StorefrontBacktalk » E-Commerce

ISIS Launches Trial With Significantly Fewer Retailers Than Planned

Frank Hayes and Evan Schuman — Thu, 17 May 2012 06:12:06 +0000

ISIS has finally named retail names for its mobile-wallet trial this summer in Salt Lake City and Austin. On Tuesday (May 15), the mobile-operator consortium announced that some (but not necessarily all) area Macy's, Dillard's, Foot Locker, Champs Sports, Aeropostale and Jamba Juice stores will be accepting mobile payments during the ISIS trial, along with 19 local merchants in Austin and 29 more in Salt Lake City.

That's not a bad turnout for a normal technology trial. But ISIS is promising just hundreds of locations in cities with a total population of nearly a million—and considering the weak consumer response so far to mobile wallets, anything less than an overwhelming assault may already be doomed.

JCPenney IT “Is A Mess,” Says COO

Frank Hayes — Thu, 17 May 2012 04:29:35 +0000

Now it is IT's turn to take the blame for JCPenney's woes. On Tuesday (May 15), JCPenney COO Michael Kramer told analysts that problems during the chain's terrible first few months under its new "Fair and Square" pricing approach (store traffic down 10 percent, sales down 20 percent) were compounded by out-of-control inventory management and legacy system maintenance that ate up 90 percent of the IT budget—both fundamentally IT problems.

The result: It costs JCPenney at least $600 million per year more than it should to run the chain—which explains a lot about the quarter's $55 million operating loss. "I can think of no other thing to say about our systems and our IT infrastructure, and I have seen a lot of them: It's a mess," Kramer said.

The Delicate Legal, Ethical Dance Of Selling To Children

Evan Schuman — Thu, 17 May 2012 02:16:40 +0000

Here's one for the marketing ethicists out there (is "ethical marketing" an oxymoron?): 18-year-olds come into the retail CRM world as clean slates, even if they have been active E-Commerce and M-Commerce shoppers for eight or nine years. It is illegal to solicit or sell data about children younger than 13—and what can be collected and used about those aged 13 to 17 is highly restricted. When that veteran shopper turns 18, though, can all of his or her juvenile shopping history be sold or even used?

One online payment vendor is preparing to sell tons of youth purchase data—apparently, this is the first time anyone has tried—avoiding immediate legal problems by offering the data in aggregate.

Doing Online Fulfillment In-Store Is Harder Than Macy’s Thought

Frank Hayes — Thu, 17 May 2012 00:37:10 +0000

Macy's efforts to move online order fulfillment into almost 300 of its stores this year got a look from the Wall Street Journal on Monday (May 14), and the result wasn't pretty: The Journal described the in-store Macy's distribution center in a Paramus, N.J., mall as "a dimly-lit, makeshift packing area" and said workers struggled to find merchandise in the store that exactly matched orders specifying colors like "journey" and "magical." Amazon this ain't.

The irony is that Macy's may already have the answer to its product-finding problem—by leveraging a completely different in-store IT initiative.

IKEA’s Online Inventory Problem: It’s Here, But You Can’t Have It

Evan Schuman — Thu, 17 May 2012 00:06:12 +0000

Right before the 2011 holiday season went into ultra-intense mode (in November), IKEA Canada made a key change to its mobile and E-Commerce product availability system. Like many warehouse operations, IKEA crams an awful lot of merchandise into its stores, with much of it dozens of feet in the air, accessible only via forklift.

Under the old system, the site would tell customers that an item was in-store when it was at that store, not differentiating between a product at a lower level and one at a higher level. The problem: Because IKEA safety procedures prohibit forklifts from being used when customers are in the store, customers would come in to purchase their reserved sofa or table, only to be told that it can't be accessed and that they must return some other day.

Do In-Store Sales Just Move Online? It’s Never That Simple

Frank Hayes — Wed, 16 May 2012 23:17:04 +0000

Is online-versus-in-store a zero-sum game? Retailers with E-Commerce experience know the answer, but financial analysts have a different view. In a report this month on online retailing, Citi hits the points you'd expect: Showrooming is bad; "omnichannel" is good. But one of the report's "questions that remain" will likely raise your blood pressure: If, say, 12 percent of your sales are now online, "does that mean that bricks and mortar retailers need 12 percent fewer stores?"

It's a question that makes perfect sense to stock watchers—but it completely misunderstands how merged-channel retail works.

