Amazon recently announced the impending public debut of Amazon Go, a new in-store grocery shopping experience that uses customers’ connected devices and “Just Walk Out Technology” to eliminate the checkout line.(1) Monica Eaton-Cardone, an IT executive with expertise in risk management and fraud prevention, sees great promise in Amazon’s new innovation but warns it may come with hidden security and privacy risks.
According to Morgan Stanley Research, the U.S. grocery category totaled roughly $675 billion as of early 2016, with online sales accounting for only about 2 percent of that. However, groceries were “by far the largest of the eCommerce categories surveyed”—representing 19 percent of consumer spending—and Morgan Stanley predicted online grocery sales would grow to over $42 billion during 2016. The survey results also suggested that U.S. online grocery penetration would climb from 16 to 28 percent for packaged goods and from 8 to 26 percent for fresh food.(2)
Among consumers who have never shopped for groceries online, 67 percent say it is because they like to select the fresh products themselves.(2) Amazon Go will overcome that barrier, while eliminating the need to wait in checkout lines. Shoppers simply scan their mobile device to enter the store; the Just Walk Out Technology uses computer vision and machine learning to automatically detect the items they take from the shelves, and the app totals their purchases and charges their Amazon account when they leave. The 1,800-square-foot Amazon Go pilot store in Seattle will open to the public in early 2017.(1)
“Amazon continues to revolutionize the way Americans shop. By eliminating grocery stores’ time-consuming checkout lines, Amazon Go will win over shoppers seeking convenience, ease and speed,” predicted Eaton-Cardone, who serves as Chief Information Officer (CIO) of Global Risk Technologies and Chief Operating Officer (COO) of Chargebacks911. “At the same time, it’s important to be aware of security vulnerabilities and evolving fraud schemes—such as the return fraud, refund fraud and friendly fraud that followed the launch of Apple Pay—as well as the privacy rights consumers may have to relinquish for the sake of convenience.”
A recent Pwnie Express study found that 92 percent of IT security professionals believe connected devices will be a major security issue in 2017 after witnessing their role in last fall’s distributed denial of service (DDoS) attacks by Mirai malware. Many respondents experienced attacks on their Internet of Things (IoT) devices: 16 percent were hit with man-in-the-middle attacks, 20 percent with ransomware and 32 percent with malware.(3) Eaton-Cardone notes that hackers and fraudsters are quick to exploit weak links in new technology, and emphasizes that Amazon will need to take steps to address those security vulnerabilities when scaling its new shopping experience.
While Amazon Go is positioned as an innovation designed to improve the customer experience, Eaton-Cardone suggests another motive may be at play—an effort to reduce chargebacks. “A growing number of online retailers are raising prices and adding return or restocking fees in an effort to recoup chargeback losses. But these strategies often backfire; by reducing the value of their offerings, merchants may drive customers away and even create more chargebacks,” she explained. “Amazon’s new technology cleverly combats chargebacks by requiring customers to unlock and scan their mobile device upon entry and tracking them as they move through the store, thereby nipping unauthorized transaction disputes in the bud.”
Eaton-Cardone sees Amazon Go as a win-win solution for both the retailer and its customers, but she cautions consumers to be cognizant of the privacy rights they may be giving up in the process. “Tech-enabled stores of the future may leverage video capture, facial recognition and other biometrics. Time will tell if consumers are willing to surrender their privacy and personally identifiable data in exchange for a faster checkout process—and whether companies are able to keep that data safe from hackers’ increasingly sophisticated attacks,” she concluded.