When an order processing snafu shut down the delivery operations of one of the U.K.’s largest grocery chains, the $38 billion retailer acted starkly different than the typical U.S. retailer.

The London-based 823-store Sainsbury’s grocery chain immediately issued almost a half-million dollars’ worth of £10 (roughly equivalent to $20) vouchers to some 30,000 disgruntled customers and personally–through staff volunteers and no software automation—called every one of those 30,000 to apologize and tell them about the vouchers. Read more.

A new Retail Systems Research report is challenging the way retail IT looks at application development backlogs. The report is based on a survey showing that some 79 percent of retailers have app dev backlogs of at least a year, with one-fifth of those hitting delays of more than two years.

But that’s not news to retail IT execs, who have come to see huge backlogs as a way of life. A time-revered IT tradition, if you will. The report, however, argues that the battle between system maintenance/security patches—which always get top priority—and the creation of new capabilities that the business needs should be thought of in different terms. Some are opting for outsourcing more, which would allow them to reallocate resources to accelerate new capabilities. “There’s been this shift where business has been taking more of the direction of IT investments,” said RSR’s Nikki Baird. “It should no longer be about ‘either/or.’”

The conventional wisdom has held that China is not likely to embrace E-Commerce, because of the Chinese aversion to credit payments and fears of piracy and poor quality products. But a Forbes story this week makes a powerful argument that E-Commerce—and a credit-card lifestyle in general—will be coming to China very soon and in a big way.

“In interviews the China Market Research Group (CMR) has conducted with 500 young adults between the ages of 18 and 32 in six cities across China, nearly 80 percent of respondents said they had made an online purchase in the last six months. The vast majority expected to buy something again in the next quarter. Seventy percent said they weren’t putting aside any money in savings accounts and that they would use a credit card for online purchases if they had one,” the story said, adding that the study “suggests it is a lack of credit cards and other payment options, rather than a cultural aversion to buying online, that has curtailed the growth of e-commerce in China. But the problem of payment is resolving itself. Credit card use is booming as domestic banks like Bank of China and China Merchants Bank roll out services targeting consumers in China’s smaller cities. We expect the number of credit cards in China to increase fivefold, from 56 million at the end of 2006 to 250 million by the end of 2013.”

Although the question of RFID safety has been debated extensively over the years, with conflicting study results, a major new medical study released this week points to very specific electromagnetic dangers within nine inches of the transmitter.

The highly respected Journal of the American Medical Association (JAMA) found 34 electromagnetic interference instances out of 123 tests, with 22 of them rated potentially hazardous. “Interference changed breathing machines’ ventilation rates and caused syringe pumps to stop” at a distance of about nine inches, according to a story in The Wall Street Journal. This may give serious pause to some retail IT operations, who can have dozens of RFID devices in loading docks and assembly lines, in addition to trucks and even on shelves.

In one of the first wide-scale studies of SMS’ capability to hold up under volume pressure, the technology fared “surprisingly” poorly, according to Keynote Systems. This has particular significance for retailers, who are exploring the technology’s use for mobile communications connecting to both online and in-store.

“Response times for some short codes degraded severely during the busiest hours of the day. One CSC (common short code) showed a 60 percent peak-period slowdown every day, indicating a major capacity issue was present,” Keynote said. “Many of the CSCs monitored showed significant reliability issues. Several (experienced) more than 10 hours of outage while one (experienced) more than 50 hours.” Read more.

A UK company is pushing retailers to use voice-recognition to authenticate purchases over the phone and online.

The Voice Commerce Group’s Voice Transact package has consumers call the service, quote a pre-arranged product code and then a series of digits dictated by the automated system. Verizon is involved in the rollout. VCG CEO Nick Ogden was quoted in E-Commerce Times saying that there are “current problems with the system, the biggest of which was interoperability between different banks’ systems and the standards used in the technology.”

A federal appellate court backed a group of retailers Monday (June 23)–including Best Buy, Circuit City, Costco and Lowe’s—by ruling that their gift card systems do not violate any patents.

This case has been winding its way through the federal court system for almost four years. It began when a telecom reseller called Realsource Communications said a 1998 patent protected the way it dealt with phone card payments. Read more.