Yes, Virginia, We Really Do Need A QIR Program

Walter Conway — Wed, 16 May 2012 14:41:07 +0000

Integrators and resellers seem to be resisting a program that would provide stronger enforcement over, well, integrators and resellers. PCI Council General Manager Bob Russo talked with PCI Columnist Walter Conway about the resistance (the program is "sorely needed"), the pricing and the nature of the training. And given the number of industry insiders Russo worked with to create the program, he bristled at the suggestion that the Council worked in a vacuum on this one.

Russo said the training will be an online course so nobody should have to travel, Conway writes.

Big Data Is Exactly What You Think It Isn’t

Todd L. Michaud — Wed, 16 May 2012 14:13:38 +0000

Who cares about Big Data? You should. All of a sudden, Web logs that were kept simply for troubleshooting purposes can now be mined to determine valuable information about customers' preferences, writes Retail Columnist Todd Michaud.

Logs that are created by physical machines can now be analyzed en masse to look for information to help advance a business. Data from social networks can now be mined for customer sentiment. These problems were too big and too complex before. But now, answers are within reach.

A Better Way To Search StorefrontBacktalk

Evan Schuman — Wed, 16 May 2012 13:45:36 +0000

With more than 3,000 stories, columns and GuestViews in the content database here at StorefrontBacktalk, we thought it was time to do a little upgrading. Starting this week, readers (both free and Premium) can search for stories by limiting the search to just the story’s headline—as opposed to the headline and the full text. (Note: Right below the search bar, readers can choose HED Only or Story And Hed.)

The ability to isolate a search to the headline can be useful in two ways. If you happen to remember that the headline mentioned Target, for example, you need not see every story that mentioned Target (or even used the word “target”). The second way is practical. If you want a story that is primarily about tokens—and not a story that merely mentions the word somewhere—the headline-only search can be helpful.

JCPenney Dumps Associate Sales Commissions

Evan Schuman — Thu, 10 May 2012 05:05:39 +0000

As JCPenney continues to recover from its self-inflicted nice-price-all-the-time effort, the chain's latest cost-cutting move came this week when it quietly killed associate commissions and cut back many of their hours. Cost-cutting is fine, but killing commissions right now—as it desperately tries to fight off E-tail incursions in its stores—seems stunningly ill-advised.

As retailers complain about showrooming—and its posterchild, Amazon—the only meaningful way to fight back is to make the store experience so pleasant, efficient and fun that consumers would much prefer to shop than click away on a phone, tablet or laptop.

MasterCard Aims To Take Mobile Wallet Rivals Apart

Frank Hayes — Thu, 10 May 2012 03:08:06 +0000

What Google, PayPal and ISIS are trying to assemble in mobile payments, MasterCard wants to dismember. On Monday (May 7), the number-two payment-card brand unveiled a mobile wallet and an E-Commerce payment system that are designed to cut out any middlemen horning in between customers and retailers and payment networks.

Ironically, while MasterCard's PayPass Wallet for NFC-equipped phones got most of the attention, that's still largely a pipe dream—MasterCard hasn't even talked any mobile operators into giving it access to the NFC chip. But the online payments effort will offer tokenization to reduce PCI scope for E-Commerce. The bad news: You can probably forget about any interchange relief.

Peapod’s QR Train Station Grocery Trial Shows Mobile Bias

Evan Schuman — Thu, 10 May 2012 02:48:03 +0000

In a series of mobile trials in subway and train stations in Philadelphia and Chicago, online grocer Peapod has been trying to drive sales of milk, diapers and dog food to commuters with a few minutes on—and a smartphone in—their hands. The trials had to deal with mobile technologies with a very uncertain future—such as QR codes—and the frustrating logistics of demoing in cramped public transportation centers.

Peapod got the idea from a wildly successful mobile QR trial that Tesco did in South Korean subways. Peapod's attempt is apparently the first to try and replicate the Tesco efforts in the U.S.

The Analytics Hole: Does Anyone Connect The Dots From Mobile To Web To In-Store?

Evan Schuman — Thu, 03 May 2012 03:10:01 +0000

Retailers spend an awful lot of time and money gathering and analyzing online and in-store stats about customer behavior. But what most seem to not do is try and connect the dots.

