Checkpoint Systems Unveils Retail Technology Solutions At EuroShop 2020
Checkpoint Systems has unveiled a host of new, pioneering solutions at EuroShop 2020 that demonstrate how technology can help brands navigate the evolving retail landscape. The only fully vertically integrated solutions provider, Checkpoint, has developed an extensive understanding of the complex challenges presented by the retail digital transformation. And, its collaboration with leading retailers, such as LPP and Desigual, demonstrates how it is building an agile, responsive in-store environment, improving operations and creating a game-changing customer experience. Helping retailers fulfill omnichannel orders in-store, Checkpoint revealed the latest upgrades to its Internet of Things (IoT) platform HALO. securityinformed.com
 

Oxygen show 'Murdered by Morning' profiles 2013 case of Regional LP Manager who murdered a beloved Toys 'R' Us store manager in Hamburg, NY

Bernard Grucza had been authorities' "go-to" guy for help on the investigation,
until DNA evidence connected him to the fatal stabbing of Larry Wells

Local journalist Matt Chandler covered crime in Erie County, New York for 20 years, but when it came to the June 2013 murder of Hamburg Toys “R” Us manager Larry Wells, he’d never written about a victim who was so “universally loved,” he said.

Wells, 35, was stabbed to death in the wee hours of June 29 in the toy store’s office while his co-workers stocked merchandise. The investigation took months as authorities wrestled with the question: Who would want to hurt the well-liked father and co-worker who fostered a family-like atmosphere among the store’s employees?

Authorities, who called the case a “true whodunnit,” retraced the 109-day investigation on “Murdered by Morning” on Oxygen. oxygen.com 

Watch the full episode on-demand here (cable login required) - or check your local TV listings.

10-18-13: Read the D&D Daily's Special Report on the case here


NYC: Convenience store goes viral with 5-second shoplifting challenge
A local deli and convenience store in the Bronx, New York, has gone viral over a unique challenge offered to customers. If customers can solve a math problem, they have five seconds to steal almost anything from the store, CNN reported.

Twenty-year-old college student Ahmed Alwan works as a cashier at his father's deli and convenience store, the Lucky Candy, and came up with a simple TikTok challenge a couple of weeks ago for his customers. Since then, it has gone viral across social media, with Alwan gaining over 450,000 TikTok followers and 75,000 Instagram followers. jdpost.com

Widespread BOPUS Fraud
Chargebacks911 Warns Consumer Fraud Threatens Retailers’ BOPUS Boom
Rather than shopping online and waiting for a delivery to arrive, increasing numbers of consumers opt to go to one of the seller’s bricks-and-mortar locations and pick up the purchase themselves. Nearly 67% of U.S. shoppers have now used buy online, pickup in store (BOPUS); 90% of retailers say that they plan to be offering it by 2021, and it is estimated that 10% of all sales will be fulfilled through BOPUS by 2025.

Chargebacks911, a leading dispute mitigation and loss prevention firm, cautions that while BOPUS offers omnichannel retailers an effective way to compete with online merchants and marketplaces, an uptick in consumer fraud could hamper its profitability.

Widespread BOPUS fraud first emerged in the restaurant sector, where delivery and pickup revenues are growing at more than three times the rate of on-premises sales, and where more than half of delivery or pickup orders come directly through the restaurant’s app or website.

This growth has been accompanied by a sharp increase in chargebacks; while in 2013 there was virtually no chargeback activity in restaurants, by 2018, 28% of surveyed restaurateurs reported chargeback-to-transaction ratios of 0.5% to 1.0%, and 10% had chargeback ratios in excess of 1.0%. prweb.com

Survey Shows Almost 30% of Customers Pulled Aside by Store Personnel to Check Purchases at Self-Checkout

Oregon court puts 2 per store limit on self-checkouts - Job Loss Concerns Mount
 

Clearview AI Facial Recognition Use by Law Enforcement Banned in Toronto - New Jersey - Raleigh N.C.

