The Epsilon Imperative

CMOs: Is your brand in the crosshairs?

IN WHAT SOME observers say was the largest breach of consumer data in history, this week servers at Epsilon Interactive, a database services company based in Irving, TX, were compromised by hackers, exposing the names and email addresses of millions of American consumers to the spam-o-sphere.

Within hours, alerts hit my personal inbox from Kroger, Target, Walgreen and HiltonHHonors informing me that they had been struck and that one of my addresses was now in the wild. Why did these gigantic companies have my email address stored in Epsilon servers? Simple. I am enrolled in their frequent shopper programs. And until now, Epsilon was as reputable and secure a place as you could get to host your customer data.

Which partly explains why the 50 or so huge retail and consumer-facing companies whose customer email lists were exposed by this attack include the likes of Best Buy, HSN, CapitalOne, Citigroup, JPMorgan Chase, Marriott and TiVo. These companies depend on email communications for the inexpensive delivery of relevant messaging and offers to their customers. Now each of them has been forced to warn their customers about the potential for spam and phishing attacks. By email.

The implications of this are quite chilling, and should give pause to every Chief Marketing Officer and Chief Customer Officer charged with the custody of shopper relationships and brand equity. Shareholders had better pay attention too. This, my friends, is your first early warning. I call it the Epsilon Imperative.

First, the good news
It could have been worse. While the data quantities are vast, and the affected brands are iconic, at least the damage was limited to names and email addresses, we are told. Wholesale identity theft does not appear to be a great direct risk, although enterprising list dealers and data miners will be tempted to merge the email address tables with other lists, thus creating more complete profiles for future exploitation.

And the email notices I received came fairly promptly. Well, one from McKinsey Quarterly arrived within hours of the media alert on Saturday. Walgreen and Fry’s (Kroger) got their notices to us later the same day. Hilton and Target waited until after the weekend. (OK, timings of the last two are really not that impressive, come to think of it.)

The positive take-away is that most of the frequent shopper/guest list owners exhibited some consciousness of responsibility for the incident, even though it was caused by an outside criminal act against a third-party service bureau (Epsilon). They acted promptly, recognizing that shoppers and guests must be made to feel that the brands have their best interests at heart. Failure to inform would be a lapse of good faith.

Why marketers should care
While preserving public confidence and brand equity are major concerns, this is only one factor for top retail and hospitality executives. Another, less-understood implication is legal regulatory exposure. This is an area that evolved rapidly following the notorious TJX data breech of 2005, which exposed 46 million credit card numbers but did not come to light until 2007.

California led the pack with the first security breech notification legislation in 2008. But the model for this legislation came not surprisingly in the state of Massachusetts, where TJX is headquartered. At least 46 other states followed with their own versions.

The Massachusetts General Law titled, “Standards for Protection of Personal Information of Residents of the Commonwealth” (Chapter 93H), defines a comprehensive set of data security obligations on businesses, including the development and maintenance of a “comprehensive written information security program.” Deadline for compliance with this law was Mar. 1, 2010.

Several legal scholars have observed that the Massachusetts law would apply to every company who has even one list member residing within the state. It also sets the best practice standard for written information security programs. Since modern ecommerce is “borderless,” many companies will be subject to such oversight in every state.

This means that any company with a direct marketing or frequent shopper list that fails to prepare and maintain a private data response plan may be exposed to dozens of lawsuits imposed by state attorneys general. Legal fees and fines can spiral out of hand, and the secondary damage to brand reputation may be multiplied along with it. It seems that loyalty programs just got harder to operate.

Protect your shoppers – and your brand
What can a responsible marketing executive do to protect customers and company from the cascade of negative consequences that may result from the inevitable data breech? Maintaining state-of-the-art data security measures and the comprehensive written information security program are certainly essential. CIOs worldwide work feverishly at data security, but it’s up to the CMO and CCO to protect brand and customer equity by ensuring that sound response plans and practices are put into place.