What did the shopper do right after scanning that barcode? If the answer can be found in mobile analytics data, you're fine. But if the answer can only be found by overlaying that mobile data with in-store CRM data, most won't see it. What about synching E-Commerce activity with calls to the call center two minutes later? Or linking an E-Commerce search to an in-store POS action 20 minutes later? How about social activity matched with any of the above?

Macy’s, Amazon CFOs Say The Darndest Things

Evan Schuman — Thu, 03 May 2012 00:28:04 +0000

Two major retail CFOs in the last week both spoke with unusual candor. The Macy's CFO admitted how much she doesn't like coupons, but said that efforts to minimize them are doomed to fail.

And Amazon's CFO offered two interesting stats: One shows that Amazon is collecting a lot more state sales taxes than is generally perceived, and the second reports that almost 40 percent of Amazon's sales these days are not from products the E-tailer directly sells.

“Careless” Systems Integrators Now Directly Under PCI DSS

Walter Conway — Wed, 02 May 2012 23:07:29 +0000

Mistakes made by careless or incompetent payment application installers or system integrators have led to far too many data breaches over the years. In each case, even though the reseller or integrator made the mistake, the merchant bore the ultimate responsibility.

Unfortunately, system resellers and integrators formerly fell in a governance gap in PCI, and their actions were outside the PCI Council's jurisdiction. PCI Columnist Walter Conway says "were," because that situation is about to change.

Walmart’s Online Cash Creates New Fraud Problem

Evan Schuman — Wed, 02 May 2012 20:51:03 +0000

When Walmart launched its E-Commerce cash program on April 26, did it open the door to evil-minded rivals by giving them the means to falsely lock up merchandise? That is just one example of the many implications behind Walmart's move to enable people to use cash to make online purchases.

Beyond new security holes on the risk side, the reward side is equally huge. While everyone seems to have focused on the general unbanked audience, a much more interesting prospect for this program is teenagers. Plus, this is sort of an anti-showrooming move, where online shoppers are being lured into the stores. Revenue sharing between Walmart channels is also a point of nervousness with this program. And a store's inability to cancel such online orders—even if the customer then finds the item on the shelf—is problematic, too. This is a rare example of the kinds of compromises—between online and in-store operations—chains must make these days.

Google Trusted Stores Is Perhaps Too Trusting

Evan Schuman — Thu, 26 Apr 2012 05:24:07 +0000

Google is trying to expand its Google Trusted Stores program—where participating retailers give Google average shipping times and Google grades them on customer resolution issues—by letting merchants display the results in Google ads. But there’s an issue with the Trusted Stores program itself, and it speaks to trust.

The idea that this is a good guide for consumers to find responsive retailers has two hurdles. First, retailers who know they have issues would simply opt to not participate, which itself skews the results, along with the fact that many merchants (especially smaller ones) are unaware of it. Second, there is little to no verification of the results. Beyond delivering misleading or outright wrong figures for customers, it does a disservice to honest retailers. Without verification and a much more representative sampling of retailers, it’s not clear how meaningful these declarations—whether or not they are on Google ads—can be.

Walgreens’ Searchable Database Of Employee Expertise Has Huge Potential

Evan Schuman — Thu, 26 Apr 2012 05:10:26 +0000

On Tuesday (April 24), Walgreens rolled out what it calls the “first online find your pharmacist” search tool. The idea is that different pharmacists have different backgrounds, different specialties, and this approach enables customers to connect with someone best suited for their medical issues. Whereas this specific app is narrowly focused on drug stores, could the concept work in other areas of retail?

What if chains asked all associates to pour into a database their specialties and backgrounds? What if a Best Buy site could steer you to a store and a specific associate who owns—and is, therefore, highly familiar with—your specific surround-sound system? What if you are a cross-country athlete and want to find a Sports Authority associate who is an expert in that specific sport? Perhaps the database might reveal a much more narrow area: A Macy’s associate who is familiar with Irish wedding gift traditions. A Home Depot employee with experience restoring Victorian mansions. The idea of creating an extensive, searchable database—Web-accessible, too—of all of your associates’ experience and expertise seems relatively low cost with two huge upsides. One: Possible new sales. Two: The very act of creating such a database sends out the message of credibility and a true desire to help the customer.

IKEA’s Clever Banner: Ugly, Difficult To Use And Utterly Perfect At Making Its Point

Evan Schuman — Thu, 26 Apr 2012 04:55:37 +0000

One of the problems with Web ads that try to be clever or funny is that they are rarely strategic. So they might be really funny—and get passed along to many prospects—but customers remember the situation and not the brand. Or they remember the brand, but not any positive attribute. IKEA, though, has crafted an almost unreadable Web ad that is positively brilliant at making its point.