Internal audit is not staffed to enforce PCI at the store level, argues GuestView Columnist David Taylor. Except for about a dozen leading retailers, most retailers do not have enough IT-skilled internal auditors to meet the requirement for a “continuous” review of store-level IT security.

Since almost no one can afford to add another group of people with both auditing skills and IT skills, nor can most retailers afford to pay consulting firms to do this, I tend to recommend very specific PCI audit training courses for your internal audit staff. One way to do this is to send them to the same two day course that PCI auditors go through. Read more.

The environmentally friendly green retail campaigns have been an embarrassing mix of pseudo-environmental policies that have little real benefit to those true policies that have real impact. Rather, these campaigns are akin to demanding that recycling be enforced.

But Wal-Mart and a handful of others have been trying to do green the right way, with policies that will have a significant environmental impact and that also improve operations. Read more.

The Moody’s Investor Service has upgraded how important a retailer’s E-Commerce activity is when assessing that retailer’s overall economic health.

Although this isn’t a radical change for the financial firm—and the thought that E-Commerce is important is hardly surprising—it’s one of several recent moves suggesting that the young teen-age Web is starting to be taken a wee bit more seriously. Read more.

When Oracle finally introduced its Retail 13 integrated suite this week, after three years of acquisition and integration, the teams working for the world’s largest enterprise software vendor might have breathed a sigh of relief. They might have hoped that the hardest part was behind them.

But creating a vast integrated suite is not the hard part. Convincing retail IT execs, worried about politics, perception and pragmatism, to turn over their most valuable data to one license-fee-hungry vendor? That’s where the real fun starts. Read more.

After three years of acquisition and integration, Tuesday (June 17) saw the official launch of Oracle’s Retail Release 13, consisting of some 33 retail applications, only four of which were new. The rollout was billed by Oracle as the be-all and end-all of end-to-end integrated retail application suites, but some analysts said the integration was lacking.

“Given that they waited so long, I would have expected better connectivity with some of the supply chain assets that they’ve acquired over the years and not have to wait until who knows when for some of that connectivity,” said AMR Research Director Mike Griswold. Read more.

North American self-service transactions will process $607 billion this year, a figure that is projected to soar to $1.7 trillion by 2012, according to a report published Wednesday (June 18) by the IHL Group.

When IHL began work on the report, “I did not expect the acceleration that we’re seeing in the out years,” said IHL President Greg Buzek. “I did not expect how fast it’s growing.”

Ironically, Buzek said, the jump in later years is being partially caused by the sales slowdowns of today. As dollars are getting tighter, retailers are pushing more sales through less-labor-costly self-checkout systems and paying for the installation of more such systems. Those additional machines, over the years, will increase the number of dollars being processed by self-service. Read more.

One of the repeated arguments made in retail data security circles is that retailers tend to have much weaker security because it’s not as much of a cultural priority as, for example, banking. So it’s a little bit consoling that the latest ATM databreach is apparently not the result of a retail breach, not the result of social engineering and the trusting bank clerk, but is the first proven incident of a bank server’s breach linked to ATM fraud.

A computer intrusion into a Citibank server that processes ATM withdrawals led to two Brooklyn men making hundreds of fraudulent withdrawals from New York City cash machines in February, pocketing at least $750,000 in cash, according to a Wired story. Although Citibank told Wired that its systems had not been breached, Citibank “warned the FBI on February 1 that ‘a Citibank server that processes ATM withdrawals at 7-Eleven convenience stores had been breached,’ according to a sworn affidavit by FBI cyber-crime agent Albert Murray.”

GuestView Columnist David Taylor suggests that a surprisingly large number of major retailers today are using inhouse or outsourced payment gateways to reduce the scope of their compliance effort, as well as their costs.

At some point in the last decade, nearly every organization involved in electronic commerce did an evaluation of payment gateways. So, what’s changed? Read more.

Are European retailers going to have any better luck than American retailers with consumer-facing biometric payments? The 750-store Albert Heijn supermarket chain, the largest such chain in the Netherlands, is about to find out.

While various European chains (such as Germany’s Wagener Department Stores) have enjoyed modest success with biometrics, the Albert Heijn chain’s June 17 statement said it would commit to the trial for six months.

One day after lawyers presented a proposed settlement in the Ameritrade 6.2 million-customer data breach, a U.S. federal court judge has tentatively rejected the settlement (on June 13), questioning the value of the deal for the consumer victims and the size of the $1.87 million attorneys’ fees.