'Indiscriminate Scraping Of Internet Images Posses Significant Privacy Issues'

Toronto police have been ordered by Chief Mark Saunders to stop using the company’s technology, which some members began using in October, even though the force told CBC News in January that it used facial recognition, but not from Clearview AI.

“The indiscriminate scraping of the internet to collect images of people’s faces for law enforcement purposes has significant privacy implications for all Ontarians. We have made it clear in the past that my office should be consulted before this type of technology is used,” Ontario Privacy Commissioner Brian Beamish said in a statement, and urged any law enforcement agencies in the province using Clearview AI to contact his office.

Law enforcement agencies in the state were recently asked by N.J. Attorney General Gurbir Grewal to stop using Clearview AI’s facial recognition technology.

Police in Raleigh, North Carolina, have halted its use of Clearview biometrics and cut ties with the company, local paper The News & Observer reports (via GovTech). biometricupdate.com

Biometrics group comes out swinging after NIST face-scan report

Report Debunks the Skeptics on Performance

If the International Biometrics + Identity Association had wished to put skeptics and opponents of facial recognition technology on blast, it could hardly have found a better tone for it in a new report.

“This data [from a recent government report] serves to debunk the semantically-loaded misleading arguments on facial recognition performance that privacy activists have pushed in their zeal to ban a technology that enhances public safety and security,” begins the association’s report.

The trade group was jumping on findings published in December by the National Institute of Standards and Technology. In it, 189 mostly commercial algorithms from 99 developers were examined for accuracy as part of ongoing testing by the institute.

Members of the association want to persuade the government, if not people in general, that facial recognition bans and moratoriums will take a valuable and evolving tool out of the hands of law enforcement and give a technological advantage to other nations undeterred by popular opinion. biometricsupdate.com
 

Washington State Considering Allowing LP & Police to Stop Shoplifters After Concealment
Countering the increase in ORC Rep. Roger Goodman has proposed the bill. Redefining the definition of theft allowing for in-store apprehensions. Amending the definition to include concealment. komonews.com

Mass: Wendy's Agrees to Pay $400,000 to Resolve Child Labor Law Allegations
Fast-food chain Wendy’s has agreed to pay $400,000 to resolve allegations that it violated child labor laws by having teenage employees at dozens of Massachusetts restaurants work later and longer than allowed, the state attorney general’s office announced Tuesday. Wendy’s provided records to investigators, who found that the restaurant was violating two child labor laws by allowing 16- and 17-year old employees to work past 10 p.m. and more than nine hours per day.

Investigators estimated more than 2,100 violations at 46 corporate-owned Wendy’s International LLC locations across the state. time.com

Lumber Liquidators Rebranding After China Scandal - SEC Fraud Charges
& Cyber Attack

Never Recovered From 2015 China Formaldehyde Flooring Scandal

While Lumber Liquidators is already in the midst of a rebranding, a recent stock downgrade and corresponding slide in share price have led analysts to suggest the affordable flooring retailer ditch its name and begin undertaking a more drastic transformation strategy, according to an article on MarketWatch.

Intensified competition from both direct competitors in flooring and adjacent categories like home improvement are part of the reason for the chain’s current woes. Experts, however, argue the bigger problem is that the chain never bounced back from a massive wave of bad press in 2015 surrounding a scandal that branded the company’s product a public health threat.

Consumer skepticism over the chain began with a scathing 2015 expose on “60 Minutes”, which accused Lumber Liquidators of selling Chinese-made laminate flooring that contained formaldehyde in levels that exceeded California’s CARB 2 standard for toxicity by some order of magnitude.

In March of 2019, Lumber Liquidators was charged with fraud by the Securities and Exchange Commission (SEC) over statements made in response to the “60 Minutes” segment. The chain told the public that it had conducted third-party testing, which demonstrated that its suppliers complied with formaldehyde emissions standards. In fact, the chain knew its largest supplier had failed such third-party tests.