The point of the campaign is that IKEA makes a wide range of furniture to fit in almost any space. So in what the chain is calling “the smallest IKEA store in the world,” it has made a 10.5×8.8 centimeter banner ad that literally lists some 2,800 products. It’s done by mousing over parts of the ad to reveal more and more products. In this rare situation, the Web ad is ugly, difficult to use and utterly perfect at making its point. IKEA discussed it in a one-minute video.

Best Buy Express Kiosk Acting Very Differently Than It Was Supposed To

Evan Schuman — Thu, 26 Apr 2012 04:37:43 +0000

Best Buy will "reexamine our processes around the Express kiosks" after an embarrassing column from a Time Magazine writer, who just happened to try one of the machines at a Hilton in Chicago. The tested Best Buy Express kiosk—which is owned and handled by a vendor that also creates them for Macy's and Apple—referred the customer to "a store representative" even though there obviously were none, offered an electronic receipt but then forced a written one and, most critically, offered significantly stricter rules for product return.

All this despite a rule that the kiosks are supposed to have the same policies as Best Buy stores. This situation also renews questions about how much—or how little—control retailers should have over kiosks that loudly proclaim their brands.

eBay iPad App To Synch Auctions With TV Shows

Evan Schuman — Thu, 26 Apr 2012 01:43:17 +0000

When we talk about merged channel, we're generally talking about the interaction of mobile, E-Commerce and in-store, plus perhaps some call center activity. But eBay is now prepping an app that is trying to overlap mobile—in this case, an iPad tablet—with television.

eBay CEO John Donahoe said the upcoming app is designed to function with specific TV shows, where it markets items that relate to the show. "You enter whatever channel you're watching and the TV show that you're watching. eBay inventory associated with that TV show pops up, and it's a very compelling experience," he said. How far could this go?

E-Nightmare: Minors May Not Have To Pay For Downloads

Evan Schuman — Wed, 25 Apr 2012 23:47:10 +0000

In Mark Rasch's legal column this week, he points out that online purchases by minors are a potential legal nightmare and that a federal judge is now deciding the retail issue. But what if the case goes against retailers? Frighteningly, the way many digital purchases are processed makes it all but impossible to comply with the law.

How could iTunes refund an already listened to song or an already played game? That's not merely a business/profit question. From an IT perspective, there is often no mechanism to do it. What might start out as a legal problem will almost instantly morph into an IT problem.

Angry Nerds: The iTunes Youth Legal Nightmare

Mark Rasch — Wed, 25 Apr 2012 23:40:39 +0000

It's not just those birds that are angry these days. The process by which Apple allows teens, pre-teens and even toddlers to download free apps, and then purchase game currencies within these free apps, may have landed the computer giant in hot water—with both parents and at least one federal district court in San Jose.

The case revolves around a longtime legal reality: Minors cannot agree to a contract. If they pretend to agree, it's non-binding and can't be enforced, writes Legal Columnist Mark Rasch. But what if an adult gives the child their password and permission to make a purchase? It's still the child doing it and the contract, therefore, probably can't be enforced.

Home Depot’s SEO Furor

Evan Schuman — Thu, 19 Apr 2012 02:59:30 +0000

What began as a Home Depot effort this month to get installers to boost the chain's Web traffic has morphed into a strange SEO Google mess, with a Home Depot E-mail encouraging those service providers to use invisible links on their sites.

This is not merely an issue of violating the rules of a major search engine. A lot of these partners—carpet installers, for instance—have minimal E-Commerce teams, which means they rely on partners such as Home Depot for E-Commerce guidance. And when chains give advice that is false and endangers the ranking of the sites of those partners, it is a problem.

Wal-Mart MoneyCard Break-In Offers Lessons For New Payment Tactics

Evan Schuman — Thu, 19 Apr 2012 01:14:34 +0000

As retailers accelerate payment experiments, a recent Wal-Mart experience with a well-established approach offers a cautionary tale. A Buffalo, N.Y., woman this month walked into her local Wal-Mart, gave an associate $1,000 in cash and asked for it to be loaded onto a Walmart MoneyCard, in preparation for a vacation. A couple days later, the customer discovered that the money had been removed by a thief in another country.