San Francisco-based U.S. District Court Chief Judge Vaughn R. Walker gave lawyers on both sides until June 26 to address his concerns. The judge didn’t specifically say that the lawyer’s fees were too high, but merely that “plaintiffs’ counsel has not established the basis for its fee request,” leaving himself the opportunity to potentially approve the figure if he is satisfied with a justification. Read more.

A pair of unrelated reports out this week are challenging several fundamental IT security assumptions, including that data breach laws will reduce consumer losses and that insiders account for more thefts than external evil-doers.

A Verizon Business security report analyzed more than 500 data breach incidents over four years and found that 73 percent started from the outside and only 18 percent were inside jobs. Read more.

Incidents at Amazon and Ameritrade this week raise troubling questions about whether secrecy is used far too often and too quickly. Let’s say that a large Nordstrom’s store suddenly—without explanation—shut its doors at noon on a weekday, refusing to let anyone in. After several hours, the doors opened and people were let in, with no explanation. On the next business day, it happens again. And, again, no explanation.

The hypothetical Nordstrom example shows how much less respect is paid to the online consumer than the brick-and-mortar one. Does the inherent anonymity in the Web cut both ways? Like the site visitors emboldened by their namelessness who post comments and get into flame wars that they would never have the nerve to try in person, are E-tailers treating their customers with a disrespect that they would never dare consider in a physical store? Read more.

After admitting it had security holes that allowed a security breach of more than 6.2 million customers, attorneys for TD Ameritrade this week agreed to a settlement of a class action lawsuit.

The 74-page settlement outlined several efforts by Ameritrade, but it did not include any cash payments to the consumers who sued the company. Among the agreements were that Ameritrade will warn consumers about investment SPAM, pay for limited security testing, seed E-mail accounts seeking violators, pay $20,000 to the Honeynet Project and $35,000 to the National Cyber Forensics and Training Alliance as well as buy some of the impacted consumers a one-year license for an Ameritrade-selected anti-SPAM software package. Read more.

E-tailers in continental Europe are just now starting to get hit by slower growth, but they are still shining much more brightly than their U.S. counterparts, according to new figures from eMarketer.

In the first five days of sales earlier this year, French trade group FEVAD noted a 25 percent rise in revenues from nine leading online retailers in 2008, compared with the same period in 2007. “The group predicts that B2C e-commerce will grow 30 percent this year,” eMarketer said. “That is down from 35 percent in 2007, but still quite healthy.”

GuestView Columnist David Taylor thinks of logging and envisions Rodney Dangerfield.

“Whether we’re talking about logs generated by network or application firewalls, intrusion detection systems, file integrity monitor tools or the operating systems themselves, I’ve come to the conclusion that the only people who don’t hate them are the vendors who sell them. But, whether we hate them, disrespect them or merely ignore them, we need to learn to live with them.” Read more.

Just in time for Friday the 13th, Oracle is finally ready to unveil Oracle Retail V 13, with a formal rollout slated for Tuesday (June 17).

Oracle’s main retail suite is not expected to undergo any radical changes (even the name change is expected to be slight); it’s mostly claims of better integration and interoperability.

For the second consecutive workday, Amazon.com suffered a major crash on Monday (June 9), with the increasingly unlikely scenarios explaining why the historically robust site is failing.

The cause of the crash, which apparently took the weekend off after bringing down Amazon completely on Friday for almost three hours before seriously (but less severely) slowing down Amazon for several hours on Monday, ranged from excessive site sophistication to some kind of malware attack or excessive load. Frustratingly, there are reasons to discount all three scenarios. The fact that Monday’s slowdown was global–while Friday’s was solely domestic–complicates matters. Read more.

E-Commerce leader Amazon.com completely crashed for almost three hours on Friday afternoon (June 6), with one Web site performance tracking firm attributing the crash to excessive site complexity.

“One thing that is true about Amazon’s site is that it is very complex, utilizing numerous backend database, proxy servers, distributed application and Web servers, lots of dynamic images, etc.,” said Shawn White, director of external operations at Web site performance tracking firm Keynote. “Even accessing the homepage involves complex multi-step interactions between the Web browser and a number of backend systems within Amazon.” Read more.