A great many consumer-facing businesses consider loyalty and relevance-based marketing to be essential competitive activities. Shoppers and consumers have come to expect the personalized services and rewards promised by these programs. Firms depend on their customer databases to deliver crucial insights that enable efficient and well-targeted marketing programs.

In light of the Epsilon event however, retail and hospitality CMOs and CCOs now face a new imperative. They must confront new questions like:

  • How is the consumer’s perception of our brand affected now that their information has been violated?
  • Is the value of our brand and customer equity negatively affected by a data breech? How bad is the damage?
  • Are we prepared to demonstrate our diligence to our customers and card holders by mobilizing rapid notification and protective actions?
  • What compensation can we provide to the consumer for their discomfort, angst, worry?
  • Can our forthright response turn a data breech into a service recovery opportunity so that we gain trust, not lose it?

In today’s world, the relevant question regarding data breeches is not “If?” but “When?” Set against the emerging legal backdrop of state and foreign regulations, this means loyalty and direct marketers must maintain a dynamic preparedness and response plan that can be instantly triggered in the event of a negative event. This is a capability few companies have today, but one that all should acquire.

© Copyright 2011 James Tenser

Tenser to Lead NARMS Webinar: “Whose Store Is It, Anyway?”

THE DIRECTOR of the In-Store Implementation Network, James Tenser will pose this provocative question in a 60-minute Webinar hosted by NARMS, the National Association for Retail Merchandising Services.

The Webinar will take place at 1:00 PM Central on Thursday Oct. 28. Review the program here.

Currently some larger Merchandising Services Organizations and Sales/Marketing Agencies are offering proprietary Store Execution Management software to retailers as a value-add. The implications are complex, and they have potential to affect core business practices, including the establishment of what might be called “merchandising captains.”

Should retailers accept “free” SEM software provided by their MSOs and SMAs? Who gains? Who loses? Who should own the data? What other implications of this practice need to be examined for the best interest of our industry? Tenser will explore these issues and answer questions in a lively online program.

(Special Offer: NARMS normally charges guests $99.95 to attend its webinars, but has generously extended a discount price of $29.95 for ISI Network Members. To register, phone the NARMS office at 888-526-2767 and tell them you’re one of us.)

© Copyright 2010 James Tenser

Six Dimensions of Shopping Time

When retailers seek to optimize the shopping experience and understand channel choice, much consideration is given to aspects of convenience. The literature generally breaks this down into two core elements: effort and time. For brick and mortar stores, the goal is to make shopping as easy as possible, and attractively quick, but not so fast that sales opportunities are missed during the shopping trip. In a multichannel environment, the puzzle gets more intricate.
Shopping time covers multiple factors, including hours of operation, travel time, search time, time to check out, delivery time, and time to return. So time-saving convenience is highly conditional:

  • A mother will drive across town to a 24-hour drug store at midnight when she has a sick child, but she may leave a convenience store when faced with a long checkout line during the morning coffee rush.
  • An electronics shopper may spend hours researching flat screen TV prices online but grow impatient when forced to wait 10 minutes for sales help at the local electronics superstore.
  • A discount store shopper may watch TV at home four hours a day, but will attend to an in-store digital screen for exactly eight seconds before moving on to the next purchase task.
  • An online shopper will gladly wait three days for free delivery of a purchase from a multi-channel retailer, but grow agitated waiting five minutes to return the same item at a local branch store.

These examples are illustrations of what I observe to be six dimensions of shopping time. The academic literature generally identifies four of these:

1) Time to access (i.e. to reach the store or shopping site)
2) Time to search (i.e. to identify and select product to buy)
3) Time to transact (i.e. to complete the purchase transaction)
4) Time to possess (i.e. to physically obtain the purchased merchandise)

This classification may not reflect a complete picture of the influence of time on consumers’ retail channel choices however. I would add two additional time elements to the list:

5) Time of operation (i.e. days and hours that the retailer may be patronized)
6) Time of return (i.e. to return an item for refund or credit).