The fact that it was a thief who stole the funds is undisputed. However, the immediate next actions of Wal-Mart and Green Dot—which manages MoneyCard for Wal-Mart—is a textbook example not of what should not be done, but how it shouldn't be done.

The Sign Of POS Hardware End Times: IBM Sells All Of Its Point Of Sales To Toshiba

Evan Schuman — Wed, 18 Apr 2012 15:55:48 +0000

When IBM on Tuesday (April 17) announced it was selling its entire POS business to Toshiba TEC for US$850 million, it was arguably the most explicit sign yet that the retail POS hardware business is on its last legs. Not IBM's POS business, but retail POS activity in general.

Beyond IBM's history of selling out key areas (printers, laptops, disk drives, etc.) a year or so before the market is about to die, this time it's the popularization of in-store tablets along with the integration of mobile and E-Commerce that is aggravating POS's demise. Retail Columnist Todd Michaud predicted in January that this year would see the death of the traditional POS. IBM apparently agrees. (Related Story: Unhappy With Your POS System? Take A Peek At Your Last POS RFP. Don't You Feel Bad Now?

A Real Sign Of Change At Wal-Mart: The Board Adding A Google VP

Evan Schuman — Tue, 17 Apr 2012 23:02:56 +0000

When Wal-Mart announced Monday (April 16) that it was nominating Google exec Marissa Mayer to its board of directors—indeed, it was expanding the size of the board so she could be added—the retailer telegraphed an awful lot about its thoughts on social media, merged channel and, in particular, mobile.

It's striking, though, how much of a contrast the 36-year-old Mayer makes compared with the existing members—with an average age of 60, the board is heavily weighted with CEOs of non-tech companies, venture capitalists and Wal-Mart veterans. The board seems to be acknowledging that it may not be the ideal group to oversee Wal-Mart's moves into the worlds of Twitter, Facebook, YouTube, geofencing and Foursquare.

KFC Learns The Dangers Of Social Media Empowerment

Evan Schuman — Mon, 16 Apr 2012 17:52:28 +0000

Empowering retail employees is certainly a wonderful thing, and nowhere is the potential for empowerment more explicit than with social media. But that cuts both ways, as it also enables one or two careless employees to do more damage to the brand than would have ever been realistically possible before. Consider this month’s stunner from KFC.

As has been widely reported, someone in the chain’s Thailand operation saw the 8.6 magnitude earthquake hitting northern Indonesia as a marketing opportunity and posted on the company’s Facebook page: “Let’s hurry home and follow the earthquake news. And don’t forget to order your favorite KFC menu.” Beyond the marketing disconnect (other than a tie-in of “disaster for your health” compared with “disaster for your planet”), the odd phrasing (does KFC Thailand have multiple menus and consumers have their favorites? Wouldn’t it be “order your favorite item from KFC’s menu?”) and the big bucket of a lack of sensitivity, this post raises a fundamental social media issue. Does the ease-of-use mean that chains have to remove all approval efforts for marketing messages? Five years ago, could a few employees have done this much damage so easily?

New Jersey Giftcard Law Is Much More Complicated For Retailers Than Even Its Critics Believe

Frank Hayes — Thu, 12 Apr 2012 04:31:47 +0000

The great New Jersey giftcard exodus continues. On April 5, Blackhawk Network and InComm announced they'll pull their giftcards from New Jersey retailers to avoid a new state law requiring them to collect and store the purchaser's ZIP code. (American Express giftcards are already gone from the state.) Their complaint: It's an IT project that's all cost and no business benefit. But in a merged-channel world, that's not the only problem with the new law.

In fact, what lawmakers probably thought was a simple idea runs into a buzzsaw of complexities—and the IT project is the easiest part of the problem.

Best Buy’s Last Hope: A Radical Reversal On Customer Service And Credibility

Evan Schuman — Thu, 12 Apr 2012 03:02:06 +0000

Whether Best Buy has a long-term future in retail is an open question, but it certainly won't get there with a price war against a well-resourced E-tail giant. Our unsolicited advice: Best Buy has one shot—an expensive, painful, highly disruptive shot—to truly turn itself around. It must embrace customer service in-store to an extent that would make Nordstrom blush. That means store associates who are true experts in the electronics they are selling.

In short, it means beating Amazon not with price cuts—which would only reinforce a cheap quality reputation while gutting already thin margins—but by delivering the type of buying advice and pleasant environment that Amazon can't touch.

