" frozen-drink strategy included contests that recruited fans to send photos and encourage others to join the fan club. One of the rewards was a "fan day" when everyone gathered to receive free product. The company even used the opportunity to launch new flavors of its frozen-beverage product, designing new cartoon-personality cups that represented each flavor.
Christianna Frizzell, manager of customer relationships for Speedway SuperAmerica LLC, Enon, Ohio, said the company has been developing ties to its loyalty-program members, currently 3.2 million strong over the network's 1,600 stores. It has taken sales statistics and proven internally that the more customers engage in offers, such as coupons or rewards, the more they spend in the store.
Speedway has used banner ads, "micro websites" and other electronic ways of engaging customers, she said. One particular micro-site featured the company's coffee program, allowing customers to share recipes of how they like to create their special brews.
The key to success? Frizzell said to assign a data owner, set parameters without being too strict, and partner with a consultant who can help the company avoid pitfalls. For instance, having a person's work e-mail means messages for weekend specials may not be received in time. Another example would be spam traps, where the company's message may be automatically sent to junk mail. Ways exist to avoid those spam-tracking programs.
The three-day NACStech conference runs through today.
[For more coverage on data security, look to the May issue of CSP magazine. For more on technology in general, veteran reporter Angel Abcede has started a discussion group onMyCStoreWorld.com called C-TechGroup in which followers can talk about what they saw at NACStech 2010 and what lies ahead. Also follow his Twitter posts under CSPAngelABC.]
Members help make our journalism possible. Become a CSP member today and unlock exclusive benefits, including unlimited access to all of our content. Sign up here.