The retailer also experienced a recent cybersecurity incident consisting of a malware attack, resulting in an estimated $6 million to $8 million in damages, according to its third-quarter financial report. retailwire.com

Coronavirus Has Customs Agents on Alert
Doral, FL: US Customs agents target counterfeit goods with mandatory screening
They may look like Nike shoes, Gucci purses and Super Bowl rings, but the fakes were among the numerous counterfeit items confiscated from China at the U.S. Customs and Border Protection International Mail Facility in Doral, Florida.

U.S. Sen. Rick Scott, R-Fla., who has called for increased screenings and inspections for goods coming in from China, was given a tour of the facility following the big bust.

A major fear with products seized from China is stopping the spread of deadly diseases, including the coronavirus. “We know with the growing threat of the Chinese coronavirus that we have to be more vigilant and diligent on this,” said Scott.

In 2019 alone, 27,000 shipments were seized by CBP agents. The nearly $1.5 billion worth of goods could have impacted retailers, brands and the U.S. job market. wsvn.com

Contactless payments tripling by 2024
Juniper Research reports that contactless payments will triple to $6 trillion worldwide by 2024, from about $2 trillion this year, as OEM mobile wallet transactions increase and banks expand the use of contactless cards.

In the U.S. market, contactless transaction values are expected to reach $1.5 trillion by 2024, compared with about $178 billion in 2020.

Several major banks in the U.S., including JPMorgan Chase and others, announced plans to convert millions of credit and debit cardholders to cards that are contactless-enabled, which will allow significant increases in contactless use by customers not using smartphone-enabled mobile wallets. retailcustomerexperience.com

RetailMeNot’s 2020 Retailer Playbook
The top 10 questions we asked 5,000+ consumers and 200+ senior retail marketing leaders.

The New Black Friday - 59% Found better deals on Amazon Prime Day then Black Friday 2019 retailmenot.com

2020 Fortune's 100 Best Companies to Work For
Nine Retailers make Fortune's 100 Best.
#3 Wegman's
#12 The Cheesecake Factory
#20 CarMax
#39 Publix Super Markets
#42 T-Mobile US
#60 REI
#79 Nugget Market
#80 Sheetz
#92 Custom Ink
fortune.com

The Monitoring Association Acquires IQ Certification
The Monitoring Association (TMA) has assumed control of the Installation Quality Certification Program “IQ Certification”, the only quality control program for installations, maintenance and service of electronic security systems. informz.net

Market by Macy's - A Look Inside

Homeland Security's Updated 2020 Private Sector Resources Catalog

Survey: U.S. adults have more than $20 billion in unused gift cards or other leftover credits

Coronavirus: Fake flyers in Los Angeles target Panda Express


Quarterly Results
Advanced Auto Parts Q4 comp's up 0.1%, net sales up 0.4%, Full yr. comp's up 1.1%, net sales up 1.3%
 

Cybersecurity: the SEC Provides Guidance on Well-Known & Emerging Best Practices

Detailed Best Practice List Including Data Loss Prevention

At the end of January, the U.S. Securities and Exchange’s Office of Compliance Inspections and Examinations (OCIE) released its “Observations on Cybersecurity and Resiliency Practices” (Observations). While any guidance on cybersecurity from the SEC — one of the most active federal regulators of cybersecurity and data privacy disclosure and compliance — is welcome, the observations may not surprise those closely following privacy and cyber developments or the examinations and settlements pursued by the SEC and other regulators, such as the Federal Trade Commission.

The Observations serve as a good reminder and road map for leaders in corporate governance, compliance, law departments and technology of the best practices for both prophylactic cybersecurity and responsiveness during and after a breach. As the director of OCIE noted, the Observations are intended to foster and highlight observable best practices: jdsupra.com

What the CFO's Are Reading
Attacked by Ransomware, Many Companies Opt to Pay Up
The demanded ransom is often a moderate amount that would pale in comparison to the recovery and reputational costs for a company that refuses to pay.