Sorting Makeup By Age, Hair Color And Ingredients. Sephora’s Customization Effort

Evan Schuman — Thu, 12 Apr 2012 02:22:37 +0000

When Sephora, the global cosmetic chain, updated its Web site on Monday (April 9), it made some very impressive tagging decisions to enable personalization at the age and makeup ingredient level. Below the stats the 300-store chain released—such as that each product will now be tagged with 25 different characteristics and that this tagging took 50 people 5,000 hours to complete—is the obvious in hindsight observation that a 16-year-old girl is probably not interested in seeing the same cosmetics that would appeal to a 70-year-old woman.

The goals of hiding different things—say wrinkles versus pimples—would suggest different products, as would skin tone, hair color, eye color, lighting (office versus nightclub) and even clothing. Sephora will also enable searches by ingredients—for consumers who are allergic to specific chemicals—and fragrance. (It also enables search by price, but Sephora doesn’t get any brownie points for that.) And although it certainly helps the customers find the right product, it does even more for CRM files. Age, hair color, allergies and full cosmetics preferences? Welcome to CRM heaven, cosmetics-style.

Best Buy Planned Outages Due To Its Move To The Cloud

Frank Hayes and Evan Schuman — Thu, 12 Apr 2012 02:07:01 +0000

The abrupt departure of Best Buy CEO Brian Dunn on Tuesday (April 10), because of his "personal conduct," overshadowed something much more interesting that surfaced this week: the reason for Best Buy's recent series of planned outages—one on March 28, another on April 8—is that the now-CEO-less retailer is moving its E-Commerce operations to the cloud.

The cloud move, like last fall's quadrupling of the number of Best Buy IT project managers, is an effort to control IT costs without rolling back IT initiatives—absolutely critical in the face of Dunn's inability to stem the chain's loss of sales to Amazon. Amazon, ironically, is among those that Best Buy is writing checks to for its cloud efforts.

Apple, PayPal Enjoy Unchartered Mobile Payment Legal Issues

Mark Rasch — Thu, 12 Apr 2012 01:52:59 +0000

As Apple tries to position itself as the ultimate payment processor, the competition is heating up for which entity, and which technology, will be responsible for ensuring that retailers get paid. Although these choices may ultimately prove useful for both consumers and retailers, they present new privacy challenges to all participants.

As a result, pens Legal Columnist Mark Rasch, Apple, PayPal and a host of other payment processors may find the need to hire new teams of lawyers to help them comply with the inevitable subpoenas and discovery requests that will befall them.

Amazon Learns Why Placeholder Headlines Are Bad Ideas

Frank Hayes and Evan Schuman — Wed, 04 Apr 2012 13:13:56 +0000

Journalists know—through painful experience—that you should never type in a placeholder headline unless you’re OK with it being accidentally published. The more embarrassing the headline, the more likely it will be to publish. Unfortunately, no ever shared that lesson with Amazon. When displaying an image for a drill bit set, someone wrote in the published product shot: “Some copy that indicates these are helpful instructions.”

To see it, you need to call up the drill set and click on the image to make it larger. In case Amazon fixes it before you have a chance to look, we grabbed this screen capture. [Note: As anticipated, Amazon has now fixed this image.] Not clear if this picture was generated by the manufacturer—Irwin—or if it was done by an Amazon person, but Amazon should check the images before they’re published on its site. Then again, if Sears doesn’t bother, why should Amazon? Note: Irwin’s site has the same image on it, but it looks fine at irwin.com because the image is too low-resolution to be readable, which is what that kind of dummy copy is designed for. Amazon’s mistake was in ordering up a hi-res version of the image. P.S.: Kudos to Consumer Reports for having initially spotted this boo-boo.

Could Global Payments Breach Finally Kill KBA Questions?

Evan Schuman — Sat, 31 Mar 2012 14:16:39 +0000

When reports started surfacing Friday (March 30) that more than 10 million card numbers may have been compromised in a breach at processor Global Payments in early March, Gartner security analyst Avivah Litan published a delightful early detail: It seems that the cyberthieves gained access by taking over a New York taxi company's administrative account "by answering the application's knowledge-based authentication (KBA) questions correctly."

We've been here before. Asking "security" questions based on easily discoverable or guessable answers is no longer a good idea for general consumer access, but for administrative access? You're really protecting super-user privileges by asking for their favorite ice cream flavor?