Considering these time factors is especially important as we reason about the choices shoppers make between options in a multichannel environment. It takes minutes to find and order a book on Amazon.com – even at midnight – versus an hour or more to stop by Borders during business hours and search the shelves, but the Borders shopper may leave with the book in hand, while the Amazon.com shopper waits days for delivery. Which is more convenient? Well, it depends…what did the shopper need most at that moment?

Leading multichannel retailers give deep thought to understanding this complex of time-saving behaviors. The best evidence that I’ve seen is the growth of “order online, pick up in store” service offerings at some consumer electronics retailers. Instant gratification is still a motivation, but shoppers like the protection from stress that comes with pre-shopping on line in the calm safety of the family den.

Shoppers’ time-related behaviors, I think, are relatively independent of current economic conditions. In general they will choose the options that suit their need states of the moment. At the same time, we may observe that some shoppers will devote more time and effort to planned shopping trips by clipping coupons, preparing lists, and advance online price comparisons, especially as retailers continue to make these activities as time-efficient and easy as possible.

But the general rule (and its inverse) still applies in retailing: Time is more valuable than money for shoppers who have more money than time.

© Copyright 2009 James Tenser

SCAMP: Five Pillars of Shopper Experience

I HAD AN INVITATION recently to address an executive summit on Shopper Experience on the subject of In-Store Implementation. Regrettably, the event did not materialize, but the thought process it inspired could not be stopped. I decided to capture some of it here in the Tirades.

But first, are you experienced?

If you have ever shopped, of course you are. Shopper Experience is one of those big ideas that is hard to define because it encompasses everything we encounter in connection with a retail shopping visit. It begins with the traffic on the drive to the store, takes in the sights, sounds and smells of the store environment, and layers on the actions that take place while we are there. It probably even extends to the drive home and the interaction with purchased products.

Wikipedia defines it this way: “Customer experience is the sum of all experiences a customer has with a supplier of goods or services, over the duration of their relationship with that supplier. It can also be used to mean an individual experience over one transaction.”

A large and complex construct, as the consumer behaviorists might say. To my mind, Shopper Experience cries out for a bit of de-construction. I took a crack at it.

As I see it we can break down the shopping experience into five “pillars” or components. Taking each in turn may make the whole concept easier to grasp for purposes of analysis. More importantly, it may lead us toward practical ways to improve the whole shopper experience by optimizing its elements.

My proposed five pillars of Shopper Experience are: Service; Convenience; Ambiance; Merchandising; and Price (SCAMP). I’ve thought about these pretty carefully and I believe this breakdown meets the MECE test. That is, they are mutually exclusive and collectively exhaustive. Each of the five pillars merits its own definition, and each encompasses much detail. For the purposes of the present post, let’s briefly define each:

Service. People, practices, policies, and the training that enables them. Top performing retailers excel at both hiring the right people and setting service practices that sustain and support their success.

Convenience. Both time-saving and effort-saving. Sometimes the line between time and effort may be blurred with other pillars – as when it takes too much effort to locate a desired product. Is that a merchandising problem?

Ambiance. Physical design of store environment, including lighting, spaciousness and other sensory cues like temperature, odors, and sound. And yes, other patrons figure into this experience pillar – we tend to like to shop with people like ourselves.

Merchandising. The product assortment; their arrangement on shelves or displays; all associated messaging designed to inform and persuade.

Price. Base or every-day pricing and store price positioning, of course, but also promotions and markdowns when they occur. Shoppers tend to form a relative price-value perception or price image for each retailer based on all these cues.

SCAMP is submitted for your consideration. I find it a useful first cut at analyzing Shopper Experience. Of course, each of the five pillars merits much more detailed discussion. That’s an opportunity for future Tirades.

© Copyright 2008 James Tenser