To a little-noticed but alarming degree, so-called "ransomware" attacks on governments, businesses, and other entities jumped last year. In all, they rose 41% from 2018 to 2019 to more than 205,000 globally, according to newly published data.

Although not all firms pay, the security firm Coveware estimates the average payout for those that did was about $85,000 during last year's fourth quarter, and more than $190,000 in December.

Organizations have more to lose financially from the inability to conduct business than they do from just paying the ransom. Hackers know they can make a quick buck with ransomware.

Experts suspect that the actual number of ransomware attacks is much higher than the reported number, citing reasons ranging from fear of job loss, investor withdrawal, and reputational damage. cfo.com

97% of IT Leaders Say Insider Data Breaches are a Major Concern

75% Believe Employees Put Data at Risk Intentionally

Egress announced the results of its second Global Insider Data Breach survey, which looks at the causes, frequency and implications of internal security breach incidents and the perspectives of IT leaders and employees about data risk, responsibility and ownership. More than 500 IT leaders and 5000 employees were surveyed across the UK, US and Benelux regions.

In addition, 78 percent think employees have put data at risk accidentally in the past 12 months and 75 percent think employees have put data at risk intentionally. When asked about the implications of these breaches, 41 percent say financial damage would be the area of greatest impact, reflecting the evolution and implementation of more stringent data privacy regulations like the California Consumer Privacy Act.

Asked what traditional security tools they have in place to mitigate insider breach risk, just half of IT leaders said they are using anti-virus software to combat phishing attacks, 48 percent are using email encryption and 47 percent provide secure collaboration tools. More than half (58 percent) say employee reporting is more likely than any breach detection system to alert them to an insider data breach. securitymagazine.com

Customer-facing services and apps were targets of DDoS attacks at 2/3 enterprises

NETSCOUT Threat Intelligence saw 8.4 million Distributed Denial of Service (DDoS) attacks last year alone: 23,000 attacks per day, 16 every minute. DDoS attacks have grown in frequency each year for the past five years, while attackers continue to unleash increasingly sophisticated attacks.

NETSCOUT, in its Threat Intelligence Report, found customer-facing services and applications were targets of DDoS attacks at two-thirds of enterprises. Customers can act as conduits for attacks: adversaries deployed a novel technique that used attacks on client services to access core services at well-protected targets. APT groups are bumping up mobile malware use, while DDoS attacks on mobile networks jumped 64 percent in the second half of 2019. Cyber criminals widely weaponized seven new or increasingly popular DDoS attack vectors in 2019 while adding new techniques to existing methods. securitymagazine.com

The Trouble with Free and Open Source Software
A wide-ranging study by researchers at the Linux Foundation and the Laboratory for Innovation Science at Harvard has yielded vital new information on the most widely used free and open source software (FOSS) within enterprises — and potential security risks related to that use.

The researchers found that a lack of a standardized naming scheme for FOSS components has made it hard for organizations and other stakeholders to quickly and precisely identify questionable or vulnerable components.

They also discovered that accounts belonging to developers contributing most actively to some of the most widely deployed open source software need to be secured much better. A third finding was that legacy packages within the open source space are becoming riskier by the day, just like any other older hardware or software technology. darkreading.com

RSA Conference 2020 Preview

Content Director Britta Glade on Hot Tracks, Topics at This Year's Event

"The Human Element" is the theme of RSA Conference 2020, but there are plenty of technology-rich topics in store for attendees, including session tracks that focus on election security, open source tools, product security and anti-fraud.

In this interview (see audio link below photo) about the conference, which begins Feb. 24 in San Francisco, Glade discusses:

• The theme of "The Human Element;"
• New tracks and topics at this year's event;
• Highlights of the keynote sessions and new networking opportunities. govinfosecurity.com

Sessions, events and seminars to check out at RSA Conference 2020

Are Customers 'Conduits for Attacks'?